Unless you are in some defence or Government business I would buy an anti-virus package (like Bitdefender) and add the encryption module. Very cost effective! You could also add a patch module and even a complete EDR solution - (endpoint detection and remediation package).
As you are only 20 staff, I would also suggest that you buy Bitdefender as a managed service from a Managed security service provider (MSSP). That way you pay monthly and can flex your workforce up and down without having to commit to 12-month contracts and end up paying for redundant licences due to staff who have left the company. The MSSP would monitor & manage the reports too, so you would only need to take action if something new and sophisticated got through your defences.
@PatrickWheaton is correct, encryption is one layer of many you should be considering. And encryption needs to be considered when data just sits on a disk somewhere and what happens to data when it is being sent.
Barracuda is OK however, I think alternatives are less expensive, easier to manage and potentially offer better protection (just my opinion - let's not get into an argument).
In many years of working in secure environments, I have found a combination of MS BitLocker on the local machines O365 E3-E5 and adding on Barracuda Essentials https://www.barracuda.com/prod... works great.
Encryption is only a very small part of protecting against cyber threats. Encryption in transit and Encryption at rest are important. But, most email threats and vulnerabilities are in the payload itself.
Barracuda allows you to control what your users can send and receive via emails, has a plethora of other features and is affordable for small businesses.
Office 365 Message Encryption is offered as part of Office 365 Enterprise E3 and E5, Microsoft Enterprise E3 and E5, Microsoft 365 Business Premium, Office 365 A1, A3, and A5, and Office 365 Government G3 and G5. You don't need additional licenses to receive the new protection capabilities powered by Azure Information Protection.
I'm using the RMail services for years in Office 365, which provides the free plan and starts from $7 only. [https://rmail.com/product/rmai...
If you use a Mac and are using Office 365 Outlook Online, Outlook On the Web, Outlook.com, Hotmail.com and even if you are using a desktop version of the Outlook app you can log in to the Outlook online version (your Outlook desktop email content is often automatically synced to show the same email on your desktop and in the Outlook Online interface).
RMail specializes in easy-to-use email encryption for privacy and compliance, e-signatures, legal e-delivery proof, secure file sharing, email impostor protection, document rights management, and AI-infused services to prevent data leaks and human e-security errors.
Find out what your peers are saying about Microsoft, Check Point Software Technologies, Proofpoint and others in Email Security. Updated: January 2026.
Endpoint Encryption is a vital security measure that ensures data remains protected on endpoint devices by encrypting files and drives, safeguarding sensitive information from unauthorized access and breaches.Endpoint Encryption involves the use of algorithms to secure data on devices such as laptops and smartphones, preventing access from unauthorized users. It is crucial for organizations to protect their data integrity and confidentiality, safeguarding information whether the device is...
Unless you are in some defence or Government business I would buy an anti-virus package (like Bitdefender) and add the encryption module. Very cost effective! You could also add a patch module and even a complete EDR solution - (endpoint detection and remediation package).
As you are only 20 staff, I would also suggest that you buy Bitdefender as a managed service from a Managed security service provider (MSSP). That way you pay monthly and can flex your workforce up and down without having to commit to 12-month contracts and end up paying for redundant licences due to staff who have left the company. The MSSP would monitor & manage the reports too, so you would only need to take action if something new and sophisticated got through your defences.
@PatrickWheaton is correct, encryption is one layer of many you should be considering. And encryption needs to be considered when data just sits on a disk somewhere and what happens to data when it is being sent.
Barracuda is OK however, I think alternatives are less expensive, easier to manage and potentially offer better protection (just my opinion - let's not get into an argument).
Cheers,
Simon
In many years of working in secure environments, I have found a combination of MS BitLocker on the local machines O365 E3-E5 and adding on Barracuda Essentials https://www.barracuda.com/prod... works great.
Encryption is only a very small part of protecting against cyber threats. Encryption in transit and Encryption at rest are important. But, most email threats and vulnerabilities are in the payload itself.
Barracuda allows you to control what your users can send and receive via emails, has a plethora of other features and is affordable for small businesses.
For third-party Email Encryption we work with ZIX.
The first question is what version of Office 365? It may already be included...
Office Message Encryption or OME: https://docs.microsoft.com/en-...
I'm using the RMail services for years in Office 365, which provides the free plan and starts from $7 only. [https://rmail.com/product/rmai...
If you use a Mac and are using Office 365 Outlook Online, Outlook On the Web, Outlook.com, Hotmail.com and even if you are using a desktop version of the Outlook app you can log in to the Outlook online version (your Outlook desktop email content is often automatically synced to show the same email on your desktop and in the Outlook Online interface).
RMail specializes in easy-to-use email encryption for privacy and compliance, e-signatures, legal e-delivery proof, secure file sharing, email impostor protection, document rights management, and AI-infused services to prevent data leaks and human e-security errors.