Using Virtru at U-M

Virtru at U-M provides a layer of additional security for faculty, staff, and students who use U-M Gmail. Use it to encrypt your confidential email, see if the recipient has opened the email, prevent a forwarded email from being read, and more. This document provides instructions for using Virtru. To use Virtru with your U-M Google Mail, you must first Install, Activate, and Reactivate Virtru at U-M.


For additional how-to documentation, see the Virtru Support Center for Users.

Michigan Medicine Outlook/Exchange users can encrypt email attachments by including [SECURE] in the subject line of their message. See Outlook at Michigan Medicine (U-M login required) for details about sending and opening encrypted Michigan Medicine email attachments.

Only Send Approved Data Types

Virtru provides end-to-end encryption for individual U-M Gmail messages. While this provides additional security, some types of sensitive regulated data may not be sent through email, encrypted or not. For details about which data types are permitted, see Sensitive Data Guide: Virtru at U-M.

Send and Forward Encrypted Email

With the Chrome extension installed, you will see a toggle switch in the upper right corner of each email message you compose. Use it turn encryption on or off. The Settings icon (a gear) to the left of it gives you access to additional options you can use.

For complete instructions for sending encrypted email, see:

Tips for Composing Your Encrypted Email

  • Do not put sensitive information in the subject line. The subject line is not encrypted.
  • For recipients who do not have the Virtru Chrome extension installed, you can include an unencrypted introduction to your email where you can explain to the recipient that the main part of your message is encrypted. Click the Personal Introduction link below the Subject line on the right-hand side of the message. This introduction does not appear for recipients who have the Virtru Chrome extension.

Prevent Forwarded Email from Being Read

You can set individual encrypted emails so that the content cannot be forwarded. While a message recipient can still forward the email to someone else, additional recipients will not be able to decrypt and read the message content.

Revoke the Ability to Read a Sent Email

You can essentially lock an encrypted email you sent so that the recipient can no longer open it. If you sent the email to multiple people, you can revoke access for specific individuals only.

Set an Email Expiry Date

You can set an encrypted email to expire on a particular date. The recipient will see a note at the top of the message letting them know when it will expire. Once a message has expired, the recipient will no longer be able to view the message content. They will see a note saying that their access to it has expired.

Protect an Attached File

Use the Persistent File Protection (PFP) feature in Virtru feature to select, protect and share a file with authorized recipients wherever the file goes.

Instructions for Recipients of Encrypted Email

Recipients of email sent using Virtru at U-M for encryption must decrypt the email before they can read the contents or open any attachments.

If the message recipient uses Google Mail at U-M and has the Virtru extension for Chrome installed, the encrypted message will decrypt automatically when they open it. Others will need to verify their identity to unlock the message.

Last Updated: 
Thursday, October 1, 2020