I am looking for a perspective on the viability of Office 365’s mail encryption. There’s a department that is sending some sensitive information over email and my boss has tasked me with figuring out a solution. I did some research and found the viable solution which happens to be the industry standard. However, he is unconvinced that they will change their process when presented with the security risks and the amount of work it will take to implement the industry standard approach. As a “fall back plan” he wants to suggest using encrypted email IE.[https://support.microsoft.com/en-us/office/encrypt-email-messages-373339cb-bf1a-4509-b296-802a39d801dc](https://support.microsoft.com/en-us/office/encrypt-email-messages-373339cb-bf1a-4509-b296-802a39d801dc)
To me this sounds like a terrible idea, however its better than nothing? I guess? From a cybersecurity perspective or a PCI compliance perspective how viable is this?
Thanks in advance