What the Pro’s Know: Exchange Management that’s 7x Faster

Your Expert Witness David Gibson VaronisBy David Gibson, Director of Technical Marketing and Strategic Sales at Varonis www.vasronis.com.

There is an evolution occurring with Exchange -- a shift from manual administration processes to automated management for critical Exchange tasks. Administrators who have moved to automation for activities such as the identification of mailbox owners, public folder owners, and stale data, activity spike detection, message activity auditing, etc. are finding their Exchange access and data management workload reduced by up to 70%.

To achieve this level of efficiency, administrators are leveraging the latest generation of data governance software automation for Exchange to answer questions such as:

• Who has access to a mailbox or public folder?
• Which of my executives’ mailboxes are overly accessible?
• Who should and should not have access to them?
• Who has been accessing mailboxes or public folders?
• Who do they belong to?
• Which containers are stale?
• How do we remediate excessive access without disrupting workflows?

Automation allows administrators to understand activity patterns over the entire platform, identify ownership of data, visualize access for all mailboxes and public folders across all information stores, easily identify stale mailboxes and public folders as well as optimize processes for consolidation and migration.

Mailbox & Delegation Rights Identification & Cleanup

Since users can make changes to their own mailbox/sharing permissions and inadvertently expose their own data, manual clean-up is an ongoing, time consuming process for administrators, made even more challenging since it is difficult to determine which users or processes are making legitimate use of this access.

With automation, administrators can focus on cleaning-up excessive, incorrect mailbox and sharing permissions instead of spending valuable time collecting permissions data. Data governance software for Exchange constantly collects and analyzes all permissions, captures all permissions changes and actual email message flow and mailbox/public folder access activity and provide actionable intelligence about excessive permissions. The more advanced Exchange management software will also provide sandbox environments, which can be leveraged to simulate changes prior to committing them; this simulation automatically calculates the probable disruptive impact of the change using the actual activity records.

Public Folder Cleanup and Ownership Assignment
Public folders suffer from the same challenges common to file shares, permissions are often not well maintained, activity is not easily tracked or analyzed, and ownership is often unknown. Public folder permissions contain mail enabled users and distribution groups— with manual methods, it is difficult to assess who has access to which public folders. As a result, over time, those permissions and group memberships often grow stale or become too permissive. Constantly creating reports to track permissions changes using manual methods can consume many hours of an administrators time on monthly basis.

Data Governance software in contrast provides automated processes for clean-up, ownership identification and assignment, and ongoing management of public folders. Owners are automatically identified through user activity metadata collection. Administrators are provided scheduled reports automatically that include information such as who has access, who should no longer have access, and who is accessing their data.

Message Activity Auditing and Tracking

Administrators face challenges collecting and analyzing Exchange activity since enormous amounts of messages are sent and received every day throughout a distributed infrastructure. Even if an administrator enables journaling on his Exchange servers, those separate journals need to be consolidated and aggregated. To keep the data for any period of time and make use of it, it needs to be normalized, processed, and analyzed so that it can be searched and sorted quickly for actionable information to be distilled. Worse, native journaling and diagnostic only capture a few kinds of access events—and no events at all on public folders, making complete messaging governance impossible.

Without technology that non-intrusively collects audit activity, processes it and presents data through interactive, dynamic interfaces, Exchange administrators are forced to spend precious time sorting through voluminous, disparate journals when searching for who sent which email to whom, etc or administrators are unable to perform this task at all, leaving Exchange vulnerable to security risks.

Identify Spikes in Email Activity~

It is difficult for Exchange administrators to identify changes in user access and transmission activity, whether due to workflow changes, configuration error, malicious activity, or malware. Increases in email activity can degrade system performance as well as signal possible security issues. Email worm and virus outbreaks are often difficult to spot, track, and eradicate. Exchange administrators often have to rely on the security team to analyze IDS/IPS and firewall logs to identify infected targets.

When software automation is in use, access activity is constantly being analyzed. As a result, when statistical deviations in normal access patterns occur, the software can automatically send a notification to the administrator who can quickly review and resolve any unauthorized email activity.

Stale Public Folders & Mailbox Identification

It is part of the normal processes with Exchange for public folders and mailboxes to no longer be in use. Without analysis of actual access activity, it is very difficult for administrators to identify which public folders and mailboxes are not being contributed to or accessed. While not being used, these folders and mailboxes provide little operational value to the organization and if the permissions are not current, they can create a security risk. Identifying stale data provides opportunities for cost savings and risk reduction.

Advanced data governance software for Exchange uses the record of actual access to determine which mailboxes and public folders are not being accessed, or have not been accessed by a non-automated process. These stale mailboxes and public folders can then be locked down and archived to reduce tier 1 storage costs and risk.

Distribution Group/Distribution List Management

Many distribution groups are managed manually by IT—users need to contact the helpdesk when they want to be added or removed from a list. With software automation, the distribution group/distribution list owner can be empowered to make those decisions themselves and have them carried out by automation, significantly reducing manual efforts.

Automation Efficiencies are Measurable

Creating a permissions report 30 Minutes (of IT time) 2 Minutes
Troubleshooting permissions problems 30 Minutes 5 Minutes
Fixing permissions 20 Minutes 5 Minutes
Email investigations 6 Hours 20 Minutes
Identifying the owner of a folder or mailbox 4 Hours 15 Minutes
Managing distribution groups 20 Minutes 0 Minutes

When accounting for the time spent—adding personnel to distribution groups, determining what happened to a missing email or calendar invite, tracking down who a public folder or mailbox belongs to and who has access to it—there is a sizable opportunity for operational savings and reducing risk through automation. With the latest generation of data governance software automation for Exchange, administrators are now able to protect and manage their Exchange mailboxes and public folders up to 7x faster
.
About Varonis Systems

Varonis is the leader in unstructured and semi-structured data governance for file systems, SharePoint and NAS devices, and Exchange servers. Named a "Cool Vendor" in Risk Management and Compliance by Gartner and voted one of the "Fast 50 Reader Favorites" on FastCompany.com, Varonis has more than 4,000 installations worldwide. Based on patented technology and a highly accurate analytics engine, Varonis' solutions give organizations total visibility and control over their data, ensuring that only the right users have access to the right data at all times. Varonis is headquartered in New York, with regional offices in Europe, Asia and Latin America, and research and development offices in Hertzliya, Israel