Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 3542
  • Last Modified:

OWA attachments download risk on office 365

Having moved over to office 365, we were wondering if there is a better way to reduce the risk of users arbitrarily leaving a copy of the downloaded email attachment on uncontrolled / unsecure workstations.

Currently we have disabled the 'view atachments' functionality on OWA (http://mail.office365.com) but that's proving to be a bit of hindrance for user productivity when they are not carrying tehir laptops or are accessing from public hotspots.

Any better control or policy setting available within office 365 mail settings?
1
fahim
Asked:
fahim
  • 3
  • 2
  • 2
  • +2
1 Solution
 
Michael OrtegaSales & Systems EngineerCommented:
The short answer, no.

I think you're asking if there is some way to prevent a user from downloading attachments in their email to a public or unmanaged computer. If they are restricted to using OWA on those computers and they need to be able to view and download some attachments then they will have the right to download all.

MO
0
 
Vasil Michev (MVP)Commented:
You can control the list of attachments users can open in OWA, check here for example:

http://help.outlook.com/en-us/140/gg192742.aspx

This will not stop the user from forwarding the message WITH the attachment though, for example.
0
 
Michael OrtegaSales & Systems EngineerCommented:
If I understand the author correctly, what's asked is simply impossible. You can't give them access to everything in OWA and then restrict them to only certain computers. Again, this is Office365.

MO
0
Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

 
fahimAuthor Commented:
MO: the requirement is to disallow attachment download/saving for all users from all computers when they use OWA. They can work normally using Outlook Client while connecting to office 365 over RPC/HTTP.

Vasilcho: We are fine with not stopping user forwarding the message, but the current need is to allow user to view attachment while using OWA but not be able to save the attachment on local disk. This is to avoid user leaving attachments on computers which are not within enterprise jurisdiction.
0
 
Vasil Michev (MVP)Commented:
No option for that afaik, all available options control both viewing AND saving attachments. There is an option to actually force the user to save a file before viewing it, but nothing to prevent saving only.

You can take a look of all the available options here:

http://technet.microsoft.com/en-us/library/dd297989(v=exchg.150).aspx

Some of them will be appropriate, for example disable offline access, etc.
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
You most definitely CAN control this.

In the Exchange Admin Center > Permissions > Outlook Web App Policies.

Disable the "Direct File Access" and users will only be able to open attachments in Web Apps.

OWA Policy
Jeff
0
 
Michael OrtegaSales & Systems EngineerCommented:
Thanks, Jeff. That's new to 2013?

MO
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
No, I think its just easier to configure in 2013.

http://technet.microsoft.com/en-us/library/bb430754.aspx

Jeff
0
 
LSISOCommented:
Hi, Have they removed this function within OWA for Office 365? My sys admin says it cant be done
0

Featured Post

The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

  • 3
  • 2
  • 2
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now