The article referenced below has me thinking REAL hard about the standard Outlook client's local cache .ost file not being encrypted. I think this is an issue whether your Exchange server is hosted on-premise or outsourced to external hosting service. Seems that Microsoft's solution is bitlocker, which requires Win 7 Enterprise or Win 10 Professional and a lot new I.T. management effort. I'm not sure the alternative option of getting users to individually mark the hidden .ost file as encrypted (Microsoft's Encrypted File System property) is an enterprise manageable remedy either.
I have not figured out what to do, but don't want my company to be the next one having to make a pubic breach announcement because a few emails in local Outlook cache file on stolen laptop contained a few patient's protected health information.
Any thoughts/advice welcomed.
This has me personally giving more consideration to an exclusively web based email solution like google. (but leaving beloved Outlook would be tough for avg user).