Outlook: Online archive for shared mailboxes in the new Outlook for Windows

🚨 The Signal: Online archives for shared mailboxes are now directly visible in the new Outlook for Windows. This change improves accessibility to historical data but increases the attack surface if shared mailbox access is not tightly controlled.

The Impact

Users with shared mailbox access are affected, increasing the risk of unauthorised data access if permissions are not properly managed.

• End users: Easier access to archives, but increased risk of accidental data exposure.
• Admins: Must review and tighten shared mailbox permissions to mitigate data exfiltration risk.
• Security Team: Increased attack surface for shared mailbox data, requiring enhanced monitoring.

The Action

1. Review all shared mailbox permissions: Microsoft 365 admin center > Teams & groups > Shared mailboxes > Select mailbox > Delegation.
2. Implement principle of least privilege for shared mailbox access: Grant only necessary permissions.
3. Audit shared mailbox access regularly: Use Purview audit logs for 'Mailbox access by non-owners' events.
4. Configure Conditional Access policies for shared mailbox access: Entra admin center > Protection > Conditional Access > Policies.
5. Educate users on data handling best practices for shared mailboxes.

Domain: Exchange · Impact: medium · Workload: Exchange Online