Data Loss Protection and OWA

When you think of information security for your organization, the term that perhaps comes to mind is Data Loss Prevention, and more specifically, how you can implement policy to protect your corporate information from unauthorized access. If you are in IT, then DLP likely brings a sense of anxiety along with it as the problem with implementing and managing a DLP strategy is that there are many possible ways in which data loss can occur. It often takes a combined effort of personnel, corporate processes, and technology to lock down and secure your sensitive corporate data. This means a lot of coordination between different systems and data sources to ensure that your plan is effective.

Whether your motivation for implementing Data Loss Prevention strategies is to protect your organization’s intellectual property, or to remain compliant with regulations in your industry, your Microsoft Exchange and Outlook Web App (OWA) deployment should be considered as one data source requiring careful scrutiny for DLP possibilities. Email attachments are especially vulnerable as they often contain sensitive information like confidential corporate, customer, and personal data. When planning your Exchange deployment, you need to take into consideration your increasingly mobile work force and their requirements for remote access to information, yet balance that access with strategies and policies that are compliant with your corporate security needs.

The Problem with OWA Email Attachment Security

Employees with good intentions accidentally and unknowingly create critical security exposures while accessing their email attachments.

When your users access OWA from anywhere in the world, there is a good chance that they are leaving behind cached or saved copies of email attachments on untrusted computers, without realizing that they are doing so. Even those employees with good work intentions may be creating security risks accidentally and unknowingly through the normal use and access of their email via web browsers and Outlook Web App.

When you open an attachment in OWA, a copy is saved in the local browser cache. The problem is that most users are unaware that opening an attachment from their email is a risk to corporate security and confidentiality. Regardless of whether users are on a trusted corporate machine or an untrusted computer, they will “open” attachments with OWA in much the same way they “open” them in Outlook. What your users don’t know is that the rules have changed with OWA and web browsers, which cache and store the documents that others can later access. Recognizing this security risk, Messageware offers security software (Messageware AttachView) that prevents email attachments from being left behind for unauthorized individuals to access.

Delivering OWA Email Attachment Security

When considering a DLP strategy for your OWA deployment, your primary security objective should be to limit or prevent your confidential data from being taken out of your system and exposed to unauthorized computers or individuals. This means that your strategy should ensure that your OWA users cannot accidentally, or intentionally, circumvent the system.

Mitigate the risk of exposing confidential corporate data while providing users with a rich email experience with AttachView.

With Messageware AttachView technology, administrators are able to control attachment access by setting rules based on specific criteria for each user, meaning that you no longer have to rely on user judgment and hope they make the right decisions. AttachView will help to bridge the gap between increasing user productivity and ensuring that your security policies are enforced.

In addition to flexible security configuration options, Messageware AttachView prevents unauthorized access to sensitive company information by converting attached documents into secure HTML pages for viewing. In simple terms, AttachView extends Microsoft WebReady Document Viewing from only 4 file types to provide support for securely viewing over 400 files types. However, AttachView delivers many more necessary policies and control for OWA. This means that your users will have the necessary remote access to information when they need it, while still ensuring that they do not compromise your corporate security policies.

7 of over 400 Reasons why Messageware AttachView should be considered for your OWA Email Attachment Security Strategy:

Messageware AttachView: the DLP email attachment solution trusted by organizations worldwide to secure OWA.
  • Policy-based Security & Configuration Flexibility – Messageware AttachView provides Exchange Administrators with flexible control for email attachment settings and access (including view, open, save, and print) using criteria such as IP address, device recognition, Active Directory Groups, and the Organizational Unit that user objects are stored in.
  • Securely view over 400 attachment file types – HTML rendering of OWA attachments with AttachView is done server-side, and attachments are displayed in the AttachView window on the local computer or device. The HTML version is not cached and is therefore not available for unauthorized users to access after your users log out of OWA.
  • Control Open/Save of Attachments – Configure access for opening and saving documents based on granular security criteria to prevent documents from being left behind on untrusted computers and devices.
  • Disable Copy/Paste of Attachments – Content in email attachments cannot be copied out of the secure web preview meaning users cannot copy data out of the system.
  • Control Printing of Attachments – Configure the ability to print attached documents based on granular security criteria.
  • Save Confirmation – For scenarios where a user must be able to edit a document, administrators can configure rules for specific users to allow them to save documents. The user is presented with a Save Confirmation, which acts as a contract informing the user what they are doing, where exactly they are saving the document on the client machine, and that they are responsible for its deletion from the system afterwards.
  • Control uploading of Email Attachments – Control the ability to upload file attachments to emails using OWA from untrusted and unsecured computers.


To Learn More about Messageware AttachView and configuring OWA attachment security, call us for a live demonstration or Download your Free Trial of Messageware AttachView to try it out for yourself.

To test the integrity of your OWA Security Systems and find out where vulnerabilities exist in your current configuration, download a copy of our Messageware OWA Security Audit.