Outlook: Import emails from PST file to mailbox in new Outlook for Windows

🚨 The Signal: New Outlook for Windows now allows importing PST files directly into mailboxes. This reintroduces a legacy data ingestion vector, increasing risk of unmanaged data and potential exfiltration, bypassing modern data governance controls.

The Impact

All users are affected by the reintroduction of PST import, increasing the risk of data sprawl, exfiltration, and non-compliance with data retention policies.

• End Users: Can import unmanaged data, increasing personal data exposure risk.
• Security Teams: New vector for data exfiltration and unmanaged data sprawl.
• Compliance Teams: Increased difficulty in enforcing data retention and discovery policies.
• Admins: Potential for increased mailbox storage and data management overhead.

The Action

1. Review and enforce existing Microsoft Purview Data Loss Prevention (DLP) policies to detect PST file handling.
2. Communicate to users the risks of importing unmanaged PST files and preferred data migration methods.
3. Monitor Exchange Online audit logs for PST import activities (if logging is available for this specific action).
4. Consider implementing Group Policy or Intune policies to restrict PST file access or usage on managed endpoints, if applicable to the new Outlook client.

Domain: Exchange · Impact: high · Workload: Exchange Online