Exchange Online Protection – EOP
Microsoft Exchange Online Protection (EOP) is a cloud-based email filtering service that helps protect Exchange users against spam and malware. EOP includes tools to safeguard organizations from messaging-policy violations. EOP runs within Microsoft data centres as a bundled provision for licensed Office 365 and Exchange users reducing problematic customer bandwidth risks, protecting email before delivery to all user devices, and simplifying the management of on-premise messaging environments and alleviating inherent costs that come with maintaining conventional on-premises hardware and software.
Microsoft Exchange EOP Features:
- Eliminates threats before they reach your business firewall with multi-layered, real-time anti-spam and multi-engine anti-malware protection.
- No extra hardware or software installation – EOP is a bundled service and runs from data centre, managing email before it is delivered to user devices.
- Protects your company’s IP reputation by using separate outbound delivery pools for high-risk email.
- Provides 5 financially backed SLAs, including protection from 100% of known viruses and 99% of spam.
- Active content, connection, and flexible policy-based filtering enables compliance with corporate policies and public sector/IT departmental governance.
- Leverages a globally load-balanced network of data centres helps to ensure a 99.999% network uptime.
- Managed and administered from the Exchange Administration Centre with a single web-based interface.
- Near real-time reporting and message trace capabilities provide insight into email environments by retrieving the status of any message that Exchange Online Protection processes.
- Available to non-Exchange users.
Exchange Email – data leakage & loss protection
From October 1st ComStat can provide support to help organisations and users manage data leakage and data protection.
On a large scale, data leakage is a serious issue which finds its way into national headlines. American retailer Target faced enormous losses and serious reputational damage in November 2013 when the company lost 40 million credit card numbers to hackers.
Small businesses may argue they do not face such risks, however small businesses are subject to the same data protection governance for due diligence regarding personal information, and even if a small business does not store credit card numbers electronically, users can still “leak” senstive date to third parties that can come back to haunt businesses.
ComStat network administrators have access to a large array of geographically relevant “policies” which can be established monitor outgoing email for sensitive information like credit card numbers, drivers licenses, passwords, in fact just about anything. On identification of an imminent “leak” users are notified with a number of options:
1. Users can override and permit transit of email, although the event is logged,
2. Sensitive information can be masked by the system,
3. Sensitive information can be delted,
4. Entire emails can be deleted with user notification.
ComStat’s engineers work with businesses with a strategy of using these kinds of tools to educate users of risk while enabling them to conduct their business with minimal obstruction.
In addition to monitoring email textual content, services also extend to identify attachments, which might comprise forms like applications, patents, etc.
Data leakage and data protection issues are difficult to meaasure because the risk of loss is usually hard to quantify until a significant event, by which time businesses can be exposed to substantial threat. As a lowest common denominator, however, businesses have an strict obligation to protect customer and third party personal information, and increasingly free email services like GMail, Yahoo, and Live do not provide tools to manage with the responsibilities European and UK law impose on businesses.
Although these services are aimed primarily at ComStat’s Exchange email users, the same tools are being expanded in 2014 and 2015 to encompass raw data storage like document libraries, spreadsheets, pdf’s, etc.
Please contact us to find out more about how our data protection services can help you.
Exchange Email – mobile device management
From Sept 25th, ComStat is providing management services for users and organisations who need help managing business information on mobile devices like laptops, tablets, and mobile phones.
While users increasingly connect to organizational data using multiple devices, the pace for keeping up with the protection of sensitive business and personal information has fallen behind that curve. Losing a mobile phone is one thing. Loss or theft of a mobile phone which holds business data is a potentially serious issue, and one which can put entities in breach of data protection laws.
ComStat’s mobile device management services enable us to manage an organisation’s mobile “fleet” in a number of ways:
1. Controlling access to services by equipment brand, or model, or user
2. Implementing selective or global PIN access to mobile devices
3. Temporary restrictions to services from mobile devices
4. Wiping all information associated with user accounts.
For instance, if Alex loses a mobile phone in Frankfurt, he can probably get the SIM stopped rapidly. However, without management tools of some kind in place, whoever has custody of the phone has potential access to everything on Alex’ desktop at work. On notofication of loss, ComStat engineers can invoke any of the techniques above to restrict or stop all services associated with Alex’ account instantly.
The issue of “mobile” data protection is important for another reason. Entities who give you or your organisation access to their personal data expect a duty of care requiring the “custodian” to use the data for the purposes it wa given and to protect it. In cases where mobile devices are lost, information which at law belongs to your customers and which falls into someone else’s hands may leave you or your organisation with reputational and potentially legal liability.
Please contact us for more information about data loss protection and mobile device management services.
Exchange Server Deployment Assistant
Microsoft’s Exchange Server Deployment Assistant helps engineers to prepare for migration of Exchange Server environments to current versions of Exchange. Migration has always been an obstacle for organisations and engineers alike, and even in 2014, organisations ran platforms dating as far back as Exchange 2010, 2007, and 2003.
It is understandable why earlier versions of Exchange pose difficult choices – in 2003, nobody understood how cloud based infrastructures would develop commercially. Exchange 2010 was the first platform designed with consideration for future cloud developments. Whereas once backups were a major consideration, the evolution of Exchange’s Database Availability Groups (DAG) means that with mail databases replicating across multiple servers, backup practices which sag under ever increasing data volumes, have given way to the alternate pursuit of high availability services which make single points of failure a minimal risk.
Plotting a path for migration is not for the faint hearted. Neither Exchange 2003 nor 2007 can be migrated to 2013. Exchange 2007 needs a path of some description via 2010, and problems with 2003 migration can be alleviated with some nifty tricks in Exchange 2013 Online by porting ‘2013 to 2010 Client Access Server (CAS) and then conducting migration to Exchange 2013 Online.
Microsoft’s Exchange Server Deployment Assistant gives both engineers and IT advisors an invaluable roadmap for bringing services into line with today’s powerful functionality.
Exchange Email – EOP antivirus/spam
With effect from September 1st, ComStation.co.uk is providing support network administration for EOP security tools for email.
EOP (Exchange online Protection) is a Microsoft solution for managing virus, spam, phishing and other malicious formats. Critically, the service is managed at the data centre for incoming AND outgoing email. Managing incoming email in this way reduces the risk of contaminated email reaching users’ machines.
Microsoft estimates that over two thirds of email transiting the Internet is junk, spam, or malicious. In the field, ComStat devotes significant time to repairing customer equipment compromised by users inadvertently opening suspect email.
EOP includes control panels for customising filtering, IP blocks, domain name blocks, and more. EOP also integrates with ComStation.co.uk tools for data leakage protection, enabling organisations to manage senstive information in outgoing email which might include regulated personal data, credit card numbers, other company information, etc. Invoking data policies in thi way helps organisations to educate employees. Systems can be configured to allow users to override system recommendations while logging user decisions, and also unilateral suppression of sensitive information (e.g. credit card numbers, passwords, etc.)
EOP does not manage over PC security, however is a game changing solution for end users because it minimizes risk of costly damage to buiness networks and machines. Also, because the security process is managed at the data centre, ComStat is able to deliver “clean” email not only to user workstations, but also to the user’s connected devices like mobile phones, laptops and tablets.
EOP was orginally developed to support Microsoft Exchange, and is more than anything else specialised software that deals with email. In this respect, EOP’s email protection services are often more comprehensively tooled than conventional Anti Virus applications, and is used widely by the world’s largest businesses.
EOP is included in ComStat’s subscription email services for business users. EOP can be provided as a standalone solution (£2.00/mo per user account, £20.00 annual) for services provided by third party data centres.