Exchange Server compliance reporting

Emails have become an integral part of every business. Since the majority of workplace communications involve emails, organizations need to adhere to several industry regulations on messaging compliance to ensure their data is secure. Exchange Reporter Plus' compliance reports are grouped together so you can easily find the policy you need, such as SOX, HIPAA, PCI DSS, GLBA, GDPR, and FISMA.

Sarbanes-Oxley Act (SOX)

SOX compliance is primarily about safeguarding financial data. While SOX is not directly related to emails, it does state that organizations should retain information about all financial transactions. It also includes provisions about data security and access control, IT infrastructure auditing, and change management. Exchange Reporter Plus makes SOX compliance easier by helping you:

Exchange Server compliance reporting

  • Monitor user logon activity
  • Audit activated and deactivated mailboxes
  • Track mounted and dismounted Exchange databases
  • Monitor user actions on Exchange databases
  • Detect failed OWA logon attempts
  • Track changes to:
    • Mailbox storage quotas
    • Message size restrictions
    • Hub transport settings
    • Send and receive connectors
    • Circular logging

Report on and audit Exchange Online using Exchange Reporter Plus.

Health Insurance Portability and Accountability Act (HIPAA)

HIPAA requires organizations transmit health information and patient details carefully. This holds true especially for health organizations and businesses that deal with health insurance. Under HIPAA, the protection of confidential data is held to the highest standard; to aid in this, Exchange Reporter Plus offers the following Exchange HIPAA compliance reports:

  • Track non-owner mailbox logons
  • View details about undelivered emails
  • Check the traffic of messages sent and received by users
  • Audit deleted or moved emails
  • Locate messages by keywords in their subject or body

Payment Card Industry Data Security Standard (PCI DSS)

This act requires that all organizations involved in payment card (credit/debit) transactions have a secure environment to avoid any security breaches that might compromise customers' data. Organizations can use access control to reduce the risk of security breaches and keep their Exchange environment PCI-compliant. Exchange Reporter Plus offers PCI compliance reports that cover all your access control needs:

  • Audit changes to mailbox permissions
  • Track permissions based on mailboxes and users
  • Locate messages by keywords in their subject or body
  • Isolate messages based on keywords in attachment file names
  • Detect failed OWA logon attempts
  • Monitor the number of emails sent to/received from external domains

Gramm-Leach-Bliley Act (GLBA)

Any organization that provides financial services to customers needs to comply with GLBA. This act requires organizations protect confidential customer data by restricting/preventing non-owner access to data. Exchange Reporter Plus helps organizations monitor data access to:

  • Track admins' mailbox activity
  • Audit delegated mailbox activity
  • Identify non-owner mailbox activity
  • List deleted or moved emails
  • Track changes to mailbox permissions
  • Audit permissions based on mailboxes and users

General Data Protection Regulation (GDPR)

The GDPR is for companies that are either located in the European Union (EU) or that process EU customers' personal data in any way. By complying with the GDPR, you can protect personal data as well as your organization's integrity. Non-compliance can lead to major consequences such as a €20 million fine or four percent of your global turnover in penalities. Exchange Reporter Plus helps you comply with the GDPR by allowing you to:

  • Locate messages based on the attachment file name or extension, as well as keywords in the content or body.
  • Track changes to mailbox permissions.
  • View emails that have been deleted or moved across folders in your organization's mailboxes.
  • Detect non-owner mailbox logons.
  • Receive real-time alerts when any change has been made to critical components in your organization.

Federal Information Security and Management Act (FISMA)

FISMA is a United States federal law that requires security and protection of all data collected by or for federal agencies. Private companies that have contracts with the government are also required to comply with this law. Exchange Reporter Plus offers FISMA compliance reports that help you:

  • Track non-owner mailbox logons.
  • Detect failed OWA logon attempts.
  • View details about users logging on to their mailboxes using OWA.
  • View admins', delegates', and owners' activities on your organization's mailboxes.
  • Audit deleted or moved emails.
  • Track changes to mailbox permissions.

Exchange Reporter Plus' compliance reporting helps organizations assess their adherence to several regulatory mandates. Use these compliance reports to ensure security and avoid data leaks. Audit most versions of Microsoft Exchange Server, including 2007, 2010, 2013, and 2016.

Exchange Reporter Plus is a web-based analysis, change auditing, and monitoring solution for Exchange servers. It helps you monitor the health of Exchange services and components, audit your event logs, fetch mailbox insights, and more. The reports can be exported to a destination folder in any format, including CSV, PDF, XLS, or HTML. Download a free trial today to see how simple Exchange administration can be.

Generate reports that help in compliance to SOX, HIPAA, PCI DSS, GLBA, GDPR, and FISMA regulations.

  Download a free trial now!  Request demo

Exchange Reporter Plus trusted by

A single pane of glass for Exchange Server Monitoring, Reporting and Auditing