Outlook: add attachments while offline in the new Outlook for Windows

🚨 The Signal: New Outlook for Windows now allows adding attachments while offline. This increases the risk of sensitive data being attached to emails and stored locally without immediate security policy enforcement or audit, potentially bypassing data loss prevention (DLP) controls.

The Impact

End-users are affected by increased offline functionality, creating a security risk of unmonitored data handling.

• End-users: Can attach sensitive data offline, bypassing immediate DLP scans.
• Security Teams: Delayed visibility into sensitive attachments created offline.
• Compliance Teams: Increased risk of non-compliance due to temporary policy bypass.
• IT Admins: Need to ensure offline data is eventually processed by security controls.

The Action

1. Review and update existing Microsoft Purview DLP policies to account for delayed enforcement on offline content.
2. Communicate to end-users about the implications of attaching sensitive data while offline and the eventual application of DLP policies.
3. Monitor Purview DLP reports for 'offline' or 'delayed' policy matches to identify potential gaps.
4. Consider implementing Microsoft Intune App Protection Policies (APP) for Outlook to encrypt and manage data at rest on devices, including offline content.

Domain: M365-Apps · Impact: medium · Workload: M365 Apps