Outlook: Choose how many days of emails sync to your device for offline usage

🚨 The Signal: Outlook now allows users to choose how many days of emails sync for offline access. This increases the risk of sensitive data exfiltration if devices are compromised or lost, as more data may be stored locally.

The Impact

End-users and security teams are affected by increased local data storage, raising data exfiltration and compliance risks.

• End-users: More sensitive data stored locally, increasing risk if device is lost.
• Security Teams: Increased attack surface for data exfiltration from compromised devices.
• Compliance Teams: Greater challenge in meeting data at rest and data residency requirements.
• Incident Response: Larger data footprint to manage during device compromise or loss.

The Action

1. Review and update existing device data protection policies for Outlook clients.
2. Communicate to end-users about the risks of storing excessive offline data.
3. Ensure Microsoft Intune App Protection Policies (APP) are configured for Outlook to encrypt and wipe corporate data.
4. Verify Conditional Access policies enforce device compliance for Outlook access.
5. Implement or reinforce data loss prevention (DLP) policies for endpoint devices.

Domain: M365-Apps · Impact: high · Workload: M365 Apps