alphaspirit - Fotolia
External threats to data are a major issue, but internal threats can be just as dangerous. Employees and other end users within an organization have the potential to compromise important information and strategies through email.
Data loss prevention (DLP) policies can be a key factor in helping Exchange admins fight internal threats. Exchange Server 2013 comes with a number of features that can assist admins in creating and refining DLP policies specific to their organizations' needs.
In our series on Exchange 2013 DLP policies, Senior Technology Editor Stephen Bigelow put the spotlight on five tactics for implementing and maintaining a successful DLP policy program. When these tactics are combined, admins have a better chance of lowering internal data loss threats.
Choose the right DLP template for your setup
Having a successful DLP policy setup involves creating and refining policies that cover confidential, protected and sensitive information. It's important to choose the right DLP template and use multiple templates to meet your compliance needs. Third-party templates may also meet your needs.
Use transport rules to scan for policy violations
Transport rules are essential for executing DLP policies in Exchange 2013. These rules check multiple parts in every email to identify possible policy violations and then take any necessary actions. Admins may use the Exchange Admin Center, DLP policies or PowerShell to create transport rules.
Apply document fingerprinting to point out DLP problems
Another important piece of the DLP policy puzzle is document fingerprinting, which converts forms and allows DLP to spot and identify those forms when handling them. The "fingerprint" can stop forms from being mishandled, but there are a number of issues to tackle before implementing this tactic.
Use policy tips to enforce acceptable use procedures
Policy tips can help remind users of acceptable use policies as a way to prevent violations before they even occur. These tips pop up as messages in Outlook and remind the user about current policies if any part of an email message appears to violate a policy.
Recognize the importance of incident reports
DLP rules and policies can be useful, but not communicating about a violation that needs to be investigated can render those policies useless. When DLP policy violations occur, reports must be made so organizations are aware of what occurred and can take any necessary action -- both of which are relatively simple to do in Exchange 2013.
Dig Deeper on Microsoft Exchange Server 2013