Internal EMail Hacking

We have a suspicion that one of the heads of a company is reviewing someone else's email.  They may be doing it by adding the user account to the list of email boxes that they want opened in outlook- the suspected user has domain admin privilages and also knows the domain admin password.  There is an exchange 2007 server on site - the 2 questions are is there a way to audit the users who are accessing a mailbox on a server? (I don't believe the individual whose mail is being looked through has had a password breach, but I can ask them to change their password).   Secondly is there a method to encrypt the email that is stored on the server?  WE ARE NOT LOOKING FOR A METHOD TO ENCRYPT EMAIL TRANSMISSIONS.  Thank you.
sfeder69Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Shreedhar EtteCommented:
Hi,

You can enable mailbox access auditing feature.  For that refer the article:
http://www.msexchange.org/articles_tutorials/exchange-server-2007/compliance-policies-archiving/exchange-2007-mailbox-access-auditing-part1.html

There is also a good 3rd party exchange reporting solution that can be used to successfully prevent security incidents.

It's called change auditor for exchange.

It shows "real time" what is going on in our exchange environment.

There may be thrid party applications for encryption or this may be provide by the microsoft hosted solutions.

Hope this helps,
Shree
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
sfeder11554Commented:
That article is going to be as close as we get - since certain accounts always have access to email boxes (BES and EMail Archive e.g.) we are not going to be able to easily be able to say which user logged into the system if they in fact used one of these back door accounts.  In terms of encryption I would say the same thing might hold true - these type of service accounts need to access the email to do their job - although I don't know if access to do the job would be the equivalent of "read".  I am awarding you the points.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Project Management

From novice to tech pro — start learning today.