Exchange 2013 and Data Loss Prevention–Set Your Messaging Proposal Apart from the Others

  • Article

Josh Condie Headshot

Josh Condie - Exchange Server 2013 will be available next week, and comes with many new features as well as improvements on existing features that are already familiar to those who have worked with Exchange Server 2010.

In a nutshell:

  • Great new experiences in the touch-friendly Outlook 2013, as well as a streamlined OWA experience that is tailored for the requesting devices form factor
  • New, comprehensive administration experience in the Exchange Administration Center, as well as support for the Exchange Management Shell (using PowerShell 3.0)
  • Public Folders have been moved to the Mailbox database to take advantage of high-availability at deployment
  • Significant enhancements to HA (DAG) deployment and manageability
  • Reduction in server roles to two: Client Access server (CAS) and the Mailbox server- taking advantage of recent advances in processor capabilities
  • Finally, Data Loss Prevention: Enforcing compliance requirements for data, and managing its use in email, without hindering the productivity of users

This last one is a great one to understand, and may help distinguish on-premise deployments of Exchange 2013 from Cloud alternatives.  DLP is increasingly important for enterprise messaging systems because business critical communications often include private and sensitive data that must be protected (which is often required by government regulation). Examples include financial information (account numbers), personally identifiable information (SSN, Drivers License) and intellectual property data, all of which can be mistakenly sent to unauthorized users. In order to protect these communications without affecting user productivity, the new version of Microsoft Exchange Server 2013 integrates DLP features so you can resolve sensitive data in email more easily than ever before.

3 different ways to get started with DLP in Exchange 2013:

  1. Apply an out-of-the-box template supplied by Microsoft - The quickest way to start using DLP policies is to create and implement a new policy using a template. This saves you the effort of building a new set of rules from scratch.  Examples templates for PCI-DSS data and Gramm-Leach-Bliley act data can be selected.
  2. Import a pre-built policy file from outside your organization - You can import policy templates that have already been created outside of your messaging environment by independent software vendors. In this way you can extend the DLP solution to suit your business requirements.
  3. Create a custom policy without any pre-existing conditions - Your enterprise may have its own requirements for monitoring certain types of data known to exist within a messaging system. You can create a custom DLP policy entirely on your own in order to start checking and acting upon your own unique message data.

Here are some more resources to educate and help you get started.  DLP can be a real distinguishing service or solution for you customers, especially those in regulated industries like Finance, Health Care, Government, Education, etc.

Exchange Center on Technet:  https://technet.microsoft.com/en-us/library/jj150527.aspx

Great Video Presentation and Demonstration:

 

Josh Condie