Organizations continue to look to Exchange to stay compliant with current regulations. While third-party tools are the go-to options, new features in Exchange could help some organizations meet their compliance needs. This collection of expert tips highlights Exchange 2013 and hosted Exchange features to help you understand your compliance options.
Exchange 2013 compliance options
Exchange 2013 comes with new features that give organizations compliance options, but none of these features are solely for compliance. Features such as Role-Based Access Control, In-Place Hold, and audit logging/reporting are all helpful, and admins can use e-discovery in SharePoint 2013 or integrate AD Rights Management Services , or RMS, with Exchange to also help with compliance.
Data loss prevention features to improve compliance
When admins use data loss prevention (DLP) in Exchange 2013, they can set organization-wide policies for messages from scratch or by building on existing templates and data types. Outlook 2013 is DLP-aware; but DLP isn't automatic. This tip offers some ideas on how to implement DLP.
Create DLP policies in Exchange 2013
Securing data is a major task for every organization, but creating DLP policies can make that task easier. There are three operation modes admins can use: Enforce Policy, Test Policy without Notifications and Test Policy with Notifications. This tip will explain each mode to help you craft the best policy.
Exchange 2013 compliance and e-discovery features
Compliance and e-discovery features received a major overhaul in Exchange 2013, making them more practical compliance options than third-party products. Features such as In-Place Hold and Multi-Mailbox Search were consolidated and improved. In addition, multiple searches can target different mailboxes while holding different scopes on those mailboxes.
Prepping hosted Exchange for compliance and archiving
As organizations get ready to move from on-premises Exchange to hosted Exchange, there will be concerns about remaining compliant. Exchange already has options in place for admins to maintain compliance, such as Secure Sockets Layer to secure Simple Mail Transfer Protocol traffic; but admins also need to keep e-discovery in mind for hosted Exchange.
This was first published in February 2014