E-mail is a reliable and ubiquitous communication medium for information workers in organizations of all sizes. Message stores and mailboxes are today repositories with valuable data. Organizations must formulate messaging policies that dictate the compliant use of their messaging systems, provide guidance to users on how to implement the policies, and provide details about the types of communications that are not allowed.
Organizations must also establish policies on the lifecycle of emails, retain messages as necessary for business or legal reasons, keep email records for litigation and investigative purposes, and be prepared to accept any email records find and deliver what they need to meet eDiscovery needs.
Confidential information such as intellectual property, trade secrets, business plans, and Personal Identifiable Information (PII) collected or processed by your organization must be protected from leaks.
Security and policy compliance in Exchange Online
The following table provides an overview of security and policy compliance features in Microsoft Exchange Online and links to topics that provide more information about these features and how to manage them.
|Archive mailboxes in Exchange Online||Archive mailboxes (a so-called in-situ archive) help people in your Office 365 organization take control of messaging data by providing additional email storage. People can use Outlook or Outlook on the Internet (formerly Outlook Web App) to view messages in their archive mailbox and to move or copy messages between their primary and archive mailboxes.|
|In-situ storage and litigation||With in-situ storage and litigation, you can maintain or archive mailbox content for compliance and eDiscovery.|
|In-Place eDiscovery||Compliance eDiscovery enables authorized compliance officers in your organization to search mailbox data across your Exchange organization, preview search results, copy them to a discovery mailbox, or export them to a .pst file.|
|Inactive Mailboxes in Exchange Online||Inactive mailboxes allow you to keep the contents of deleted mailboxes indefinitely. To create an inactive mailbox, you can enable in-memory or proof-of-mail for the mailbox, and then delete the appropriate Office 365 user account. In addition to maintaining mailbox content, administrators or compliance officers in Exchange Online or Content Search in the Office 365 Security #a0 Compliance Center can use in-place eDiscovery to search the contents of an inactive mailbox.|
|Prevention of data loss DLP||With DLP (Data Loss Prevention) policies, you can identify and monitor sensitive information, such as: ID card or credit card numbers or standard forms used in your organization. You can set DLP policies to inform users that they are sending sensitive information or to block the transmission of sensitive information.|
|Exchange Monitoring Reports||The monitoring capabilities in Exchange Online allow you to track changes made by Microsoft and your organization's administrators to your Exchange Online configuration. You can also monitor mailbox access by people who are not the mailbox owner. In Exchange Online, monitored actions are recorded and can be viewed in an online report or exported to a file.|
|Messaging Records Management MRM||Using Messaging Records Management (MRM), your organization can manage the email lifecycle to meet business and regulatory requirements and reduce the legal risks associated with emails. In Exchange Online, you can use in-situ memory or litigation to email and e-mail Retention tags and retention policies to save for archiving and deleting emails.|
|Information Rights Management in Exchange Online||Information Rights Management (IRM) allows you and your users to control who can access sensitive data in an email and forward, print or copy emails. IRM can use your local Active Directory Rights Management Services (AD RMS) server.|
|Office 365 message encryption||With Office 365 message encryption, you can send encrypted messages to people inside or outside your organization, regardless of the destination email service, whether Outlook.com, Yahoo, Gmail, or any other service. Certain recipients can send encrypted answers. Office 365 message encryption combines email encryption and rights management features. Rights management functions are operated by Azure Information Protection.|
|S / MIME for Message Signing and Encryption||Secure / Multipurpose Internet Mail Extensions (S / MIME) allows e-mail users to protect sensitive information by sending signed and encrypted e-mail within the organization. As an administrator, you can enable S / MIME-based security for your organization if you have mailboxes in Exchange Server or Exchange Online.|
|Journals in Exchange Online||Recording inbound and outbound e-mail communication in journals complies with legal, regulatory and organizational requirements. In Exchange Online, you can create journal rules to deliver journal reports to your local mailbox or archive system or to an external archiving service.|
|Message flow rules (transport rules) in Exchange Online||Using message flow rules (also known as transport rules), you can review messages that are sent or received by your users, and perform actions such as blocking or bouncing a message to check you or a copy from one manager or administrator To submit the recipient if the MeSsage matches the specified conditions.|