Difference between revisions of "Compliance General"

[unchecked revision][checked revision]
 
(21 intermediate revisions by 5 users not shown)
Line 1: Line 1:
__NOTOC__
+
Under ''Administrative Tools > Compliance > Compliance General'' MailStore Server offers several features enabling you to meet operational as well as legal compliance requirements.
 +
__TOC__
 +
MailStore logs changes to these settings in the audit log. Additional information about event logging is available in chapter [[Auditing]].
  
MailStore Server offers several compliance features enabling you to meet operational as well as legal compliance requirements.  
+
[[File:Compliance_general_01.png|center|550px]]
  
<p class="msnote">'''Please note:''' MailStore writes changes to these settings into the Windows event log. Additional information about recording events is available in chapter [[Auditing]].</p>
+
== Archive Access ==
  
[[Datei:Compliance_general_01.png|center|550px]]
+
With this setting, access to the archives of other users by MailStore administrators can be unblocked or blocked. By default, MailStore administrators cannot access or search through other users' archive contents.
  
== Email Preview ==
+
To change this setting, you have to enter your password again. You can optionally provide a reason for the change which is written into the audit log.
  
By default, MailStore administrators can access all contents of the archive. This means that the entire contents of emails from other user archives can be viewed as well.
+
If archive access is blocked, other users' archive folders are not visible in the main menu tree and MailStore administrators do not have access to any emails archived therein. In this case, administrative tasks such as renaming folders can only be performed through the main menu item [[Archives|Administrative Tools > Users and Archives > Archives]].
  
To prevent the administrator from previewing the emails of other users, please proceed as follows:
+
[[File:Umgm_archives_01.png|center|550px]]
  
* Log on as MailStore administrator (admin).
+
If archive access is unblocked, the folder ''Other Archives'' and its subfolders are visible in the main menu tree and MailStore administrators can view, search through and export any emails archived therein. In this case, administrative tasks such as renaming folders can also be performed through the folder structure.
* Click on ''Administrative Tools'' > ''Compliance'' and then on ''Compliance General''.
 
* Under ''Email preview'', click on ''Disable Preview''.  
 
  
If the preview is disabled, the folder ''Additional Archives (Restricted)'' and all its subfolders will appear grey. Administrators continue to be able to view the folder structures and their contents, including the header fields sender, recipient, subject and date, but no longer the email contents or any of the file attachments.
+
[[File:Compliance_general_preview_01.png|center|550px]]
  
[[Datei:Compliance_general_preview_01.png|center|550px]]
+
== Retention Policies ==
 +
By default, MailStore allows the immediate deletion of archived emails by users with the privilege ''Delete Emails''. With retention policies you can specify the maximum and minimum retention period of either all messages or only those that match certain search criteria. At the end of the retention period messages can be deleted from the archive either automatically by a corresponding retention policy or manually by users with sufficient privileges.
  
== Storage Guidelines ==
+
* [[File:Retention_Policies_01.png|right|350px]]Under ''Retention Policies'', click on ''Change...''.  
 
+
* Configure [[Retention_Policies|retention policies]] according to your needs.
Various operational or legal provisions regulate the minimum retention periods for emails liable to be archived. By predefining the storage guideline in MailStore you can define the earliest point in time at which emails may be removed from the archive.
+
* Click ''OK'' to confirm.<br clear=all />
 
 
To specify the storage guidelines, please proceed as follows:
 
 
 
* Log on as MailStore administrator (admin).
 
* Click on ''Administrative Tools'' > ''Compliance'' and then on ''Compliance General''.
 
* Under ''Storage Guideline'', click on ''Change...''.  
 
* Using the slide control, set the earliest point in time from which on archived emails may be deleted.
 
*: [[Datei:Compliance_general_retention_01.png|center|350px]]
 
* Click on ''OK'' to confirm.
 
 
 
Please note that at no time does MailStore remove emails from the archive automatically. Therefore, this setting only applies to users with the privilege ''Delete Emails''.
 
  
 
== Legal Hold ==
 
== Legal Hold ==
  
Mit Hilfe der Funktion ''Legal Hold'' ist es möglich, temporär das Löschen von E-Mails aus dem Archiv zu unterbinden. Die kann zum Beispiel im Falle von rechtlichen Auseinandersetzungen nötig sein, um dass irrtümliche Löschen von E-Mails, welche als Beweismittel dienen können, zu verhindern.
+
Enabling the ''Legal Hold'' feature temporarily prohibits deleting emails from the archive. This may become necessary in case of legal disputes to prevent the deletion of emails which may serve as evidence.
  
Zum Aktivieren oder Deaktivieren von ''Legal Hold'' gehen Sie wie folgt vor:
+
== Auditor Access ==
  
* Melden Sie sich als MailStore-Administrator (admin) an.
+
With the ''Auditor Access'' feature, a special user can be set up in MailStore who has read-access to all user archives that exist creation time of that auditor user. Please note that a free MailStore user license is necessary to create the auditor user.
* Klicken Sie auf ''Verwaltung'' > ''Compliance'' und dann auf ''Compliance Allgemein''.
 
* Klicken Sie im Bereich ''Legal Hold'' auf ''Legal Hold aktivieren''/''Legal Hold deaktivieren''.
 
  
== Auditor-Zugriff ==
+
* [[File:Compliance_general_auditor_01.png|right|350px]]Under ''Auditor Access'', click on ''Create Auditor User...''.
 +
* In the ''Create Auditor User'' window, specify a password for the new auditor user. The password must meet the [[Notes on Password Complexity|complexity rules]]. The user name is generated automatically.
 +
* Click on ''OK'' to create the new user.<br clear=all />
 +
Using MailStore Client, the auditor user can now log on to MailStore Server and browse the archive. However, an auditor user can neither archive or export any emails nor change his or her own password.
  
Im Falle einer Prüfung durch Dritte (z.B. Steuerprüfer) kann es nötig sein, diesen lesenden Zugriff auf das gesamte Archiv zu geben. Über die Funktion ''Auditor-Zugriff'' lässt sich ein spezieller Benutzer in MailStore anlegen, welcher automatisch Leserechte auf alle Benutzerarchive besitzt.  
+
== Password Policy ==
 +
By clicking on the corresponding button, the password policy for MailStore integrated users, which is enabled by default, can be disabled or re-enabled. Making changes to this settings requires confirmation by entering the admin password. Optionally, a reason for the change may be entered, which is recorded as part of the audit log entry in the audit protocol.
  
Zum Anlegen eines Auditor-Benutzers gehen Sie wie folgt vor:
+
<p class="msnote">'''Important notice:''' Disabling the password policy puts the security of your archive at risk. Thus disabling the policy is not recommended.</p>
  
* Melden Sie sich als MailStore-Administrator (admin) an.
 
* Klicken Sie auf ''Verwaltung'' > ''Compliance'' und dann auf ''Compliance Allgemein''.
 
* Klicken Sie im Bereich ''Auditor-Zugriff'' auf ''Benutzer anlegen...''.
 
* Legen Sie im Fenster ''Auditor-Benutzer anlegen'' ein Kennwort für den neuen Auditor-Benutzer an. Der Benutzername wird automatisch generiert und hat folgendes, an den Erstellungszeitpunkt angelehnte Format: <br><code>auditor-YYYYMMDD-HHMMSS</code>
 
*:[[Datei:Compliance_general_auditor_01.png|center|350px]]
 
* Klicken Sie auf ''OK'' zum Erstellen des Benutzers.
 
  
Der Auditor-Benutzer kann sich nun mit dem MailStore Client am MailStore Server anmelden und das Archiv durchsuchen. Er kann jedoch keine E-Mails archivieren oder exportieren, noch sein eigenes Passwort ändern.
 
 
[[en:Compliance General]]
 
  
  
 
[[de:Compliance Allgemein]]
 
[[de:Compliance Allgemein]]
 +
[[en:Compliance General]]

Latest revision as of 11:45, 15 May 2020

Under Administrative Tools > Compliance > Compliance General MailStore Server offers several features enabling you to meet operational as well as legal compliance requirements.

MailStore logs changes to these settings in the audit log. Additional information about event logging is available in chapter Auditing.

Compliance general 01.png

Archive Access

With this setting, access to the archives of other users by MailStore administrators can be unblocked or blocked. By default, MailStore administrators cannot access or search through other users' archive contents.

To change this setting, you have to enter your password again. You can optionally provide a reason for the change which is written into the audit log.

If archive access is blocked, other users' archive folders are not visible in the main menu tree and MailStore administrators do not have access to any emails archived therein. In this case, administrative tasks such as renaming folders can only be performed through the main menu item Administrative Tools > Users and Archives > Archives.

Umgm archives 01.png

If archive access is unblocked, the folder Other Archives and its subfolders are visible in the main menu tree and MailStore administrators can view, search through and export any emails archived therein. In this case, administrative tasks such as renaming folders can also be performed through the folder structure.

Compliance general preview 01.png

Retention Policies

By default, MailStore allows the immediate deletion of archived emails by users with the privilege Delete Emails. With retention policies you can specify the maximum and minimum retention period of either all messages or only those that match certain search criteria. At the end of the retention period messages can be deleted from the archive either automatically by a corresponding retention policy or manually by users with sufficient privileges.

  • Retention Policies 01.png
    Under Retention Policies, click on Change....
  • Configure retention policies according to your needs.
  • Click OK to confirm.

Legal Hold

Enabling the Legal Hold feature temporarily prohibits deleting emails from the archive. This may become necessary in case of legal disputes to prevent the deletion of emails which may serve as evidence.

Auditor Access

With the Auditor Access feature, a special user can be set up in MailStore who has read-access to all user archives that exist creation time of that auditor user. Please note that a free MailStore user license is necessary to create the auditor user.

  • Compliance general auditor 01.png
    Under Auditor Access, click on Create Auditor User....
  • In the Create Auditor User window, specify a password for the new auditor user. The password must meet the complexity rules. The user name is generated automatically.
  • Click on OK to create the new user.

Using MailStore Client, the auditor user can now log on to MailStore Server and browse the archive. However, an auditor user can neither archive or export any emails nor change his or her own password.

Password Policy

By clicking on the corresponding button, the password policy for MailStore integrated users, which is enabled by default, can be disabled or re-enabled. Making changes to this settings requires confirmation by entering the admin password. Optionally, a reason for the change may be entered, which is recorded as part of the audit log entry in the audit protocol.

Important notice: Disabling the password policy puts the security of your archive at risk. Thus disabling the policy is not recommended.