Details
This policy setting allows you to force Outlook to fully nullify deleted data in users’ Personal Folder files (.pst) at the time that the data is deleted.
If you enable this policy setting, data is immediately nullified in PST files when deleted.
If you disable or do not configure this policy setting, data remains in PST files until it is purged or overwritten by the user. The recommended state for this setting is: Enabled.
Rationale:
By default, when a users’ Personal Folder files (.pst) at the time that the data is deleted, the data inside the .pst file is retained in the available storage. Attackers could potentially recover the data by using tools used to view disk block or recover deleted files.
Solution
To implement the recommended configuration state, set the following Group Policy setting to Enabled.
User ConfigurationAdministrative TemplatesMicrosoft Outlook 2016MiscellaneousPST Settings
Impact:
Users may experience a delay in deleting a .pst file as it will take some time to write nulls to every location in the .pst file when deleted.
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Windows.