• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 877
  • Last Modified:

Internal EMail Hacking

We have a suspicion that one of the heads of a company is reviewing someone else's email.  They may be doing it by adding the user account to the list of email boxes that they want opened in outlook- the suspected user has domain admin privilages and also knows the domain admin password.  There is an exchange 2007 server on site - the 2 questions are is there a way to audit the users who are accessing a mailbox on a server? (I don't believe the individual whose mail is being looked through has had a password breach, but I can ask them to change their password).   Secondly is there a method to encrypt the email that is stored on the server?  WE ARE NOT LOOKING FOR A METHOD TO ENCRYPT EMAIL TRANSMISSIONS.  Thank you.
0
sfeder69
Asked:
sfeder69
1 Solution
 
Shreedhar EtteCommented:
Hi,

You can enable mailbox access auditing feature.  For that refer the article:
http://www.msexchange.org/articles_tutorials/exchange-server-2007/compliance-policies-archiving/exchange-2007-mailbox-access-auditing-part1.html

There is also a good 3rd party exchange reporting solution that can be used to successfully prevent security incidents.

It's called change auditor for exchange.

It shows "real time" what is going on in our exchange environment.

There may be thrid party applications for encryption or this may be provide by the microsoft hosted solutions.

Hope this helps,
Shree
0
 
sfeder11554Commented:
That article is going to be as close as we get - since certain accounts always have access to email boxes (BES and EMail Archive e.g.) we are not going to be able to easily be able to say which user logged into the system if they in fact used one of these back door accounts.  In terms of encryption I would say the same thing might hold true - these type of service accounts need to access the email to do their job - although I don't know if access to do the job would be the equivalent of "read".  I am awarding you the points.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Introducing Cloud Class® training courses

Tech changes fast. You can learn faster. That’s why we’re bringing professional training courses to Experts Exchange. With a subscription, you can access all the Cloud Class® courses to expand your education, prep for certifications, and get top-notch instructions.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now