Polled download activity for the Non-Owner Mailbox Access Reporter revealed that over 87% of Exchange administrators are split nearly evenly between wanting to know non-owner mailbox access and BOTH owner and non-owner access. Both types of access won over basic non-owner access by slightly more than 3%. Just over 12% cite miscellaneous reasons for interest. The graph below contains the results of this poll:
For this many administrators to indicate a need or desire to audit both kinds of access should indicate that not only are Exchange’s native tools insufficient but also to reinforce the sensitive nature of mail files in general. Most compliance regulations specify explicit conditions for auditing and reporting on mail box access and with good reason. E-mail systems contain much of the intellectual property and sensitive information in nearly every organization today, large and small.
The Non-Owner Mailbox Access Reporter provides detailed reports on access to mail files and is easy to setup. With historical reporting capabilities, administrators and auditors can see who is trying to gain access to sensitive mail boxes and help improve security by identifying poor security configurations.
Are you auditing Active Directory, logon events and/or mailbox access? What would prompt you to pursue this information in greater detail? Please share your comments below.