Wednesday, March 28, 2012

Auditing Mailbox Access in Exchange 2010


In every organization, there are always mailboxes with sensitive information. These might be the mailboxes of the CEO, directors, users from the HR or Payroll departments, or simply mailboxes for which you have to perform discovery actions to demonstrate compliance with regulatory or legal requirements. Although normally administrators are not concerned with the content of user’s mailboxes, there might be someone less honest that attempts to access someone’s mailbox in order to obtain information of value for their own benefit.

Previous versions of Microsoft Exchange did not provide a full range of compliance capabilities. Managed Folders or Journaling simply were not enough to perform basic audits or to be fully compliant with legislation such as the Sarbanes-Oxley Act. Exchange 2010 introduces some welcomed new features, including Retention and Litigation Hold, Single Item Recovery or Archiving.

In the following article, we will explore yet another new feature introduced in SP1 known as Auditing Mailbox Access, which allows us to record operations on a mailbox such as the deletion or copy of e-mails: Auditing Mailbox Access on MSExchange.org

1 comment:

  1. Thanks for sharing helpful information related to audit mailbox access in exchange server 2010. I found really good information about it from http://www.lepide.com/lepideauditor/exchange.html . This software helps to track which user logged in with which account and when. It allows to monitor mailbox access by administrators, mailbox owners, delegates, and actions taken on mailbox items like moving or deleting a message, using SendAs or SendOn Behalf permission to send messages, and accessing a mailbox folder or a message.

    ReplyDelete