Solved

OWA attachments download risk on office 365

Posted on 2014-02-02
9
3,337 Views
1 Endorsement
Last Modified: 2014-12-10
Having moved over to office 365, we were wondering if there is a better way to reduce the risk of users arbitrarily leaving a copy of the downloaded email attachment on uncontrolled / unsecure workstations.

Currently we have disabled the 'view atachments' functionality on OWA (http://mail.office365.com) but that's proving to be a bit of hindrance for user productivity when they are not carrying tehir laptops or are accessing from public hotspots.

Any better control or policy setting available within office 365 mail settings?
1
Comment
Question by:fahim
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +2
9 Comments
 
LVL 16

Expert Comment

by:Michael Ortega
ID: 39828063
The short answer, no.

I think you're asking if there is some way to prevent a user from downloading attachments in their email to a public or unmanaged computer. If they are restricted to using OWA on those computers and they need to be able to view and download some attachments then they will have the right to download all.

MO
0
 
LVL 42

Expert Comment

by:Vasil Michev (MVP)
ID: 39828093
You can control the list of attachments users can open in OWA, check here for example:

http://help.outlook.com/en-us/140/gg192742.aspx

This will not stop the user from forwarding the message WITH the attachment though, for example.
0
 
LVL 16

Expert Comment

by:Michael Ortega
ID: 39828113
If I understand the author correctly, what's asked is simply impossible. You can't give them access to everything in OWA and then restrict them to only certain computers. Again, this is Office365.

MO
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 

Author Comment

by:fahim
ID: 39828786
MO: the requirement is to disallow attachment download/saving for all users from all computers when they use OWA. They can work normally using Outlook Client while connecting to office 365 over RPC/HTTP.

Vasilcho: We are fine with not stopping user forwarding the message, but the current need is to allow user to view attachment while using OWA but not be able to save the attachment on local disk. This is to avoid user leaving attachments on computers which are not within enterprise jurisdiction.
0
 
LVL 42

Expert Comment

by:Vasil Michev (MVP)
ID: 39828827
No option for that afaik, all available options control both viewing AND saving attachments. There is an option to actually force the user to save a file before viewing it, but nothing to prevent saving only.

You can take a look of all the available options here:

http://technet.microsoft.com/en-us/library/dd297989(v=exchg.150).aspx

Some of them will be appropriate, for example disable offline access, etc.
0
 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 500 total points
ID: 39834688
You most definitely CAN control this.

In the Exchange Admin Center > Permissions > Outlook Web App Policies.

Disable the "Direct File Access" and users will only be able to open attachments in Web Apps.

OWA Policy
Jeff
0
 
LVL 16

Expert Comment

by:Michael Ortega
ID: 39835547
Thanks, Jeff. That's new to 2013?

MO
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 39836438
No, I think its just easier to configure in 2013.

http://technet.microsoft.com/en-us/library/bb430754.aspx

Jeff
0
 

Expert Comment

by:LSISO
ID: 40491889
Hi, Have they removed this function within OWA for Office 365? My sys admin says it cant be done
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are times when we need to generate a report on the inbox rules, where users have set up forwarding externally in their mailbox. In this article, I will be sharing a script I wrote to generate the report in CSV format.
This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Suggested Courses

626 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question