How to preserve, discover and prevent leakage of email information with Exchange 2010
Written by Adis Tucakovic, Premier Field Engineer
The ability to preserve, discover and prevent leakage of email information for many organizations has become more and more critical. Exchange Server 2010 has now further enhanced the capabilities to simplify this process without requiring third party add-on products.
In this article we will examine how specific Exchange Server 2010 features can be used to address various problems commonly faced by many organizations. In the Step-by-Step section of each article you will find a detailed guide on how to implement and configure these options in Exchange 2010.
Part 1 – Handling PST sprawl, managing mailbox performance and capacity
Problem: Outlook PST Files on the Network Drives with no backup protection and no management capabilities.
Most organizations are struggling with what to do with PST files stored in various locations, from user desktops to file shares. This data may not be backed up and is certainly not likely to be managed. Microsoft does not support PST files over the network and many organizations are stuck running unsupported environments where users suffer the impact of poor Outlook experience or by allowing users to host PSTs on their own machines while forfeiting the ability to protect or manage this data.
Architecture changes in Exchange Server 2010 which reduced the IOPS requirements have now enabled Exchange to run on cheaper larger capacity SATA drives which allows us to inexpensively store large amount of e-mail in both the Primary Mailbox and the Personal Archive
Solution: Personal Archive
This is a secondary mailbox that is associated with a user’s mailbox. It appears alongside the primary mailbox folders in Outlook 2010 or Outlook Web App, so users have direct access to e-mail within the archive just as they would their primary mailboxes. Users can drag e-mail from .pst files into the Archive and access them online. E-mails from the mailbox can also be moved to the Archive automatically using policies, this in turn reduces the primary mailbox size and improves application and network performance. Users can also search both their Archives and mailboxes in Outlook or Outlook Web App. There are also plans to extend this functionality to Outlook 2007 in the near future.
Step-by-Step: Personal Archive
Part 2 – E-mail Records Management without Third Party products
Problem: Every organization has messages that are important from a business, legal, or regulatory perspective, and may need to be retained for a certain period. Your Compliance Department is looking to you to extend e-records management policies to electronic e-mail and preserve messages needed to comply with company policy, government regulations, or legal needs, and to remove content that has no legal or business value.
Solution: Messaging Retention Management
With retention policies, you can enforce retention settings to specific e-mail items, conversations, or folders in an e-mail mailbox. The administrator configures policies, which are displayed in Outlook 2010 inside each e-mail message, along with a header that states the applied policy and delete date.
Two types of policies are available to users, retention policies which expire and delete content and the archive policies which move content to the Personal Archive. Both types of policies can be combined on the same item or folder. For example, an e-mail message can be tagged so that it is automatically moved to the Personal Archive in a specified number of days and deleted within a specified number of days. You can also specify that messages with a specific classification are retained for a longer period of time. Administrators can also use archive policies to control when messages are automatically moved from the mailbox to the Personal Archive.
Step-by-Step: Messaging Retention Management
Part 3 – Your organizations is under litigation, what can you do protect yourself?
Problem: When a reasonable expectation of litigation exists, you are required to preserve electronically stored information that's relevant to the case. This expectation can occur before the specifics of the case are known, and preservation is often broad. You may need to preserve all e-mail related to a specific topic, or all e-mail for certain department.
Depending on the organization's eDiscovery practices, some of the measures adopted by organizations to preserve e-mail may include:
- End users may be asked to save e-mails by not deleting any messages. However, users may still delete e-mail knowingly or inadvertently.
- Automated deletion mechanisms may be suspended. This could result in large volumes of e-mail cluttering the mailboxes and thus impacting user productivity.
- Some organizations copy or move e-mail to an archive to make sure it isn't deleted, altered, or tampered with. This increases costs due to manual efforts required to copy or move messages to an archive, or third-party products used to collect and store e-mail.
Failure to preserve e-mail may expose an organization to legal and financial risks such as scrutiny of the organization's records retention and discovery processes, adverse legal judgments, sanctions, or fines.
Solution: Legal Hold
Exchange 2010 enables you to immediately preserve users’ deleted and edited mailbox items (including e-mail, appointments, and tasks) from both their mailboxes and Personal Archives. Legal Hold can be set on individual mailboxes or across the enterprise and can be set for a specific time period for example; you can place a mailbox on hold for 120 days. Legal Hold also includes an option that automatically alerts users through Outlook 2010 that a hold has been placed on their mailboxes or can be done silently if you do not want to alert a user they are subject to legal proceedings.
Solution: Mailbox Search
Users can search a variety of mailbox items, including e-mail, attachments, calendar items and contacts, as well as Information Rights Management (RMS) protected content. Multi-mailbox search can work simultaneously across both primary mailboxes and Personal Archives with a web based console. For legal discovery purposes, e-mail located through search can be copied and moved to a specified mailbox, as defined by the administrator, for further investigation. Filtering capabilities include sender, receiver, message type, sent/receive date, and CC/BCC.
Part 4 – Handling e-mail according to classification rules
Problem: The attorney-client privilege is intended to protect the confidentiality of communication between an attorney and a client. Assuring confidential communication, lawyers and clients feel free to discuss sensitive legal matters thoroughly. Communication that meets the legal tests that define the privilege is considered confidential. Disclosure of that communication can't be compelled by anyone if the client doesn't want the communication disclosed. So in e-mail format how do we ensure this information stays confidential and does not get accidentally disclosed?
Solution: Message Classification
Message classification provides ability for end users to tag messages based on content. An example would be “Attorney/Client Privilege” classification. Based on the classification of the message you can create various rules on how this message is handled within the organization in terms of protection, retention and discovery and leakage prevention.
When a message is classified, the message contains specific metadata that describes the intended use or audience of the message. Outlook 2007 or Microsoft Office Outlook Web App may act on this metadata by displaying a user-friendly description of the classification to senders and receivers of a classified message. In Exchange 2010, the Microsoft Exchange Transport service may act on the metadata if there's a transport rule that meets specific criteria that you have configured.
Step-by-Step: Message Classification
Part 5 – How do we prevent accidental information disclosure?
Problem: Leakage of potentially sensitive information can be costly for an organization on multiple fronts and have wide-ranging impact on the organization and its business, employees, customers, and partners. To avoid violating applicable regulations, organizations must protect themselves against intentional, inadvertent, or accidental information leakage.
The following are some consequences resulting from information leakage:
- Financial damages - Depending on the size, industry, and local regulations, information leakage may also result in financial impact due to loss of business or fines and punitive damages imposed by courts or regulatory authorities. Public companies may also risk losing market capitalization due to adverse media coverage.
- Damage to image and credibility - Information leakage can damage an organization's image and credibility with customers. Moreover, depending on the nature of communication, leaked e-mail messages can potentially be a source of embarrassment for the sender and the organization.
- Loss of competitive advantage - One of the biggest threats from information leakage is the loss of competitive advantage in business. Disclosure of strategic plans or mergers and acquisitions information can potentially lead to loss of revenue or market capitalization. Some of the other threats include loss of research, analytical data, and other intellectual property.
Solution: Information Right Management
In Exchange 2010, you can use Information Rights Management (IRM) features to apply persistent protection to messages and attachments. IRM uses Active Directory Rights Management Services (AD RMS). With the IRM features in Exchange 2010, your organization and your users can control the rights recipients have for e-mail message. IRM also helps allow or restrict recipient actions such as forwarding a message to other recipients, printing a message or attachment, or extracting message or attachment content by copying and pasting. IRM protection can be applied by users in Microsoft Outlook or Outlook Web App, or it can be based on your organization's messaging policies and applied by using transport protection rules or Outlook protection rules. Unlike other e-mail encryption solutions, IRM also allows your organization to decrypt protected content to enforce policy compliance.
AD RMS uses eXtensible Rights Markup Language (XrML)-based certificates and licenses to certify computers and users and to protect content. When content such as a document or a message is protected by using AD RMS, an XrML license containing the rights that authorized users have to the content is attached. To access IRM-protected content, AD RMS-enabled applications must procure a use license for the authorized user from the AD RMS cluster.
Applications used to create content must be RMS-enabled to apply persistent protection to content using AD RMS. Microsoft Office applications, such as Microsoft Word, Microsoft Excel, and Microsoft PowerPoint are RMS-enabled and can be used to create protected content.
IRM helps you to do the following:
- Prevent an authorized recipient of IRM-protected content from forwarding, modifying, printing, faxing, saving, or cutting and pasting the content.
- Protect supported attachment file formats with the same level of protection as the message.
- Support expiration of IRM-protected messages and attachments so they can no longer be viewed after the specified period.
- Prevent IRM-protected content from being copied by using the Snipping Tool in Windows.
Step-by-Step: Information Right Management