Solved

OWA attachments download risk on office 365

Posted on 2014-02-02
9
3,145 Views
1 Endorsement
Last Modified: 2014-12-10
Having moved over to office 365, we were wondering if there is a better way to reduce the risk of users arbitrarily leaving a copy of the downloaded email attachment on uncontrolled / unsecure workstations.

Currently we have disabled the 'view atachments' functionality on OWA (http://mail.office365.com) but that's proving to be a bit of hindrance for user productivity when they are not carrying tehir laptops or are accessing from public hotspots.

Any better control or policy setting available within office 365 mail settings?
1
Comment
Question by:fahim
  • 3
  • 2
  • 2
  • +2
9 Comments
 
LVL 16
ID: 39828063
The short answer, no.

I think you're asking if there is some way to prevent a user from downloading attachments in their email to a public or unmanaged computer. If they are restricted to using OWA on those computers and they need to be able to view and download some attachments then they will have the right to download all.

MO
0
 
LVL 39

Expert Comment

by:Vasil Michev (MVP)
ID: 39828093
You can control the list of attachments users can open in OWA, check here for example:

http://help.outlook.com/en-us/140/gg192742.aspx

This will not stop the user from forwarding the message WITH the attachment though, for example.
0
 
LVL 16
ID: 39828113
If I understand the author correctly, what's asked is simply impossible. You can't give them access to everything in OWA and then restrict them to only certain computers. Again, this is Office365.

MO
0
 

Author Comment

by:fahim
ID: 39828786
MO: the requirement is to disallow attachment download/saving for all users from all computers when they use OWA. They can work normally using Outlook Client while connecting to office 365 over RPC/HTTP.

Vasilcho: We are fine with not stopping user forwarding the message, but the current need is to allow user to view attachment while using OWA but not be able to save the attachment on local disk. This is to avoid user leaving attachments on computers which are not within enterprise jurisdiction.
0
Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

 
LVL 39

Expert Comment

by:Vasil Michev (MVP)
ID: 39828827
No option for that afaik, all available options control both viewing AND saving attachments. There is an option to actually force the user to save a file before viewing it, but nothing to prevent saving only.

You can take a look of all the available options here:

http://technet.microsoft.com/en-us/library/dd297989(v=exchg.150).aspx

Some of them will be appropriate, for example disable offline access, etc.
0
 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 500 total points
ID: 39834688
You most definitely CAN control this.

In the Exchange Admin Center > Permissions > Outlook Web App Policies.

Disable the "Direct File Access" and users will only be able to open attachments in Web Apps.

OWA Policy
Jeff
0
 
LVL 16
ID: 39835547
Thanks, Jeff. That's new to 2013?

MO
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 39836438
No, I think its just easier to configure in 2013.

http://technet.microsoft.com/en-us/library/bb430754.aspx

Jeff
0
 

Expert Comment

by:LSISO
ID: 40491889
Hi, Have they removed this function within OWA for Office 365? My sys admin says it cant be done
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
This video discusses moving either the default database or any database to a new volume.
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now