I found my documents in the local browser cache! How can I increase attachment security?

When you open an attachment, rather than view it with WebReady Document Viewing or save it to a specified location, the attachment will always be saved to the temporary internet files folder on the local computer. This happens unknowingly to the user creating a real danger on computers where unauthorized people could get hold of confidential documents.

There are a few ways Administrators can secure attachments for all:

Disable access to all attachments
Although not practical, it is the safest way to make sure that attachments are never left behind.

Allow access only to files supported by WebReady Document Viewing
Although limited to 4 file types (Microsoft Word, Excel, PowerPoint, and Adobe PDF), this option is more convenient than the first.

Force WebReady Document Viewing and Force Save for all other file types
This is a good option if your company is okay with users saving files to local machine and possibly forgetting to permanently delete them.

Get third part help
Messageware ( offers a product called AttachView which gives Administrators a wide variety of configuration options for securing attachments. Because AttachView support viewing over 300 file types as safe HTML pages, they really make it feasible to turn off the open and save attachment options for users while they are not in the office or on corporate devices.

Use Ctrl+Shift+R to "Reply all" to the selected message.


Will tablet and Smart phone use be a big part of your OWA 2013 deployment?