Solved

exchange365 risk assessment

Posted on 2015-01-29
6
136 Views
Last Modified: 2015-02-20
Our external risk team want to review our organisations email systems. At present it is half "on-premise" and half in the cloud via outlook/exchange365. The on premise is v2013 of Exchange.

What realistically should/could they look at in relation to the cloud email infrastructure (i.e. exchange365)? Are there any tools/scripts/best practice guides for such setups?

For the on-premise you can look at stuff like security configuration of the servers, mailbox DB backup policies, mailbox security access controls, etc etc
0
Comment
Question by:pma111
  • 3
  • 3
6 Comments
 
LVL 79

Accepted Solution

by:
David Johnson, CD, MVP earned 500 total points
ID: 40577070
frrom various sources but Microsoft Office 365 is compliant with  ISO 27002 standard on information security practices and techniques to build a control matrix that includes firewalls, anti-virus patching and other controls drawn from the payment card industry's data security standard and also §  ISO 27001, Safe Harbor,   SSAE16 SOC1 Type II, SOC2 Type II,  FISMA regulations.  All of the drives are encrypted using bitlocker, all of the accessing servers are constrained with applocker and only processes s that are needed to access/modify the data are white-listed (they use a white list vs a black list policy).  Users with admin privileges don't have physical access and the converse is also true. for those with physical access don't have admin privileges
0
 
LVL 3

Author Comment

by:pma111
ID: 40577077
So are you basically saying "there is no point"...
0
 
LVL 79

Expert Comment

by:David Johnson, CD, MVP
ID: 40577081
There isn't much you can do since the data is more compliant and safer than anything smaller than a major enterprise can hope to attain. They also have an active red team/blue team testing the system on a continuous basis which even some major enterprises can't afford to maintain on an ongoing basis.  That is what you are paying for.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 3

Author Comment

by:pma111
ID: 40577086
I thought you could perhaps as the client still manage access control lists for 365 mailboxes internally, i.e. shared/group mailboxes? Surely there are a few "configurations" within the clients control, i.e. mailbox size, attachment size policy, use of protective marking, default/mandatory email signatures etc. Surely there must be some areas they can review... ?
0
 
LVL 79

Expert Comment

by:David Johnson, CD, MVP
ID: 40582464
sure you can administer shared/group mailboxes. login to the admin center/exchange
Exchange admin center
0
 
LVL 3

Author Comment

by:pma111
ID: 40583435
is it possible to export configurations set in the exchange admin centre?
0

Featured Post

Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
IT Desktop Support 11 71
Sent email using Shared Mailbox from outlook in C# 5 24
The security certificate has expired or is not yet valid 9 43
exchange, SPF 21 15
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
Find out what you should include to make the best professional email signature for your organization.
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question