Security and compliance of enterprise information for Exchange 2013 technology Highlights

Exchange 2013 will allow you to protect the business communication content and sensitive information, and to meet the internal regulatory standards of the enterprise and the relevant regulations of the external regulatory bodies, thus keeping the information security of the enterprise organization intact.

The challenges facing the enterprise:

With the development of information technology, the application of it is more and more extensive, and email has become an important way of communication between enterprises and individuals. For businesses, email stores a lot of business information, This increases the risk of accidental distribution and unauthorized access to sensitive information. In the face of laws and regulations that protect customers and employees from increasing personal information, the problem has become particularly acute for most businesses. To help businesses better control the information that is distributed through e-mail, Today's messaging system is not only to set up a comprehensive series of information protection and control functions, but also the need for more effective e-mail management, sensitive messages to intercept, encrypt or block the transmission. More secure data access is needed for mobile phones, tablets and PCs.

On the other hand, the systematic archiving of these information has become increasingly urgent as the number of e-mails within the enterprise continues to grow. Archiving saves users ' mailbox space, improving messaging system performance and providing users with a better e-mail experience. Archiving also makes it easy for organizations to manage and search for e-mail, This helps the organization to meet compliance laws and electronic discovery requirements. The enterprise needs a mail system with built-in archiving capabilities to meet the requirements of government regulations and industry regulatory standards without the need for third-party solutions and their associated costs.

In addition, the dangers of viruses, spam, and phishing attacks have long been familiar to the industry. Because a lot of harmful mail or ads sent to customers and corporate employees, if the enterprise can not effectively identify and take defensive measures, it will be mistaken, encounter a variety of security risks, such as confidential data leakage, spyware intrusion, etc. Therefore, it is urgent for enterprises to identify these harmful mails effectively.

Exchange 2013 Technology Highlights:

Data Loss Prevention (DLP) and legal compliance

Exchange 2013 provides a range of accurate, automated, and centrally managed data loss prevention capabilities that make it easier for you to monitor and protect sensitive and confidential information in our company.

* Prevent data leakage (DLP): Every business is concerned that users mistakenly send sensitive information about their company to unauthorized individuals. The new Exchange Prevention Data Disclosure (DLP) feature discovers, monitors, and protects sensitive data throughout the process of in-depth analysis. Administrators can leverage regulatory standards such as PII and PCI-built-in DLP templates to control sensitive data. The policy reminders feature in Outlook notifies users of this violation of the policy before sensitive business data is sent out with the e-mail message.

* IRM support: By automatically applying related Information Rights Management (IRM) permissions, you can protect your proprietary information from loss and will not interfere with the user's productivity. Also, you can go directly to Outlook, Outlook Web Access without installing any additional software add-ins And on your mobile phone, view and edit messages that are protected by the Information Rights Management (IRM) feature.

* Transmission rules: In transport rules, you can create policies to automatically check for content and apply these policies to all messages. The creation of transport rules is the same as the way that Outlook rules are created-using a set of conditions, actions, and exceptions. Transport rules can be used for modified messages, encryption, redirection, or block the set of transport rule conditions based on particles. Configure transmission rules in Exchange Management Center by an administrator or delegated user in exchange.

* Message tip: By using the mail reminder feature, you can implement compliance without losing security and productivity by alerting the user to a violation of relevant policies before sending an e-mail message containing confidential information.

* Security protection for mobile devices: You can safely manage mobile devices by creating a list of approved mobile devices, enforcing PIN locking, and removing company confidential data from lost handsets.

* Protected voice mail: protects voice mail that has been marked as private by callers, and prevents unauthorized people from replaying these voice messages.

Data Archiving and Discovery

Exchange 2013 will provide enhanced integrated compliance capabilities-including archiving, electronic data presentation, and in-place retention-dedicated to addressing regulatory requirements, mitigating evidentiary difficulties, and reducing related costs.

* Messaging Records Management (MRM): Is the records management technology in Microsoft Exchange Server 2010, which helps organizations reduce legal risks associated with e-mail and other communications. Through Messaging records management, it is easier to retain compliance with corporate policies, Government regulations or legal requirements for the required mail, and can be more easily deleted without legal value or commercial value of content. Retention policies allow you to apply retention settings to specific items or folders in a mailbox. The policy is configured by the Exchange administrator, displayed in each e-mail message, A caption indicates the policy applied and the date of deletion. These headings make it easy for end users to determine when e-mail settings expire, and if e-mail messages should be retained for a longer period of time, you can apply a new expiration policy. Administrators can also set default policies to automatically transfer messages from the primary mailbox to the archive project.

* In-place archiving: It helps you better control your organization's messaging data without personal storage (. pst) files, and for message mailboxes stored in archived projects, you can allow users to have versions above Outlook 2010 (including version 2010), and Outlook Web App. It also allows users to access e-mail archives directly from their inboxes and to provide electronic data display tools for special-function users to avoid the need to purchase and manage stand-alone archiving solutions.

Litigation Reservations: During a reasonable litigation retention period, the organization is required to keep electronic storage information (ESI), including event-related e-mail messages. Keep the message that matches the query parameters in the appropriate location. Even if messages are deleted, modified and tampered with, the message will be protected, Organizations can save these messages within a specified time or indefinitely.

* Journaling: Journaling can record all communications in your organization, including e-mail communications, to use this information according to your organization's e-mail retention or archiving policy. To meet growing regulatory and compliance requirements, organizations must retain the communications records that occur when employees perform day-to-day corporate tasks.

* Simpler ediscovery: Search for e-mail, documents, and instant messaging content in an Easy-to-use Web interface, or empower your HR or compliance officer with role-based access control to perform targeted searches without the need for IT technical support personnel to intervene.

* Mailbox audit log records: Because mailboxes may contain sensitive information (HBI) and personally identifiable information (PII) that have a significant impact on the business, It is therefore important to keep track of the people who log on to the mailboxes in your organization and what they are doing. It is particularly important to track access to mailboxes from users other than the mailbox owner. When you enable audit logging for a mailbox, you can specify and record a logon type (administrator, delegated user, or owner) Which users participate in the operation. Audit log entries also contain important information such as client IP addresses, host names, and processes or clients that are used to access mailboxes. For a moving item, the entry contains the name of the destination folder.

Antivirus/anti-spam

Exchange 2013 can proactively protect your communications with its built-in virus, spam, and phishing attack defenses. With built-in multi-tier and multi-engine virus and spam protection, you can block e-mail threats before they reach your network. Also, SLAs guarantee 100% Block all known viruses and block 98% of spam. The cost savings of technology support are achieved by allowing end users to securely access quarantined e-mail messages, while ensuring minimum error recognition rates (SLAs guarantee no more than 1:25,000 false recognition rates).

* Anti-spam filtering: Exchange 2013 filters messages based on the spam level of the connection, sender, recipient, and message content through the filtering agent above. A manager can customize each agent and incorporate real-time block lists and allow lists. Exchange 2013 also includes auditing of sender IDs for verifying the legality of e-mail addresses and preventing information security threats from phishing, e-mail scams. To more effectively prevent worms from being emailed, administrators can also filter and bring Microsoft Office System files.

* Tighter control: more stringent control over Exchange 2013, marking all mass mailings as spam, or blocking unrelated e-mail messages by language or by region.

* Exchange Online Protection (EOP): Provides multiple scanning engines in a single solution. Multi-engine scans prove that the detection rate for new threats is faster than a single engine solution. At the same time, EOP provides enterprise-class reliability and can be load-balanced across geographies. In addition, The queue feature also helps ensure that no messages are lost.

* Anti-Malware protection: Exchange Server 2013 built-in basic protection features for easy configuration and monitoring, using the same antivirus engine as system Center Endpoint Protection to scan the transport service as a whole.