Difference between revisions of "Compliance General"
| [quality revision] | [checked revision] |
| (4 intermediate revisions by 2 users not shown) | |||
| Line 32: | Line 32: | ||
== Auditor Access == | == Auditor Access == | ||
| − | With the ''Auditor Access'' feature, a special user can be set up in MailStore who has read-access to all user archives. | + | With the ''Auditor Access'' feature, a special user can be set up in MailStore who has read-access to all user archives that exist creation time of that auditor user. Please note that a free MailStore user license is necessary to create the auditor user. |
* [[File:Compliance_general_auditor_01.png|right|350px]]Under ''Auditor Access'', click on ''Create Auditor User...''. | * [[File:Compliance_general_auditor_01.png|right|350px]]Under ''Auditor Access'', click on ''Create Auditor User...''. | ||
| − | * In the ''Create Auditor User'' window, specify a password for the new auditor user. The user name is generated automatically. | + | * In the ''Create Auditor User'' window, specify a password for the new auditor user. The password must meet the [[Notes on Password Complexity|complexity rules]]. The user name is generated automatically. |
* Click on ''OK'' to create the new user.<br clear=all /> | * Click on ''OK'' to create the new user.<br clear=all /> | ||
Using MailStore Client, the auditor user can now log on to MailStore Server and browse the archive. However, an auditor user can neither archive or export any emails nor change his or her own password. | Using MailStore Client, the auditor user can now log on to MailStore Server and browse the archive. However, an auditor user can neither archive or export any emails nor change his or her own password. | ||
| + | |||
| + | == Password Policy == | ||
| + | By clicking on the corresponding button, the password policy for MailStore integrated users, which is enabled by default, can be disabled or re-enabled. Making changes to this settings requires confirmation by entering the admin password. Optionally, a reason for the change may be entered, which is recorded as part of the audit log entry in the audit protocol. | ||
| + | |||
| + | <p class="msnote">'''Important notice:''' Disabling the password policy puts the security of your archive at risk. Thus disabling the policy is not recommended.</p> | ||
| + | |||
| + | |||
| + | |||
[[de:Compliance Allgemein]] | [[de:Compliance Allgemein]] | ||
[[en:Compliance General]] | [[en:Compliance General]] | ||
Latest revision as of 11:45, 15 May 2020
Under Administrative Tools > Compliance > Compliance General MailStore Server offers several features enabling you to meet operational as well as legal compliance requirements.
MailStore logs changes to these settings in the audit log. Additional information about event logging is available in chapter Auditing.
Archive Access
With this setting, access to the archives of other users by MailStore administrators can be unblocked or blocked. By default, MailStore administrators cannot access or search through other users' archive contents.
To change this setting, you have to enter your password again. You can optionally provide a reason for the change which is written into the audit log.
If archive access is blocked, other users' archive folders are not visible in the main menu tree and MailStore administrators do not have access to any emails archived therein. In this case, administrative tasks such as renaming folders can only be performed through the main menu item Administrative Tools > Users and Archives > Archives.
If archive access is unblocked, the folder Other Archives and its subfolders are visible in the main menu tree and MailStore administrators can view, search through and export any emails archived therein. In this case, administrative tasks such as renaming folders can also be performed through the folder structure.
Retention Policies
By default, MailStore allows the immediate deletion of archived emails by users with the privilege Delete Emails. With retention policies you can specify the maximum and minimum retention period of either all messages or only those that match certain search criteria. At the end of the retention period messages can be deleted from the archive either automatically by a corresponding retention policy or manually by users with sufficient privileges.
- Under Retention Policies, click on Change....
- Configure retention policies according to your needs.
- Click OK to confirm.
Legal Hold
Enabling the Legal Hold feature temporarily prohibits deleting emails from the archive. This may become necessary in case of legal disputes to prevent the deletion of emails which may serve as evidence.
Auditor Access
With the Auditor Access feature, a special user can be set up in MailStore who has read-access to all user archives that exist creation time of that auditor user. Please note that a free MailStore user license is necessary to create the auditor user.
- Under Auditor Access, click on Create Auditor User....
- In the Create Auditor User window, specify a password for the new auditor user. The password must meet the complexity rules. The user name is generated automatically.
- Click on OK to create the new user.
Using MailStore Client, the auditor user can now log on to MailStore Server and browse the archive. However, an auditor user can neither archive or export any emails nor change his or her own password.
Password Policy
By clicking on the corresponding button, the password policy for MailStore integrated users, which is enabled by default, can be disabled or re-enabled. Making changes to this settings requires confirmation by entering the admin password. Optionally, a reason for the change may be entered, which is recorded as part of the audit log entry in the audit protocol.
Important notice: Disabling the password policy puts the security of your archive at risk. Thus disabling the policy is not recommended.
