Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

OWA attachments download risk on office 365

Posted on 2014-02-02
9
Medium Priority
?
3,420 Views
1 Endorsement
Last Modified: 2014-12-10
Having moved over to office 365, we were wondering if there is a better way to reduce the risk of users arbitrarily leaving a copy of the downloaded email attachment on uncontrolled / unsecure workstations.

Currently we have disabled the 'view atachments' functionality on OWA (http://mail.office365.com) but that's proving to be a bit of hindrance for user productivity when they are not carrying tehir laptops or are accessing from public hotspots.

Any better control or policy setting available within office 365 mail settings?
1
Comment
Question by:fahim
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +2
9 Comments
 
LVL 16

Expert Comment

by:Michael Ortega
ID: 39828063
The short answer, no.

I think you're asking if there is some way to prevent a user from downloading attachments in their email to a public or unmanaged computer. If they are restricted to using OWA on those computers and they need to be able to view and download some attachments then they will have the right to download all.

MO
0
 
LVL 43

Expert Comment

by:Vasil Michev (MVP)
ID: 39828093
You can control the list of attachments users can open in OWA, check here for example:

http://help.outlook.com/en-us/140/gg192742.aspx

This will not stop the user from forwarding the message WITH the attachment though, for example.
0
 
LVL 16

Expert Comment

by:Michael Ortega
ID: 39828113
If I understand the author correctly, what's asked is simply impossible. You can't give them access to everything in OWA and then restrict them to only certain computers. Again, this is Office365.

MO
0
Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

 

Author Comment

by:fahim
ID: 39828786
MO: the requirement is to disallow attachment download/saving for all users from all computers when they use OWA. They can work normally using Outlook Client while connecting to office 365 over RPC/HTTP.

Vasilcho: We are fine with not stopping user forwarding the message, but the current need is to allow user to view attachment while using OWA but not be able to save the attachment on local disk. This is to avoid user leaving attachments on computers which are not within enterprise jurisdiction.
0
 
LVL 43

Expert Comment

by:Vasil Michev (MVP)
ID: 39828827
No option for that afaik, all available options control both viewing AND saving attachments. There is an option to actually force the user to save a file before viewing it, but nothing to prevent saving only.

You can take a look of all the available options here:

http://technet.microsoft.com/en-us/library/dd297989(v=exchg.150).aspx

Some of them will be appropriate, for example disable offline access, etc.
0
 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 2000 total points
ID: 39834688
You most definitely CAN control this.

In the Exchange Admin Center > Permissions > Outlook Web App Policies.

Disable the "Direct File Access" and users will only be able to open attachments in Web Apps.

OWA Policy
Jeff
0
 
LVL 16

Expert Comment

by:Michael Ortega
ID: 39835547
Thanks, Jeff. That's new to 2013?

MO
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 39836438
No, I think its just easier to configure in 2013.

http://technet.microsoft.com/en-us/library/bb430754.aspx

Jeff
0
 

Expert Comment

by:LSISO
ID: 40491889
Hi, Have they removed this function within OWA for Office 365? My sys admin says it cant be done
0

Featured Post

Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
The core idea of this article is to make you acquainted with the best way in which you can export Exchange mailbox to PST format.
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question