It would be great, if after receiving attachments via a secure message or a filerequest, if you could seamlessly attach them to a new secure message without having to download them to your device first.
In principle this will not be likely implemented. Currently this already possible for the senders of Secure messages, because they are also owners. They can compose a new message and re-attach the previously sent attachments to somebody else. Recipients does have permission only download the files and not share that files further. But yes we can warrant only within the LF server.
How can you re-attach a previously sent attachment without downloading it again? My objective is to avoid downloading confidential data to a local hard drive whenever possible. For instance, if you are a sales person receiving sensitive account information for a purchase and you need to forward it on to another department for processing, you do not want to have to download the documents to your computer, start a new message, re-attach them, then go back and find them on your computer and permanently delete them. If you could just forward attachments within the system that would greatly improve operational security.
Generally a recipient is not owner of the message and can't forward the message without re-uploading the attachments into a new message when the original message was addressed only to that particular recipient. In situations when is expected it will be needed to forward the message further to other local recipients then senders can compose the message with less restrictive permissions like "Specified Recipients and local users can download the files". When you send the URL of the message to other local users then they will be able read and download the files as well. Please note when you want just to show or read an attachment in a message the attachment has to be downloaded first to the local computer anyway. Senders are also owner of the messages with attached files they sent so when they compose a new message then under "Add files" can select option "Select existing files" option and attach previously uploaded attachments without re-uploading them again.
I get what you're saying, but in the scenario I'm talking about - which I feel is a pretty common business usage - the goal is to receive the file from an external party, and then transmit it to another party securely (possibly an external) without having to download it to your computer. Using the "Specified Recipients and local users can download the files" option does allow this, but it also means that anyone else in the organization potentially could access the file if they were to obtain the link. Thus, the only way the system currently allows you to "forward" attachments requires that the system be configured less securely.