Webmail security

[gw1500se]

I am being asked by our field personnel to implement a browser based mail reader so they can access mail from customer sites. My concern is what is left behind after the user is done. Surely there must be files left behind that could contain propriatary information from the email that was viewed? What is the level of security when using Webmail on a public machine? TIA.

[maccanada]

On Squirrelmail, trying to hit any page in your history (once the session has timed out) will return you to the login screen. It doesn’t look like cache files are getting created when getting webmail through SSL either…

If you can specify using Safari, you can also turn on private browsing so no history gets written.

[gw1500se]

Thanks for the replies. I’m not worried about passwords being left behind but rather viewed email and attachements. It is not clear to me whether or not cacheing of pages and atachements is controlled locally or from the server. If from the server then can I assume that is handled by Webmail? If locally then there is a serious security issue that, to me, is a show stopper. I also cannot count on a specific browser as these are public machines (as far as our security is concerned) with any OS and any browser.

[Author]

Posts