(Updated) Microsoft Outlook for Windows: Add attachments while offline

🚨 The Signal: Outlook for Windows now allows attaching files while offline. This increases the risk of sensitive data exfiltration if devices are compromised or lost, as data can be staged for upload outside of real-time network security controls.

The Impact

Users working offline are affected, increasing the risk of unmonitored data staging and potential exfiltration.

• End-users: Can attach files offline, increasing risk of unmonitored data staging.
• Security Teams: Reduced real-time visibility into attachments created offline.
• Admins: Need to review and potentially update offline data policies for endpoints.
• Organisations: Increased risk of data exfiltration from compromised or lost devices.

The Action

1. Review existing OWAMailboxPolicy-OfflineEnabledWin configurations for all users.
2. Assess the security posture of endpoints with offline capabilities, focusing on data-at-rest encryption and DLP.
3. Consider implementing or strengthening endpoint DLP policies to monitor and restrict offline data staging.
4. Educate users on the risks of handling sensitive data while offline and the importance of device security.
5. Regularly audit devices for offline data storage and ensure compliance with organisational data handling policies.

Domain: Exchange · Impact: high · Workload: Exchange Online