Solved

OWA attachments download risk on office 365

Posted on 2014-02-02
9
3,115 Views
1 Endorsement
Last Modified: 2014-12-10
Having moved over to office 365, we were wondering if there is a better way to reduce the risk of users arbitrarily leaving a copy of the downloaded email attachment on uncontrolled / unsecure workstations.

Currently we have disabled the 'view atachments' functionality on OWA (http://mail.office365.com) but that's proving to be a bit of hindrance for user productivity when they are not carrying tehir laptops or are accessing from public hotspots.

Any better control or policy setting available within office 365 mail settings?
1
Comment
Question by:fahim
  • 3
  • 2
  • 2
  • +2
9 Comments
 
LVL 16
ID: 39828063
The short answer, no.

I think you're asking if there is some way to prevent a user from downloading attachments in their email to a public or unmanaged computer. If they are restricted to using OWA on those computers and they need to be able to view and download some attachments then they will have the right to download all.

MO
0
 
LVL 38

Expert Comment

by:Vasil Michev (MVP)
ID: 39828093
You can control the list of attachments users can open in OWA, check here for example:

http://help.outlook.com/en-us/140/gg192742.aspx

This will not stop the user from forwarding the message WITH the attachment though, for example.
0
 
LVL 16
ID: 39828113
If I understand the author correctly, what's asked is simply impossible. You can't give them access to everything in OWA and then restrict them to only certain computers. Again, this is Office365.

MO
0
 

Author Comment

by:fahim
ID: 39828786
MO: the requirement is to disallow attachment download/saving for all users from all computers when they use OWA. They can work normally using Outlook Client while connecting to office 365 over RPC/HTTP.

Vasilcho: We are fine with not stopping user forwarding the message, but the current need is to allow user to view attachment while using OWA but not be able to save the attachment on local disk. This is to avoid user leaving attachments on computers which are not within enterprise jurisdiction.
0
Want to promote your upcoming event?

Attending an event? Speaking at a conference? Or exhibiting at a tradeshow? Easily inform your contacts by using a promotional banner in your email signature. This will ensure your organization’s most important contacts are in the know.

 
LVL 38

Expert Comment

by:Vasil Michev (MVP)
ID: 39828827
No option for that afaik, all available options control both viewing AND saving attachments. There is an option to actually force the user to save a file before viewing it, but nothing to prevent saving only.

You can take a look of all the available options here:

http://technet.microsoft.com/en-us/library/dd297989(v=exchg.150).aspx

Some of them will be appropriate, for example disable offline access, etc.
0
 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 500 total points
ID: 39834688
You most definitely CAN control this.

In the Exchange Admin Center > Permissions > Outlook Web App Policies.

Disable the "Direct File Access" and users will only be able to open attachments in Web Apps.

OWA Policy
Jeff
0
 
LVL 16
ID: 39835547
Thanks, Jeff. That's new to 2013?

MO
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 39836438
No, I think its just easier to configure in 2013.

http://technet.microsoft.com/en-us/library/bb430754.aspx

Jeff
0
 

Expert Comment

by:LSISO
ID: 40491889
Hi, Have they removed this function within OWA for Office 365? My sys admin says it cant be done
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
This is Part 3 in a 3-part series on Experts Exchange to discuss error handling in VBA code written for Excel. Part 1 of this series discussed basic error handling code using VBA. http://www.experts-exchange.com/videos/1478/Excel-Error-Handlin…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now