Avatar of devon-lad
devon-lad
 asked on

Filter outgoing email contents - hosted Exchange service

Just migrated a customer to a hosted Exchange 2013 service from an in-house Exchange 2003.

A month after the successful migration a filtering requirement has come to light that I wasn't made aware of before the migration i.e. they need to block outgoing emails that contain 16 digit strings (credit card numbers).

Previously they had used an external filtering service that provided this functionality.

Unfortunately the Exchange host they've moved to is not able to provide this functionality.

So we have two options as far as I can see...

1. Migrate them again to a service that does provide the necessary filtering - the reason for choosing the current supplier is that they stipulated the requirement for a UK data centre.
2. Find some way to do this via Outlook rules - although this doesn't prevent users disabling the rule and it won't work for OWA as far as I'm aware.

Anybody got any bright ideas?
OutlookExchange

Avatar of undefined
Last Comment
David Johnson, CD

8/22/2022 - Mon
devon-lad

ASKER
Further to this - we would be able to block access to OWA - so would just need to scan outgoing Outlook emails on the local machine.
devon-lad

ASKER
A bit more...they have Symantec Endpoint Protection...wondering if the Outlook plugin can be used for this.
A Karelin

Try to use Transport rules.
All of life is about relationships, and EE has made a viirtual community a real community. It lifts everyone's boat
William Peck
devon-lad

ASKER
As per original post - they are using a hosted Exchange service so do not have access to transport rule manipulation.
A Karelin

Do you have access to antispam? Try to use antispam for outgoing email.
devon-lad

ASKER
Yes, I've looked at this but there current local package doesn't offer anything.

I have since come across the Symantec Data Loss Prevention plugin - presume this provides similar functionality to the new DLP features of Exchange 2013, so that might do it.
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
David Johnson, CD

which version of windows server do they have? As they could use Active Directory Rights Management Services
devon-lad

ASKER
Not familiar with this - they're using 2012 R2.
Gareth Gudger

Hey devon,

What is the business requirement for a UK data center? If it is a compliance requirement I am sure Office 365 meets this.

Office 365 does all of what you are asking and at no additional cost. You could have these rules configured in minutes. They have templates for this. Sometimes cost outweighs the original business need.

Gareth
Your help has saved me hundreds of hours of internet surfing.
fblack61
devon-lad

ASKER
Gareth - as far as I know Office 365 runs from Ireland.

Customer stores financial information and its customers (who are banks) stipulate all data should remain in the UK.  Small amounts of data can be sent via encrypted email attachments.
Gareth Gudger

Office 365 has data centers all over the world. They generally put you in the datacenter closest to you. But it is possible they could move you around. I'll have to defer to other experts. Not sure of providers in the UK.
David Johnson, CD

Office 365 will only stipulate that it will remain within the EU but not within any country
http://www.microsoft.com/online/legal/v2/?docid=31&langid=en-us
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
devon-lad

ASKER
I have asked them specifically about this a few years ago and they said all data for UK customers would be held in Ireland.  This may now have changed with data held in various EU countries as David says, but there is a distinct requirement that the data be held in the UK - so for the moment we can't use Office365.

David - are you able to elaborate a bit about how we could use AD RMS to accomplish what we need.  Having had a cursory look at this it appears to be quite a large and complex system - I'm wondering if it's going to be worth the man hours to implement.  However, if it's fairly straightforward to just setup the specific functionality we need then it could be the best option.
ASKER CERTIFIED SOLUTION
David Johnson, CD

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question