Security Basics mailing list archives
RE: Former Employee Email - Exchange
From: "Evert Breero" <Evert.Breero () aapt com au>
Date: Sat, 19 Jan 2008 16:44:26 +1100
Hi, I know the dilemma that you face. In our organisation, when an employee leaves, the user's LAN and Email account is automatically disabled once the account is terminated within the HR system. This great as you don't have to worry about disabling the account manually, however the problem comes in when you need to gain access to past emails for Management or staff taking over, as once the LAN account becomes active again, then Metadirectory which sits between SAP and AD, will again automatically disable the account. In these case, staff approach my department, and we will gain access to the mailbox, extract business related info, create a PST, and hand this over to the requestor. With the mailbox, as this is disabled, whenever a email is sent to it, it will display a message stating the mailbox is unavailable. In most cases, we don't take any action on the disabled mailbox unless requested. However, after the account is disabled for a period of 45 days, the emails are archived, the account is removed from AD. Should the email ever be needed with regards to a court case, it can be retrieved from the archives, and restored for the requestor. Hope this helps. -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of nextdrewsaid () gmail com Sent: Saturday, 19 January 2008 6:27 AM To: security-basics () securityfocus com Subject: Former Employee Email - Exchange The situation I have on my hands is something that I am sure many of you deal with on a somewhat regular basis; however, I am sure in each case it is handled differently. When an employee leaves the company, how do you handle their email? Initially, in our case, an auto response is put up stating that the user is no longer with the company, and that you should contact "this person" for assistance etc... Several times we have created a PST of the former employees email, and then import that PST into the persons email box who has replaced them or we have passed it off to their former manager, of course we place it in a separate folder so as not mingle with their own email. So how do you handle old email, specifically containers in an Exchange 2003 environment? I would be interested in all thoughts, from security, regulatory and logistical point of view. This communication, including any attachments, is confidential. If you are not the intended recipient, you should not read it - please contact me immediately, destroy it, and do not copy or use any part of this communication or disclose anything about it.
Current thread:
- Former Employee Email - Exchange nextdrewsaid (Jan 18)
- Re: Former Employee Email - Exchange patricekemoe (Jan 18)
- RE: Former Employee Email - Exchange Lee Bottone (Jan 19)
- Re: Former Employee Email - Exchange Kurt Buff (Jan 19)
- RE: Former Employee Email - Exchange Evert Breero (Jan 19)
- RE: Former Employee Email - Exchange Roger Onken (Jan 21)
- Re: Former Employee Email - Exchange Jay (Jan 22)
- Re: Former Employee Email - Exchange patricekemoe (Jan 18)