Customers who completely prohibit access to webmail may have a few security concerns. In a Modern Workplace scenario, all users must be able to access their email at any time and from any location. One of the major improvements we have seen from Outlook web access and now Outlook on the web which gives all the rich client end user experiences we see on the Outlook client. However, attachments can pose a significant security concern if Outlook on the web is permitted to be accessed from non-managed machines without any security implementation or if no data loss prevention mechanism in place.
There are two options to handle this scenario at this moment and we will go through them on this blog.
Use Organizational Config ,Mailbox Policy & ADFS claim rules Method :
We can use mailbox policy settings to define whether users can open, view, send, or receive attachments when they are signed into Outlook on the web, including whether the user is on a computer that is part of a private or public network.
We have the PublicComputersDetectionEnabled organization value which can help us to prevent downloading the attachments from the non managed computers. The PublicComputersDetectionEnabled parameter determines whether Outlook on the web detects whether a user logs in from a public or private computer or network, and subsequently applies the public network’s attachment handling settings. $false is the default value. If you set this option to $true, however, Outlook on the web will detect if the user is logging in from a public computer, all attachment handling rules will be applied and enforced.
We can check that by running the below command.
Now we run the below command and enable the PublicComputersDetectionEnabled value to TrueContinue reading