Messaging policy and compliance in Exchange 2016

Email has become a reliable and ubiquitous communication medium for information workers in organizations of all sizes. Messaging stores and mailboxes have become repositories of valuable data. It's important for organizations to formulate messaging policies that dictate the fair use of their messaging systems, provide user guidelines for how to act on the policies, and where required, provide details about the types of communication that may not be allowed.

Organizations must also create policies to manage email lifecycle, retain messages for the length of time based on business, legal, and regulatory requirements, preserve email records for litigation and investigation purposes, and be prepared to search and provide the required email records to fulfill eDiscovery requests.

Messaging policy and compliance in Exchange 2016

The following table provides an overview of the messaging policy and compliance features in Microsoft Exchange Server 2016 and includes links to topics that will help you learn about and use these features.

Feature Description Resources
In-Place Archiving
In-Place Archiving helps you regain control of your organization's messaging data by eliminating the need for personal store (.pst) files and allowing users to store messages in an archive mailbox accessible in Outlook 2010 and later and Outlook on the web.
In-Place Archiving in Exchange 2016
In-Place Hold and Litigation Hold
When a reasonable expectation of litigation exists, organizations are required to preserve electronically stored information, including email that's relevant to the case. In-Place Hold allows you to search and preserve messages matching query parameters. Litigation Hold only allows you to place all items in a mailbox on hold. For both types of holds, messages are protected from permanent deletion, modification, and tampering and can be preserved indefinitely or for a specified period.
In-Place Hold and Litigation Hold in Exchange 2016
In-Place eDiscovery
In-Place eDiscovery allows you to search mailbox data across your Exchange organization, preview search results, copy search results to a Discovery mailbox, or export the results to a PST file
In-Place eDiscovery in Exchange 2016
Administrator audit logging
Administrator audit logs enable you to keep a log of changes made by administrators to Exchange server and organization configuration and to Exchange recipients. You might use administrator audit logging as part of your change control process or to track changes and access to configuration and recipients for compliance purposes.
Administrator audit logging in Exchange 2016
Mailbox audit logging
Because mailboxes can potentially contain sensitive, high business impact information and personally identifiable information, it's important that you track who logs on to the mailboxes in your organization and what actions are taken. It's especially important to track access to mailboxes by users other than the mailbox owner (known as delegate users). Using mailbox audit logging, you can log mailbox access by administrators, delegates (including administrators with full access permissions), and mailbox owners.
Mailbox audit logging in Exchange 2016
Data loss prevention
Data loss prevention (DLP) in Exchange 2016 includes 80 sensitive information types that are ready for you to use in your DLP policies.
Sensitive information types in Exchange 2016
Transport rules
Use Exchange transport rules to look for specific conditions in messages that pass through your organization and take action on them. You can use transport rule conditions and exceptions to define when a transport rule is applied, and then apply a transport rule action on messages when the condition is met.
Mail flow rule conditions and exceptions (predicates) in Exchange 2016
Mail flow rule actions in Exchange 2016