May 22 2023 03:11 PM
Hello,
We just tested the New Outlook and discovered that it allows users to add personal Gmail accounts to their Outlook profile. We have intentionally blocked 3rd party email services to prevent data loss. We don't ever want an end user to be able to send out confidential corporate information with their personal email account. Is there no way to disable this 'feature' for our tenant? You are now effectively bypassing all the data loss prevention security we have put in place around email, including explicit blocks for Gmail and Yahoo on our firewall.
May 23 2023 03:32 PM
66 views but no replies. Am I in the correct forum for asking this question?
Any suggestions from anyone on where I can post this question and get Microsoft's attention? This is a pretty serious security concern. Just because you can allow users to add personal email accounts to Outlook doesn't mean all business are OK with that. We need to be able to choose.
May 23 2023 11:51 PM
May 24 2023 06:07 AM
May 24 2023 09:58 AM
May 29 2023 01:40 PM
May 29 2023 02:37 PM
May 29 2023 05:26 PM
Jun 16 2023 01:56 AM
Jun 16 2023 06:43 AM
Jun 20 2023 06:44 AM
Jun 30 2023 10:49 AM
While we wait for Microsoft to provide a way to block 3rd party email from being added by end users, we were able to completely disable New Outlook following the steps in this article:
https://learn.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/outlook-on-the-web/...
We also deployed a registry change to end users with PowerShell to remove the button from Outlook. Run in user context because the key is HKCU
Set-ItemProperty -Path 'HKCU:\SOFTWARE\Microsoft\office\16.0\Outlook\Options\General' -Name "HideNewOutlookToggle" -Value 1
Sep 11 2023 01:56 PM
Sep 12 2023 11:58 AM
Just an update, I performed the following test again and it did work:
Create a test owa policy using powershell:
New-OwaMailboxPolicy TestOWAPolicy
Then I disabled personal accounts:
Set-OwaMailboxPolicy -PersonalAccountsEnabled -$false -identity TestOWAPolicy
Then I applied the policy to a test user:
Set-CASMailbox <email address removed for privacy reasons> -OwaMailboxPolicy TestOWAPolicy
I then tried to add my personal mailbox to my outlook. It goes through the motions and just as it is about to sync, I get this:
Sep 12 2023 12:15 PM
Sep 12 2023 02:08 PM
Sep 15 2023 12:47 AM
Sep 24 2023 11:35 PM
Sep 25 2023 06:09 AM