Outlook: Offline Support for Calendar - Create, Edit and Delete Event support for GCC-M

🚨 The Signal: New Outlook for Windows now supports offline creation, editing, and deletion of calendar events for GCC-M users. This expands offline data access, potentially increasing the attack surface for sensitive calendar information if devices are compromised.

The Impact

GCC-M users are affected; the security risk is increased exposure of calendar data on potentially insecure endpoints.

• End users: Calendar data is now stored offline, increasing risk if devices are lost.
• Security teams: Need to ensure endpoint security controls protect offline calendar data.
• Admins: Must verify device encryption and access controls for offline data.
• Compliance officers: Review policies for handling sensitive information stored offline.

The Action

1. Review and enforce Microsoft Intune device compliance policies for encryption and access controls on Windows devices.
2. Ensure BitLocker or equivalent full disk encryption is mandated for all devices accessing GCC-M data.
3. Verify Conditional Access policies require compliant devices for accessing M365 applications, including Outlook.
4. Communicate to users the importance of device security and reporting lost or stolen devices promptly.
5. Assess data classification for calendar events to determine sensitivity of offline data.

Domain: M365-Apps · Impact: medium · Workload: M365 Apps