Email Information, Protection, and Control in Exchange 2010

Protect sensitive information through versatile controls.

Install Silverlight

To help prevent unauthorized and accidental distribution of data, Exchange 2010 can automatically inspect email and apply appropriate controls:

  • For less sensitive communications, automated alerts remind users about potential data risks or policy violations without restricting delivery
  • For more sensitive messages, transport rules can be configured to block, re-route or modify messages as appropriate
  • Additional transport rules include the ability to send a message for review before delivery and protect messages with Information Rights Management (IRM)
  • Support for IRM also enables systems to search, journal and apply anti-virus and anti-spam filtering to IRM-protected messages

Key features

MailTips are automated alerts that can be added to messages before they are sent to prevent accidental delivery or policy violations. For example, MailTips will generate an alert if the sender is about to send a message to a large group or reply-all to a message on which the sender was blind carbon copied (Bcc’d). MailTips also provides alerts when the recipient is external, moderated or restricted. MailTips are available in both Microsoft Outlook Web App and Microsoft Outlook 2010. Custom MailTips can also be created to remind users about specific policies and processes that need to be followed before sending a message.
With transport rules, policies can be created to automatically inspect content and apply controls to all messages passing through an Edge Transport or Hub Transport server. Transport rules are created in the same way as Outlook rules—using a set of conditions, actions and exceptions. With transport rules, messages can be modified, encrypted, redirected, or blocked based on a granular set of transport rule conditions. Transport Rules can be configured by administrators in the Exchange Management Console or by delegated users in the Exchange Control Panel.
Transport rule actions can be triggered by a wide range of granular transport conditions such as specific senders, recipients, distribution lists, keywords, and regular expressions (for common patterns such as those associated with credit card numbers or social security numbers). Transport rules can also be created based on the contents within an Office attachment, a user's Active Directory attributes (e.g. department, country, manager) and multiple message types (e.g. auto-replies, calendaring, etc.)
Transport rules can be used to automatically apply a signature to the bottom of an email based on the sender’s Active Directory attributes. This feature can also be configured to apply rich, HTML signatures with specific fonts, company logos, and more.
Transport rules can be used to re-direct mail to a manager or trusted moderator for review. The reviewer can then approve or block the message, and if it is blocked, provide an explanation back to sender.
Transport rules can be used to apply a message classification describing the intended use or audience of a message (such as Attorney-Client Privileged). Transport rules can also be used to check messages that are manually classified by users. If the message does not meet the conditions of the classification, an action can be applied to block, encrypt, redirect, etc.
When used with Active Directory Rights Management Services (AD RMS), Transport Protection Rules enable an administrator to automatically apply Information Rights Management (IRM) protection to email (including Office and XPS attachments) after a message is sent. This provides persistent protection to the file no matter where it is sent and prevents forwarding, copying, or printing depending on the set of AD RMS Policy Templates available from the AD RMS deployment.
Outlook Protection Rules automatically trigger Outlook to apply an RMS template based on sender or recipient identities, before it is sent. Unlike transport protection rules, Outlook Protection Rules can be configured so that users can turn off protection for less sensitive content. Also, since the messages are protected on the Outlook client before being sent out to Exchange, this feature allows an organization to block third-party service providers or onsite Exchange administrators from viewing sensitive content that is sent between employees.
Exchange Server 2010 uses AD RMS to apply Do Not Forward permissions to voice messages that are designated either by the sender (by marking the message as private) or by administrative policy. This prevents the forwarding of protected voice messages in a playable form to unauthorized persons, regardless of which mail client is used. Protected voicemail is supported in Outlook Web App and Outlook 2010.
Users can compose, read, and reply to IRM-protected messages natively, just as they would in Outlook. IRM-protected messages in Outlook Web App can be accessed through Windows Internet Explorer, Firefox and Safari (no plug-ins required) and includes full-text search, conversation view, and preview pane. With additional support for WebReady Document Viewing for IRM-protected messages, recipients can view protected attachments without having to install or start the associated application (such as Word, PowerPoint, Acrobat, etc.)
Streamline the ability for Windows Mobile 6.1+ users to leverage the IRM support features in Exchange 2010 without having to manually tether their device. This includes the ability to read, search, compose, and reply to IRM-protected messages. Administrators also have the ability to enable and disable IRM in Exchange ActiveSync on a granular, per-device or user basis.
This allows transport agents to access IRM-protected messages to filter content, apply transport rules, scan for viruses and spam, and perform other essential functions. After transport agents have inspected the message and made potential modifications to it, the message is re-encrypted before delivery. Transport decryption can also be used with journaling to ensure that journal reports sent to journal mailboxes or third-party archives will contain a decrypted (clear-text) copy of IRM-protected messages, including Office and XPS attachments. This allows for indexing and searching of IRM-protected messages for legal discovery and regulatory purposes.
Exchange 2010 can index and search IRM-protected messages, including headers, subject, body, and attachments. This applies to search in Outlook Web App and Outlook (online mode) as well as Multi-Mailbox Search.

Why Microsoft?

Use built-in tools to reduce the cost and complexity of data-loss prevention

Use built-in tools to reduce the cost and complexity of data-loss prevention

Empower managers to better monitor and control mail flow

Empower managers to better monitor and control mail flow

Encrypt messages without disabling critical functions like search

Encrypt messages without disabling critical functions like search

For more reasons why click here
For more reasons why click here

Next Steps

Product Details
Downloads
Contact Us

Related Sites