Restrict External Storage Providers in OWA - Exchange Online

Posted by

Hello Everyone

I hope, everyone is doing good and today we are going to see one of the the content from exchange online feature Restrict External Storage Providers in OWA - Many of us messaging admin must know this feature already 

By default, Microsoft allows additional storage providers to be added in the Outlook Web App (OWA). In doing so, users are able to add personal storage services such as Box, Dropbox, Facebook, Google Drive, One Drive Personal, etc to save and attach files.



Blocking additional storage providers in Outlook Web App is important because it can help prevent users from using non-approved cloud storage services to store email attachments. This can help ensure that all email attachments are stored in a secure, centrally-managed location, and that they are properly backed up and protected from data loss.

Additionally, blocking additional storage providers can help prevent users from sharing sensitive information with unauthorised parties, and can reduce the risk of data leaks and compliance violations. By blocking access to non-approved storage providers, organizations can maintain greater control over their data and ensure that it is properly protected.

Below screen shot belong to the Default one 


I have created a new OWA policy to restrict external third party  storage


Verification


Apply to the single user


For Multiple users

$<VariableName> = Get-Content "<text file>"
$<VariableName> | foreach {Set-CasMailbox -Identity $_ -OwaMailboxPolicy "<Policy Name>"}

Output after OWAMailboxPolicy applied . There is no external storage account embedded in OWA --->Mail ---> Attachments



Location: Chennai, Tamil Nadu, India

Comments

  1. AnonymousAugust 12, 2023 at 9:10 PM

    Thanks for sharing the helpful blog. Its really helpful.

    I have a query about how to check which users are using those third party storage accounts on the Outlook web using PowerShell or any other way? Can you provide script or any other way here?

    ReplyDelete
  2. RamkiAugust 13, 2023 at 8:54 AM

    Get-OwaMailboxPolicy | Where-Object { $_.AdditionalStorageProvidersAvailable -like "True"} | ForEach-Object {
    $policyName = $_.Name
    $mailboxes = Get-CasMailbox -ResultSize Unlimited | Where-Object { $_.OwaMailboxPolicy -eq $policyName }
    $mailboxAddresses = $mailboxes.PrimarySmtpAddress -join ', '
    $policyMessage = "The $policyName policy allows the $mailboxAddresses to configure external storage providers."
    Write-Host $policyMessage
    }
    The OwaMailboxPolicy-Default policy allows the AdeleV@craftnet.in, adminramkicm@craftnet.in, AlexW@craftnet.in, ChennaiSecurity@craftnet.in, chromeroom@craftnet.in, craft1@craftnet.in,

    ReplyDelete

Post a Comment