• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 587
  • Last Modified:

How can we lock down outlook data?

We are running Exchange 2003 with a combination of MSOutlook 2003 and 2007 clients. Much of our information is very confidential and needs to be protected so that it never leaves the office.
Is there any protection measures we can implement so that a user cannot copy or export messages from their outlook client or exchange mailbox?
The way it stands, a user could export out their entire mailbox onto a flash drive the day before leaving and walk out with all messages......
Any suggestions would be very helpful....
0
thecomputerdocs
Asked:
thecomputerdocs
3 Solutions
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Email Security is absolutely no problem with both Outlook 2003 and 2007.  You do need to understand how it works though in order to properly configure it... so I'd suggest that you start by reading this guide:
http://office.microsoft.com/en-us/ork2003/HA011402871033.aspx

Then, click on the link in that article for "Setting Consistent Outlook Cryptography Options for an Organization"

Jeff
TechSoEasy
0
 
thecomputerdocsAuthor Commented:
Does this prevent a user from exporting their mailbox and walking away with it? This answer seemed to apply more toward the encrypting the send and receiving of messages.....hopefully I"m wrong....
0
 
thecomputerdocsAuthor Commented:
I think I found the answer.....
Looks like a pain, but it will help regulate the user's ability to export mail in outlook.
http://www.windowsitpro.com/Articles/Index.cfm?ArticleID=40961&DisplayTab=Article

I"m not going to close the question right away, in case anyone has any other suggestions.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Encrypted messages cannot be read without having the "key".  So... if a user exports their mailbox it will still be encrypted and cannot be unlocked without having the appropriate credentials.

You may want to disable the use of USB Memory Keys though.
http://www.petri.co.il/disable_usb_disks.htm

Jeff
TechSoEasy
0
 
thecomputerdocsAuthor Commented:
Thanks Jeff. I"ll re-read the article in more detail.
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
That article you posted just stops the use of .pst files... this is not a single silver bullet solution... so you shouldn't be looking for one.

Jeff
TechSoEasy
0
 
ahoffmannCommented:
> .. any protection measures we can implement so that a user cannot copy or export messages from their outlook client or exchange mailbox?
don't give these people access to the computer

What you're asking for cannot be solved technically, it's a social problem. Educate your users, let them sign proper non-disclosure agreements, fire people you cannot trust.
0
 
David LeeCommented:
ahoffman is correct, there is no technological way to prevent this.  There are simply too many ways of getting messages out of Outlook.  Staff could export them, print them, screenprint them, simply mail them to someone else, etc.  Removing the ability to have a PST won't stop any of those I listed above.  Neither will encrypting.  Blocking PSTs won't stop a user from taking their OST, the file used by cached Exchange mode, which could later be converted to a PST.  Encryption might stop that though.  Even taking Outlook away altogether and leaving the staff to use OWA, which is all on the server, wouldn't prevent users from mailing confidential information to someone.
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
I agree... which was basically the intention of my "shouldn't be looking for a silver bullet solution" comment.

Jeff
TechSoEasy
0
 
thecomputerdocsAuthor Commented:
Thanks for the help guys. I appreciate the input.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now