Tuesday, May 12, 2009

Information Protection and Control in Microsoft Exchange Server 2010 - UNC314

A. Introduction:
1. Common practice for protecting information on email is usually done with disclaimer
2. 80% of all leaked information is due to accident


B. Exchange 2010 automatic protection via transport rule


C. Transport rules are created via templates (also done using power shell) where conditions such as sender, recipient, AD attribute, and key words can be used to define how you will protect your message. Message protection can restrict end recipient to only view the message and not print it, forward it, copy it... Exchange 2010 integrates Rights Management Service (RMS) to protect message and attachment.


D. RMS:
1. Allows for persistent protection
2. Using the RMS management console, you can restrict access and usage content


E. Demo: creation of transport rule using wizard and testing the rule
1. Simple rule was created for specified sender and for a pattern of text; xxx-xx-xxxx
2. Sender sends a message with matching text pattern
3. Recipient receives the message but it’s protected and you also see the tag ‘ DO NOT Forward...’. The option to forward is grayed out, recipient is able to view the message but can’t print, copy or save.


F. New Transport features:
1. Moderation – enables manager to review message for approval before going out to destined recipient. This is done via transport rules. 2010 adds usage of AD attributes into the mix of conditions and you can setup moderation between asst and agent or any set of users. you can also use text pattern on the message as a condition. This might be useful for messages going out to ‘all assistants’ or any other large distribution lists when sent by assistants. HR can moderate all message going to ‘all’ users groups before having it reach the masses. This is done via “arbitration mailbox”
2. 2010 transport rules can scan attachments. There is a built in OCR functionality and rules can set for text patterns in the body of message as well as attachments.
3. Current transport rule architecture does not allow for 3rd party plug in.


G. How does Information protection impact journaling? On a functionality level it doesn’t. when a message is journaled there are 2 versions of the message, the protected version and a unprotected version. So far as passing journal message to 3rd party archiving solution it’s seamless


H. How does message protection impact performing E-Discovery searches and archiving? It doesn’t all messages in archive stays encrypted. The process of E-Discovery will include decryption of message. All these features are available from OWA as well as full outlook version
I. Email Protection is only available on 2010, will not work on 2007.
1. Recipients not on exchange 2010 may have problems with RMS
2. Blackberry and RMS: there will be a 3rd party add on for blackberry for RMS

No comments:

Post a Comment