2. The High Cost of Data Leakage
“Public-relations firm faces PR nightmare
after unintentionally e-mailing journalists
about one of its clients.”
“College staff member accidentally e-
mails attachment containing personal
information of 15,794 graduates.”
“Secret Service agent sends
unencrypted e-mail revealing details of
vice presidential tour.”
3. Information Protection and Control (IPC)
Exchange Server 2010 helps prevent the unauthorized transmission of
sensitive information with tools that can automatically:
MONITOR e-mail for specific content, recipients and other attributes
CONTROL distribution with automated, granular polices
PROTECT access to data wherever it travels using rights management
PREVENT
• Violations of corporate policy and best practices
• Non-compliance with government and industry regulations
• Loss of intellectual property and proprietary information
• High-profile leaks of private information and customer records
• Damage to corporate brand image and reputation
4. Benefits of Automated Controls
Reduce User Error
• Majority of data loss incidents are accidental
• Users forget policies or apply incorrect policy
Enable More Consistent Policy
• Automation facilitates rapid policy changes across the organization
• Critical for internal/external governance and compliance
Improve Efficiency
• Offload complex data polices from users
• Enable centralized policy creation, execution and management
5. Benefits of Granular Controls
Alert Modify Protect Redirect
“Allow delivery “Allow delivery “Allow delivery “Block
but add a but modify but prevent delivery
warning.” message.” forwarding.” and redirect.”
LESS RESTRICTIVE MORE RESTRICTIVE
Classify Append Review Block
“Allow delivery “Allow delivery “Block delivery “Do not
but apply but add a until deliver.”
classification.” disclaimer.” reviewed.”
• Apply the right level of control based on the sensitivity of the data
• Maximize control and minimize unnecessary user disruptions
6. MailTips Alert
Alert users about potential risks
7. Transport Rules << >>
Easily enforce granular policies
If the message...
Is from a member of the group ‘Executives’
And is sent to recipients that are 'Outside the
organization' And contains the keyword ‘Merger’
Do the following...
Redirect message to: arleneh@contoso.com
Except if the message...
Is sent to ‘shanek@contoso.com
• Executed on the Hub Transport Server
• Structured like Inbox rules
• Apply to all messages sent inside and outside the organization
• Configured with simple GUI in Exchange Management Console
8. << >>
Conditions
Fine tune rules with detailed criteria
Specific Users Detects mail between people, distribution lists
Specific Content Inspects subject, header and body for keywords, regular expressions
Message Properties Inspect message headers and properties or type
Classifications Scans for classifications such as Attorney-Client Privileged
Attachments Scans size, name and content (Office documents)
Classifications Can now also act on No Classifications
Message Types IRM protected, auto-replies, calendaring, voice mail
Supervision Lists Allows/Blocks based on listed recipients
Management Properties Identifies manager and applies policy
User Properties Scans for user attributes (such as department, country)
9. Actions
<< >>
Apply the appropriate level of control
Block Blocks and deletes message and can send non-delivery report
Classify Applies classification such as attorney-client privilege
Modify Adds disclaimer to body or text to subject line
Reroute Adds additional recipients to cc or Bcc line or re-directs
Append Applies disclaimer per each user’s specific attributes
Review Enables review and approval of e-mail before delivery
Protect Applies rights protection to messages, attachments
10. Dynamic Signatures Append
Automatically apply signatures per user attributes
Option of basic text or HTML
Signatures integrated with
Active Directory attributes
11. Moderation Review
Enable review and approval of e-mail before delivery
Approve or Reject with
option to send response
Moderate based on Moderator can be a specific
sender, DL, content user or sender’s manager
12. Information Rights Management Protect
Granular protection that travels with the data
Information Rights Management (IRM) provides
persistent protection to control who can access,
forward, print, or copy sensitive data within an e-mail.
• Persistent protection
− Protects your sensitive information no matter where it is sent
− Usage rights locked within the document itself
− Protects online and offline, inside and outside of the firewall
• Granular control
− Users apply IRM protection directly within an e-mail
− Organizations can create custom usage policy templates such as
"Confidential—Read Only"
− Limit file access to only authorized users
13. Transport Protection Rules Protect
Automatically apply IRM
Apply RMS
policies
automatically
using Transport
Rules
Apply “Do Not
Forward” or custom
RMS templates
• IRM protection can be triggered based on sender, recipient,
content and other conditions
• Office 2003, 2007, and 2010 attachments also protected
14. Outlook Protection Rules Protect
Provide users more IRM protection options
Adding recipient or distribution list can trigger
IRM protection automatically before sending
User can be granted
IRM protection can still be applied manually
option to turn off rule
for non-sensitive e-mail
15. IRM in Outlook Web App Protect
Read and reply to protected messages
Native support for IRM in OWA eliminates need Access to standard and
for Internet Explorer Rights Management add-on custom RMS templates
Office
documents
also protected
• Cross-browser support enables Firefox and Safari users to
create and consume IRM-protected messages
16. Protected Voice Mail Protect
Prevent forwarding of voice mail
“Do Not Forward”
template
• Integration with AD RMS and Exchange Unified Messaging
• Permissions designated by sender (by marking the message as
private) or by administrative policy
17. IRM Search Protect
Index and search protected items
Conduct full-text
search of IRM-
protected mail and
attachments in
Outlook (online)
and OWA
Multi-mailbox search
includes option to search
IRM-protected items
18. IRM Decryption Protect
Enable scanning, filtering, journaling
Infected messages and
spam can be filtered
Protected messages sent
to transport server
Messages are re-encrypted
and delivered
Messages and attachments
decrypted to enable content Journaled messages
filtering, transport rules include decrypted clear-
text copy
19. Protection and Control Scenarios
Restrict e-mail between • Transport rules to block mail between specific
Ethical Wall
analysts and brokers users or groups
Manager required to sign-off • Send to manager for approval
Supervision
on mail to sensitive partner • MailTips for moderated recipients
HR Policy Inappropriate content • Filter for keywords and block, redirect, modify
HIPAA (health data) • Apply MailTips to alerts for external recipients
GLBA (financial data) • Apply IRM protection to control access
Privacy
PIPEDA (Canada) • Monitor for credit card numbers and other
PCI (Worldwide) personally identifiable information (PII)
• Append disclaimer that includes name, title,
Signatures EUPD 2003/58/EC
department, etc.
20. IPC with Exchange Server 2010
Automatically monitor and control the
distribution of sensitive information
Ensure the right level of control is applied to the
right messages
Better protect access to data with persistent
Information Rights Management