I'm working in a solution to enable end-to-end encryption of all email messages between a set of internal users.
There are 200 internal users, but only 10 users (VIP Users), need to encrypt all emails that any of that "VIP" group sent to another member. Encryption must be End-To-End. I mean, the messages must to be encrypted even from the Outook email client.
All messages that are sent form any member of this group to an internal user that is not member of the "VIP" group must be encrypted only if the VIP user writes a keyword on the subject of the email.
All VIP users have mobile devices (Android and iOS). Capacity to read encrypted messages on the mobile devices is important but is not a hard restriction.
All keys for internal users are KMS.
Can you guide me to create a rule for that users?
Thanks
Goltrek