Jon DeVito
asked on
Outlook 2003 Cached Mode - Password on Open
Hello. I have a remote Outlook 2003 laptop running in Cached Exchange Mode connecting to an Exchange 2003 Enterprise Server through a VPN tunnel. I need Outlook to prompt for login credentials when it opens, not while checking for new messages. This person has very sensitive e-mail in his folders which anyone will have access to if they cancel the login screen that pops up by checking the box to always prompt for user name & password. Is there any way to password protect these offline files?? Any help would be appreciated. Thanks in advance.
Jon
Jon
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
PS - I am using a Dell Latitude D820 with a Biometric Fingerprint Reader using Wave Embassy Security Center. If I can use my fingerprint to login to my Cached Exchange I will double the points.
If a casual observer gets access to the machine, then you have the same problem.
If the machine contains data that is that sensitive then the user needs to be trained to lock the machine when they walk away or take the machine with them. You can change the screensaver timeout to one minute so that it locks very quickly if the machine is abandoned.
Outlook has been designed that the machine provides the protection, not the application.
Simon.
If the machine contains data that is that sensitive then the user needs to be trained to lock the machine when they walk away or take the machine with them. You can change the screensaver timeout to one minute so that it locks very quickly if the machine is abandoned.
Outlook has been designed that the machine provides the protection, not the application.
Simon.
ASKER
Understood & agreed but that is not always practical & I can't take the chance with that. I would expect that by now with the Bio reader you could get a piece of software that will allow certain exe's to run only if the Bio reader is used. I don't see the option for that with the software that came with this laptop but I would be willing to try another software if it worked that way.
Thanks.
Jon
Thanks.
Jon
You may want to put a pointer in the Outlook topic area then, because as far as I am aware it cannot be done.
A bio scanner is just another mechanism for entering a password. It requires application support that protects the file to send a request for authentication which the bio scanner can then fulfil.
Simon.
A bio scanner is just another mechanism for entering a password. It requires application support that protects the file to send a request for authentication which the bio scanner can then fulfil.
Simon.
ASKER
Thanks a lot for the help Simon. I will try the Outlook area but I'm not quite sure how to put a pointer though. Do I have to open a new thread in the Outlook topic area just with a link to this thread or is there a better way to do it?
Thanks again.
Jon
Thanks again.
Jon
Pointers are just new questions with minimum value points (20) and a link to the original question.
Simon.
Simon.
ASKER
Thanks a lot Simon. I just created the pointer in the Outlook area. Thanks again.
Jon
Jon
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks Vahik, I'm looking at all of the PGP products & although they will encrypt the disk it doesn't look like they will secure my Outlook in Cached Exchange Mode. I have never used any software like this so I don't know if I'm looking at this wrong but I need to be able to walk away from a logged in laptop & have Outlook prompt me for a password when run preferably using my built in fingerprint reader. Can the PGP software do that?
Thanks.
Jon
Thanks.
Jon
PGP can encrypt ur outlook folder where outlook PST OST resides....once it is encrypted it servers two purpose...
1- to access outlook you must provide password(actually it is a passphrase)....
2- if laptop is stollen noone can access those encrypted files and folders(even if they access the drive by removing it adding it as a second drive on another machine) unless they come up with passphrase....not possible according to PGP....
but once passphrase is provided it will not be required unless a reboot or unless user is logged off....
i am not sure about biometrics but i know PGP works with smart cards and tokens...
1- to access outlook you must provide password(actually it is a passphrase)....
2- if laptop is stollen noone can access those encrypted files and folders(even if they access the drive by removing it adding it as a second drive on another machine) unless they come up with passphrase....not possible according to PGP....
but once passphrase is provided it will not be required unless a reboot or unless user is logged off....
i am not sure about biometrics but i know PGP works with smart cards and tokens...
ASKER
Thanks for the info, still not quite what I'm looking for though because the user would have to log off or lock the computer every time he walked away. I need the protection to be on Outlook or the offline data file so that it prompts for a password every single time the program is launched. Thanks again for the info on the program though.
Jon
Jon
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
G'day
I had another brainwave :) This might not work but I'll share it with you anyway. Seeing as it's a laptop is it only one user who uses it? If so how about
Make a new user on the laptop
Change the NTFS permission on the Outlook Executable to only allow 'the new user access'
You then create a batch file using the runas command and run the Outlook.exe executable.
In this mini-batch file you specify the Username but don't include the password, So the user gets a command window asking for a password
This is a bit of an ugly way to do it but it might work? Not sure how outlook will handle opening as the new user, ie will it open the correct profile etc but why not give it a go. It might just work :-)
Rob
I had another brainwave :) This might not work but I'll share it with you anyway. Seeing as it's a laptop is it only one user who uses it? If so how about
Make a new user on the laptop
Change the NTFS permission on the Outlook Executable to only allow 'the new user access'
You then create a batch file using the runas command and run the Outlook.exe executable.
In this mini-batch file you specify the Username but don't include the password, So the user gets a command window asking for a password
This is a bit of an ugly way to do it but it might work? Not sure how outlook will handle opening as the new user, ie will it open the correct profile etc but why not give it a go. It might just work :-)
Rob
ASKER
Hi Rob, sorry I was away for a few days on business but I am definitely going to try that last one. Great idea if it works. Even if it's ugly, I just need it to work. I'll let you know the minute I can get back to that laptop. Most likely flying back in tomorrow. Thanks again for the idea.
Jon
Jon
ASKER
Hi Rob. I keep getting Directory name is invalid pointing to my Outlook.exe when using the RunAs. Any idea why?
Thanks again for the help.
Jon
Thanks again for the help.
Jon
ASKER
No objections from me. I wish I could have found a solution but thanks for trying everyone.
Jon
Jon
ASKER