Exchange Online - Disable Cached Exchange Mode or block Outlook client

Lanky Doodle 236 Reputation points
2022-02-22T21:22:35.643+00:00

Hi,

As a company we have a mixture of employees and contractors

Employees get provided with 365 Business Premium, a mobile phone and a laptop. The laptop is AAD joined and Outlook app is installed. Mobile phones we just add the mailbox to the native email client
Contractors get given Exchange Online only. They provide their own mobile phone and laptop, and neither are connected to our tenant for control with things like Intune MDM/MAM

If a contractor has their own Outlook license, there's nothing stopping them add their Exchange Online only account to their phones and laptop. Although we have quarantine rules for new connections, we approve them since they need it.

However we want to disable Cached Exchange mode so that when they have finished their project for us and we disable/delete their account, there is nothing left on the device. Likewise with phones. It's not as simple just remote wiping since it's their personal phone with personal data.

What's the best course of action?

Thanks

Outlook Management
Outlook Management
Outlook: A family of Microsoft email and calendar products.Management: The act or process of organizing, handling, directing or controlling something.
5,283 questions
Microsoft Exchange Online Management
Microsoft Exchange Online Management
Microsoft Exchange Online: A Microsoft email and calendaring hosted service.Management: The act or process of organizing, handling, directing or controlling something.
4,578 questions
{count} votes

Accepted answer
  1. KyleXu-MSFT 26,271 Reputation points
    2022-02-23T01:57:09.707+00:00

    @Lanky Doodle

    For local AD domain-joined computers, you could use GPO to disable Cache Mode for Outlook Client. But those contractors' clients aren't domain-joined, we cannot manage it from GPO. The Cache Mode function cannot be managed from Exchange online server side.

    By the way, I don't think it would make much sense even if we could disable cache mode for these clients. Because they could export data from mailbox when they could use their mailbox. In this way, they still could access emails after mailbox disabled/deleted.

    For security reasons, you can disable these clients directly:
    176879-qa-kyle-09-51-00.png

    You can also let them use those clients, but delete all emails before deleting mailboxes, which will sync to all clients in use. But it still cannot prevent them back up their emails.


    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


    0 comments No comments

0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.