Difference between revisions of "Compliance General"

[unchecked revision][checked revision]
 
(13 intermediate revisions by 5 users not shown)
Line 1: Line 1:
__NOTOC__
+
Under ''Administrative Tools > Compliance > Compliance General'' MailStore Server offers several features enabling you to meet operational as well as legal compliance requirements.
 +
__TOC__
 +
MailStore logs changes to these settings in the audit log. Additional information about event logging is available in chapter [[Auditing]].
  
MailStore Server offers several compliance features enabling you to meet operational as well as legal compliance requirements.  
+
[[File:Compliance_general_01.png|center|550px]]
  
<p class="msnote">'''Please note:''' MailStore writes changes to these settings into the Windows event log. Additional information about recording events is available in chapter [[Auditing]].</p>
+
== Archive Access ==
  
[[File:Compliance_general_01.png|center|550px]]
+
With this setting, access to the archives of other users by MailStore administrators can be unblocked or blocked. By default, MailStore administrators cannot access or search through other users' archive contents.
  
== Email Preview ==
+
To change this setting, you have to enter your password again. You can optionally provide a reason for the change which is written into the audit log.
  
By default, MailStore administrators can access all contents of the archive. This means that the entire contents of emails from other user archives can be viewed as well.
+
If archive access is blocked, other users' archive folders are not visible in the main menu tree and MailStore administrators do not have access to any emails archived therein. In this case, administrative tasks such as renaming folders can only be performed through the main menu item [[Archives|Administrative Tools > Users and Archives > Archives]].
  
To prevent the administrator from previewing the emails of other users, please proceed as follows:
+
[[File:Umgm_archives_01.png|center|550px]]
  
* Log on as MailStore administrator (admin).
+
If archive access is unblocked, the folder ''Other Archives'' and its subfolders are visible in the main menu tree and MailStore administrators can view, search through and export any emails archived therein. In this case, administrative tasks such as renaming folders can also be performed through the folder structure.
* Click on ''Administrative Tools'' > ''Compliance'' and then on ''Compliance General''.
 
* Under ''Email Preview'', click on ''Block Preview''.
 
 
 
If the preview is blocked, the folder ''Other Archives (Limited Access)'' and all its subfolders will appear grey. Administrators continue to be able to view the folder structures and their contents, including the header fields sender, recipient, subject and date, but no longer the email contents or any of the file attachments.
 
  
 
[[File:Compliance_general_preview_01.png|center|550px]]
 
[[File:Compliance_general_preview_01.png|center|550px]]
  
== Storage Guidelines ==
+
== Retention Policies ==
 
+
By default, MailStore allows the immediate deletion of archived emails by users with the privilege ''Delete Emails''. With retention policies you can specify the maximum and minimum retention period of either all messages or only those that match certain search criteria. At the end of the retention period messages can be deleted from the archive either automatically by a corresponding retention policy or manually by users with sufficient privileges.
Various operational or legal provisions regulate the minimum retention periods for emails liable to be archived. By predefining the storage guideline in MailStore you can define the earliest point in time at which emails may be removed from the archive.
 
 
 
To specify the storage guidelines, please proceed as follows:
 
 
 
* Log on as MailStore administrator (admin).
 
* Click on ''Administrative Tools'' > ''Compliance'' and then on ''Compliance General''.
 
* Under ''Retention Policies'', click on ''Change...''.
 
* Using the slide control, set the earliest point in time from which on archived emails may be deleted.
 
*: [[File:Compliance_general_retention_01.png|center|350px]]
 
* Click on ''OK'' to confirm.
 
  
Please note that at no time does MailStore remove emails from the archive automatically. Therefore, this setting only applies to users with the privilege ''Delete Emails''.
+
* [[File:Retention_Policies_01.png|right|350px]]Under ''Retention Policies'', click on ''Change...''.
 +
* Configure [[Retention_Policies|retention policies]] according to your needs.
 +
* Click ''OK'' to confirm.<br clear=all />
  
 
== Legal Hold ==
 
== Legal Hold ==
  
With the ''Legal Hold'' feature deleting emails from the archive can be temporarily prohibited. This may become necessary in case of legal disputes to prevent the deletion of emails which may serve as evidence.
+
Enabling the ''Legal Hold'' feature temporarily prohibits deleting emails from the archive. This may become necessary in case of legal disputes to prevent the deletion of emails which may serve as evidence.
  
To enable or disable ''Legal Hold'', please proceed as follows:
+
== Auditor Access ==
  
* Log on as MailStore administrator (admin).
+
With the ''Auditor Access'' feature, a special user can be set up in MailStore who has read-access to all user archives that exist creation time of that auditor user. Please note that a free MailStore user license is necessary to create the auditor user.
* Click on ''Administrative Tools'' > ''Compliance'' and then on ''Compliance General''.
 
* Under ''Legal Hold'', click on ''Enable Legal Hold''/''Disable Legal Hold''.
 
  
== Auditor Access ==
+
* [[File:Compliance_general_auditor_01.png|right|350px]]Under ''Auditor Access'', click on ''Create Auditor User...''.
 +
* In the ''Create Auditor User'' window, specify a password for the new auditor user. The password must meet the [[Notes on Password Complexity|complexity rules]]. The user name is generated automatically.
 +
* Click on ''OK'' to create the new user.<br clear=all />
 +
Using MailStore Client, the auditor user can now log on to MailStore Server and browse the archive. However, an auditor user can neither archive or export any emails nor change his or her own password.
  
In case of an audit by a third party (e.g. tax inspector) it may become necessary to grant this party read-access to the entire archive. With the ''Auditor Access'' feature, a special user can be set up in MailStore who automatically has read-access to all user archives.  
+
== Password Policy ==
 +
By clicking on the corresponding button, the password policy for MailStore integrated users, which is enabled by default, can be disabled or re-enabled. Making changes to this settings requires confirmation by entering the admin password. Optionally, a reason for the change may be entered, which is recorded as part of the audit log entry in the audit protocol.
  
To set up an auditor user, please proceed as follows:
+
<p class="msnote">'''Important notice:''' Disabling the password policy puts the security of your archive at risk. Thus disabling the policy is not recommended.</p>
  
* Log on as MailStore administrator (admin).
 
* Click on ''Administrative Tools'' > ''Compliance'' and then on ''Compliance General''.
 
* Under ''Auditor Access'', click on ''Add User...''.
 
* In the ''Create Auditor User...'' window, create a password for the new auditor user. The user name is generated automatically and has the following format based on the time of creation: <br><code>auditor-YYYYMMDD-HHMMSS</code>
 
*:[[File:Compliance_general_auditor_01.png|center|350px]]
 
* Click on ''OK'' to create the new user.
 
  
Using MailStore Client, the auditor user can now log on to MailStore Server and browse the archive. However, an auditor user can neither archive or export any emails nor change his or her own password.
 
  
  
 
[[de:Compliance Allgemein]]
 
[[de:Compliance Allgemein]]
 +
[[en:Compliance General]]

Latest revision as of 11:45, 15 May 2020

Under Administrative Tools > Compliance > Compliance General MailStore Server offers several features enabling you to meet operational as well as legal compliance requirements.

MailStore logs changes to these settings in the audit log. Additional information about event logging is available in chapter Auditing.

Compliance general 01.png

Archive Access

With this setting, access to the archives of other users by MailStore administrators can be unblocked or blocked. By default, MailStore administrators cannot access or search through other users' archive contents.

To change this setting, you have to enter your password again. You can optionally provide a reason for the change which is written into the audit log.

If archive access is blocked, other users' archive folders are not visible in the main menu tree and MailStore administrators do not have access to any emails archived therein. In this case, administrative tasks such as renaming folders can only be performed through the main menu item Administrative Tools > Users and Archives > Archives.

Umgm archives 01.png

If archive access is unblocked, the folder Other Archives and its subfolders are visible in the main menu tree and MailStore administrators can view, search through and export any emails archived therein. In this case, administrative tasks such as renaming folders can also be performed through the folder structure.

Compliance general preview 01.png

Retention Policies

By default, MailStore allows the immediate deletion of archived emails by users with the privilege Delete Emails. With retention policies you can specify the maximum and minimum retention period of either all messages or only those that match certain search criteria. At the end of the retention period messages can be deleted from the archive either automatically by a corresponding retention policy or manually by users with sufficient privileges.

  • Retention Policies 01.png
    Under Retention Policies, click on Change....
  • Configure retention policies according to your needs.
  • Click OK to confirm.

Legal Hold

Enabling the Legal Hold feature temporarily prohibits deleting emails from the archive. This may become necessary in case of legal disputes to prevent the deletion of emails which may serve as evidence.

Auditor Access

With the Auditor Access feature, a special user can be set up in MailStore who has read-access to all user archives that exist creation time of that auditor user. Please note that a free MailStore user license is necessary to create the auditor user.

  • Compliance general auditor 01.png
    Under Auditor Access, click on Create Auditor User....
  • In the Create Auditor User window, specify a password for the new auditor user. The password must meet the complexity rules. The user name is generated automatically.
  • Click on OK to create the new user.

Using MailStore Client, the auditor user can now log on to MailStore Server and browse the archive. However, an auditor user can neither archive or export any emails nor change his or her own password.

Password Policy

By clicking on the corresponding button, the password policy for MailStore integrated users, which is enabled by default, can be disabled or re-enabled. Making changes to this settings requires confirmation by entering the admin password. Optionally, a reason for the change may be entered, which is recorded as part of the audit log entry in the audit protocol.

Important notice: Disabling the password policy puts the security of your archive at risk. Thus disabling the policy is not recommended.