Exchange Server compliance reporting

Emails have become an integral part of every business. Since the majority of workplace communications involve emails, organizations need to adhere to several industry regulations on messaging compliance to ensure their data is secure. Exchange Reporter Plus' compliance reports are grouped together so you can easily find the policy you need, such as SOX, HIPAA, PCI DSS, and GLBA.

Sarbanes-Oxley Act (SOX)

SOX compliance is primarily about safeguarding financial data. While SOX is not directly related to emails, it does state that organizations should retain information about all financial transactions. It also includes provisions about data security and access control, IT infrastructure auditing, and change management. Exchange Reporter Plus makes SOX compliance easier by helping you:

Exchange Server compliance reporting

  • Monitor user logon activity
  • Audit activated and deactivated mailboxes
  • Track mounted and dismounted Exchange databases
  • Monitor user actions on Exchange databases
  • Detect failed OWA logon attempts
  • Track changes to:
    • Mailbox storage quotas
    • Message size restrictions
    • Hub transport settings
    • Send and receive connectors
    • Circular logging

Health Insurance Portability and Accountability Act (HIPAA)

HIPAA requires organizations transmit health information and patient details carefully. This holds true especially for health organizations and businesses that deal with health insurance. Under HIPAA, the protection of confidential data is held to the highest standard; to aid in this, Exchange Reporter Plus offers the following Exchange HIPAA compliance reports:

  • Track non-owner mailbox logons
  • View details about undelivered emails
  • Check the traffic of messages sent and received by users
  • Audit deleted or moved emails
  • Locate messages by keywords in their subject or body

Payment Card Industry Data Security Standard (PCI DSS)

This act requires that all organizations involved in payment card (credit/debit) transactions have a secure environment to avoid any security breaches that might compromise customers' data. Organizations can use access control to reduce the risk of security breaches and keep their Exchange environment PCI-compliant. Exchange Reporter Plus offers PCI compliance reports that cover all your access control needs:

  • Audit changes to mailbox permissions
  • Track permissions based on mailboxes and users
  • Locate messages by keywords in their subject or body
  • Isolate messages based on keywords in attachment file names
  • Detect failed OWA logon attempts
  • Monitor the number of emails sent to/received from external domains

Gramm-Leach-Bliley Act (GLBA)

Any organization that provides financial services to customers needs to comply with GLBA. This act requires organizations protect confidential customer data by restricting/preventing non-owner access to data. Exchange Reporter Plus helps organizations monitor data access to:

  • Track admins' mailbox activity
  • Audit delegated mailbox activity
  • Identify non-owner mailbox activity
  • List deleted or moved emails
  • Track changes to mailbox permissions
  • Audit permissions based on mailboxes and users

Exchange Reporter Plus' compliance reporting helps organizations assess their adherence to several regulatory mandates. Use these compliance reports to ensure security and avoid data leaks. Audit most versions of Microsoft Exchange Server, including 2007, 2010, 2013, and 2016.

Exchange Reporter Plus is a web-based analysis, change auditing, and monitoring solution for Exchange servers. It helps you monitor the health of Exchange services and components, audit your event logs, fetch mailbox insights, and more. The reports can be exported to a destination folder in any format, including CSV, PDF, XLS, or HTML. Download a free trial today to see how simple Exchange administration can be.

Exchange Reporter Plus trusted by