390 likes | 588 Views
30.03.2010. Exchange 2010: Compliance and Protection. Vladimir Alexandrov, Chorus Ltd. vladimir@chorus.bg. Agenda. E-mail Archiving and Retention Key technologies Demo Protecting Email Communication Protection mechanisms and options Demo. E-mail Archiving and Retention.
E N D
30.03.2010 Exchange 2010: Compliance and Protection Vladimir Alexandrov, Chorus Ltd. vladimir@chorus.bg
Agenda • E-mail Archiving and Retention • Key technologies • Demo • Protecting Email Communication • Protection mechanisms and options • Demo
E-mail Archiving and Retention • Why Archive E-mail? • What’s Stopping Customers? • Integrated Archiving Solution: • Personal Archive • Retention Policies • Single Item Recovery / Hold Policy • Multi-mailbox Search
Why Archive E-mail? • Volume • As data volume grows, Outlook performance can be impacted • Mailbox quotas control volume but also encourage PST files • PST files add to further performance/management issues VolumeStorage Management Retention • Compliance adds to volume challenges • Regulations mandate specific retention periods for relevant e-mail (SOX = 5 years, SEC rules = 6 years, HIPAA = 5-6 years) Discovery • Strict timelines on discovery of e-mail • Cover all e-mail from all sources, including PSTs • Retrieval costs can be HUGE (backup tapes, PSTs)
World Today: Where is your e-mail? SharePoint Outlook PSTs ExchangeServer Webmail Third Party Archive Backups
What’s Stopping Customers? • Poor User Experience • Unfamiliar environment • Inability to search and/or access archived content • Clunky experience with Outlook/Outlook Web Access add-on • Complex Administrative Experience • Outlook add-on install/performance issues • Separate search/management of primary and archive mailboxes • Concerns over reliability of hosted archive vendors • High Costs • Separate archive infrastructure investment • Additional archive management costs
Integrated E-Mail Archiving Solution • Exchange Server 2010 introduces integrated e-mail archiving capabilities offering customers out-of-the-box tools to preserve and discover e-mail data, without changing the user or IT Pro experience • Preserve • Discover
Overview of the Personal Archive • A secondary mailbox that is configured by the administrator • Appears alongside a user’s primary mailbox in Outlook or Outlook Web App. • PST files can be dragged and dropped to the Personal Archive • E-mail in primary mailbox can be moved automatically using Retention Policies • Archive quota can be set separately from primary mailbox Primary Mailbox Personal Archive
A Seamless User Experience User can view, read, navigate, flag and reply to archived e-mail same as live e-mail Folder hierarchy from primary mailbox maintained Replies to archived messages saved in live e-mail sent items folder (same as PSTs) User gets conversation view scoped to archive (same as PSTs)
One User Search Experience Option to search archive only or both live and archived e-mail Advanced search options work across live and archived e-mail
Retention Policies for Everyone Policy automatically deletes e-mail after x days Policies applied to all e-mail within a folder Policies automatically move e-mail to archive after x days Expiration date label
Single Item Recovery (Dumpster 2.0) Set-Mailbox <identity> -SingleItemRecoveryEnabled $true -RetainDeletedItemsFor <Days>
Demo: • Personal Archive • Retention Policies • Legal Hold • Multi-Mailbox Search (Legal Discovery)
Protecting E-mail Communication • Defining the Problem • Leakage and Reputation Damage • Exchange 2010 Solutions • Message Classificatons • Mailtips • Delivery Reports • Moderation • Information Rights Management • Demo
Defining the ProblemRisks to Reputation, Productivity, and Operational Expense • “My users send things to the wrong audience by accident” • “Help desk calls around failed or lost messages are expensive” • “Information leakage damages our reputation and results in financial loss” • “I need to control communications to be in compliance with regulations”
“80% of all data leaks occur because of accidents — that is users, being unaware of data policies, as opposed to having malicious intent.” - Forrester, 2008 Leakage and Reputation Damage Accidents Happen Top 10 threats to Enterprise Security - IDC
Information Protection in Exchange 2010 MailTips Moderation SOFT CONTROLS Less restrictive More restrictive HARD CONTROLS Dynamic Signatures/Disclaimers IRM Protection Block/ Redirect
Exchange 2010 Solutions • Message Classifications • Each outbound message should be pre-classified by user under some regulations • MailTips • Leads you to send the right thing to the right people and avoid blunders and surprises • Delivery Reports • Provides you with visibility into what happened to your message, no costly help desk calls • Moderation • Review messages for suitability or policy violation before they get delivered • Transport Rules • Automated policy enforcement on all messages • Information Rights Management and Exchange 2010 • Granular protection that travels with the data
Message Classifications • Describes the intended use or audience of the message • Transport Rules may act on the message, based on the classification • Supported by Outlook 2010 and Outlook Web App, can be exported to OLK 2007
MailTips • Information about the message and recipients shown before send • For end users: • Reduce delivery surprises • Emails are addressed correctly the first time • Help prevent embarrassing email mistakes • For the organization: • Reduce help desk calls • Reduce NDRs • Reduce unnecessary pipeline traffic
MailTips Configuration • Per user • In OWA, when you collapse MailTips, they stay hidden • Outlook users can disable individual MailTips
Delivery Reports • Launch points OWA and Outlook 2010 • Delivery Reports Search in Exchange Control Panel • Exchange Management Console
Moderation • Group-based moderation • All messages to group must be approved by a moderator • Multiple moderators allowed • Bypass lists • Rule-based moderation • Available as an action on a Transport Rule • Conditions are customizable • Message is diverted to moderator(s) for approval • Group join approval • Moderation for recipients other than groups
Moderation Components • Initiation message: • Special message containing the original message • Addressed to the arbitration mailbox • Stores the state of moderation on that message • Arbitration mailbox: • Destination of initiation message • Store the initiation messages waiting to be approved • Other messages • Approval request (to moderators) • Approval decision (from moderators back to arbitration mailbox) • Decision updates (to moderators) • Rejection notices (to original senders) Arbitration Mailbox
Life as a moderator • Moderator’s mailbox stays up-to-date • Only actionable approval requests stay in the inbox • Conflicting decisions: • First reply to the arbitration mailbox wins • Loser’s mailbox is updated: “your decision does not apply” • Decisions can be made in OLK and OWA 14 • Voting buttons in legacy OLK work, too • Sender notified if all moderators are unavailable • All OOF, all mailbox full, etc.
Transport Rules • A set of centrally managed messaging policies, enforced on every Hub server • Allows consistent and reliable evaluation of messages throughout your organization • Enables control scenarios: • Block, moderate, encrypt, or modify messages • Based on inspection of content, properties, sender, or recipient
Transport Rules Structure • Structured just like inbox rules Conditions If the message... Is from a member of the group ‘Marketing Team' And is sent to recipients that are 'Outside the organization' Do the following... Append the message with the disclaimer 'Exchange 2010 is coming! Can you handle the excitement?' Except if the message... Is received from ‘Alfred E Newman' Actions Exceptions • Condition types: • User – detect mail between people, DGs • Content – inspect message subject & body content • Message Properties – inspect message headers and properties or type • Routing – detect external/internal, email domains • Action types: • Block • Encrypt • Modify (recipients, content, properties) • Review/Moderate
Regular Expressions in Transport Rules Exchange 2010 supports the following regular expressions:
Information Rights Management • Exchange and RMS Deployment • Transport Protection Rules • IRM Search, Transport Decryption, Journal Report Decryption • Outlook Protection Rules
Exchange and RMS DeploymentAdministrator Steps • Deploy either RMS* or Exchange, order doesn’t matter. Ensure your SCP is published within the forest. • RMS: On the _wmcs/certification/ServerCertification.asmx file, add all Exchange servers with read and execute permissions. • RMS: Create a DL that contains the FederatedEmail account (disabled user). Enable super-users and set the DL you created as super user.** • Exchange: Run set-IRMConfiguration –InternalLicensingEnabled $true * Exchange features require RMS on WS2008 SP2 or R2. ** Super user is required for OWA, Search, Transport/Journal Decryption.
Transport Protection Rules Take the decision away from end-users Apply RMS policies automatically using Transport Rules RMS protection can be triggered based on sender, recipient, or content Apply “Do Not Forward” or custom RMS templates RMS protection is also applied to Office 2003, 2007, and 2010 attachments
Protect. Productively.Search, scan, filter, and journal protected e-mail • IRM Search • Conduct full-text search on IRM-protected messages in OWA and Outlook. Enables eDiscovery or protected messages in the Exchange Store. • Transport Decryption • Enables access to IRM-protected messages by Transport Agents to perform operations such as transport rules, content filtering, and anti-spam/anti-virus. • Journal Report Decryption • Journal Report Decryption Agent attaches clear-text copies of IRM-protected messages and attachments to journal mailbox
Anywhere Access • Native OWA support provides: • Eliminates the need for IE Rights Management Add-on • Cross-Browser support enables Firefox and Safari users to create/consume RMS protected messages • Mac users can create/consume RMS protected messages • IRM Search • Conduct full-text search on RMS protected messages in Outlook Web Access • Windows Mobile 6.x • Built in ability to create /consume RMS protected messages
Outlook Protection Rules Apply IRM protection automatically at the client IRM protection automatically triggered based on sender/receiver attributes Authorized users can turn off protection Can be used to prevent e-mail service provider from accessing your e-mail Supported attachments are also protected Windows Desktop Search will index headers and subject
Demo: Email Protection • Mailtips • Transport Rules • Moderation • IRM
30.03.2010 Exchange 2010: Compliance and Protection Q & A? Vladimir Alexandrov, Chorus Ltd. vladimir@chorus.bg