Prepare for the ADS What to bring with you to a presentation, and what to find out beforehand Understand general company size, number of offices and office locations, and the industry that the business operates Determine which regulations the customer’s operations are subject to. Do not assume that all companies in a vertical market are subject to the same regulations (or same subsections). Make note of the different jurisdictions the customer’s operations take place in; they may have wildly different requirements that will affect technical deployment choices. Determine if the customer already has a compliance and governance solution in place. Focus on how UC features are designed to allow better integration with third-party solutions and is not intended as a complete solution. Find out what other types of content they may need to keep track of for compliance, as that helps identify whether the current solution will need to be upgraded or replaced.

NameTitleMicrosoft Archiving & Compliance Architecture Design Session

Solution Overview Technology Overview Point out technologies for relevant capabilities Discuss technologies Architecture Discussion Discuss Architecture Decision Points POC Planning Develop scope and specifications for POC VPC-based demo View the capabilities in action Show various possibilities Vision scope input from solution briefing Solution Briefing Summary

Architecture Design Session Vision scope input from solution briefing Solution Briefing Summary

Managing high volume of Data Managing high volume of Data Message Discovery & Timely Retrieval of data Message Discovery & Timely Retrieval of data Business data out of control of IT Business data out of control of IT Compliance is more costly and hard to manage Compliance is more costly and hard to manage Regulatory Mandates Regulatory Mandates Priority Challenges Presenter: Complete this section prior to the presentation. Confirm and verify that you’re still tracking with the customer’s priority challenges, drivers and technical requirements discussed in Solution Briefing. Centralizing data for easy and anywhere access Centralizing data for easy and anywhere access Establish pervasive log and audit trails for Establish pervasive log and audit trails for Lower the cost of auditing and compliance Lower the cost of auditing and compliance Priority Drivers Summary of Pains and Drivers Technical Requirements Message archiving, retention, and discovery Message archiving, retention, and discovery Data Retention support for ongoing compliance, litigation, or personnel matters Data Retention support for ongoing compliance, litigation, or personnel matters Storage Management balance mailbox size demands with available storage resources Storage Management balance mailbox size demands with available storage resources Multi-level policy enforcement for VoIP, Web conferencing, IM, , and voic Multi-level policy enforcement for VoIP, Web conferencing, IM, , and voic

Architecture Design Session Solution Overview VPC-based demo View the capabilities in action Show various possibilities Vision scope input from solution briefing Solution Briefing Summary

Authentication Administration Storage Compliance Authentication Administration Storage Compliance Audio Conferencing and Calendaring and Calendaring Web Conferencing Web Conferencing Telephony Video Conferencing Video Conferencing Voice Mail Instant Messaging (IM) Authentication Administration Storage Authentication Administration Storage Authentication Administration Storage Authentication Administration Storage Authentication Administration Storage Authentication Administration Storage Authentication Administration Storage Authentication Administration Storage Authentication Administration Storage Authentication Administration Storage Authentication Administration Storage Authentication Administration Storage Authentication Administration Storage Authentication Administration Storage Telephony and Voice Mail Telephony and Voice Mail Instant Messaging and Calendaring Unified Conferencing: Audio, Video, Web On-Premises or in the Cloud Communications Today

Streamline Communications Amplify Protection and Control Provide a Unified and Extensible Platform Across DevicesPC, Mobile, Web Increase Efficiency and Flexibility Maximize IT Resources with S+S Authentication Administration Storage Compliance Authentication Administration Storage Compliance Unified Identity, Presence, and Inbox On-Premises or in the Cloud Microsoft Unified Communications Increased productivity through communications convergence

ScenariosScenarios ProductsProducts On Premise Hosted by Microsoft DeliveryDelivery IM and Presence Unified Messaging and Calendaring VoIP Mobility Hosted by Microsoft or by Partners Hosted by Partners Microsoft UC Products and Services Conferencing

UC Journey Through Infrastructure Optimization identify where you are identify where you want to be Basic , file shares, mostly phone based communication Standard platform for secure and IM Ad hoc teaming around functions & projects based on IT standards Increasing unification of communication channels Fully managed collaboration platform and pervasive access Seamless collaboration across the firewall Federation of communication information and policy IT is a strategic asset IT is a business enabler IT is an Efficient cost center IT is a cost center

Identifying Target Maturity Level IM & Presence Voice Conferencing Messaging Work with your customer to agree on where they are and where they want to be. This portion of the presentation will fail if it is not interactive. Use the highlight boxes to show each stage (where they are, where they want to be) Legacy TDM PBX, traditional phones Limited voice mail and call routing Highly available hybrid telephony infrastructure Online & offline access to voice mail Managed call routing Encrypted voice infrastructure with unified inbox accessible from PCs, phones, & web browsers Managed storage Presence-based call routing Integrated voice platform for IM/presence; conferencing with LOB applications Auto-remediation, proactive monitoring of call quality Federated identity and presence-based call routing Rich mailbox & calendaring Secure, remote, online & offline access Basic AV/AS/AP protection and disaster recovery Solution supports encryption Business continuity with AS/AP and multi-layer AV protection Support advanced policy- driven message controls Provisioning for user inboxes Basic with no remote access and with limited security Minimal or decentralized IT support User inboxes are fully managed by IT Seamless business continuity with multiple AV/AS protection Advanced policy control to mobile devices & applications Integration with LOB applications Federation of calendar Public IM/online presence, ad-hoc use for daily business Secure access from inside & outside the firewall Supports peer-to-peer voice & video communications Presence enabled client Secure IM/online presence accessible from a variety of devices and integrated into enterprise productivity & collaboration platform Persistence group chat Supports federation and integration with LOB applications Sporadic use of audio & web conferencing Limited video conferencing capabilities Integrated & secure conferencing platform Supports high-quality audio & video Remotely accessible collaboration features Secure web conferencing accessible from remote locations and devices IT-managed video conferencing with limited remote access Contextual unified conferencing solution tightly integrated with collaboration infrastructure and LOB applications

Archiving & Compliance

Org Archive Keeps all Allows Org Control Optimized for Search World Today: Repositories Exchange (MBs) Org Archive (PBs) Personal Archive (TBs) Outlook PSTs (GBs) Backup Tape/Disk Backups Item Level Backups Backups uncommon and difficult Manual unsupported backups Replication Common Backups Less Common Replication Only Size Require Replication End User Access PSTs Circumvents Quota Highly Portable Mailbox Highly Available Rich Client Access Personal Archive Circumvent Quota Allows Org Control Replicated Backups

Why Archive ? Storage Management Balance mailbox size demands with available storage resources Reduce the proliferation of.PST files stored outside of IT control Improve overall application and network performance Data Retention Meet industry and regulatory data retention requirements Support ongoing compliance, litigation, or personnel matters Preserve valuable intellectual property and corporate assets Discovery Respond to strict timelines for legal discovery orders Reduce costs involved in searching for and retrieving data Report on communications as part of auditing procedures

Multiple Mandates…. Sarbanes-Oxley Act 21 CFR Part 11 USA Patriot Act Bill 198 European Union Markets in Financial Instruments Directive Basel II HIPAA Gramm-Leach-Bliley Act The European Union Data Protection Data Protection Act. SEC Rule 17a -4 NASD Rule 3010 Universal Market Integrity Rules Companies Act Federal eDiscovery Rules Bank Secrecy Act Financial risk management related to credit, capital allocation, market, insurance Business best practices Quality assurance /standards Hiring policy and processes Health and Safety IT governance Service level agreements Internal Governance, Risk and Compliance (GRC) External

Challenges to Archiving

Unified Communications Archiving & Compliance Overview Three categories of capabilities Message archiving and retention AuditingDiscovery Journaling and archival are different Journaling is a mechanism for recording all communication, to be used in retention, discovery, and archival Archiving stores, indexes, and retrieves messaging data Exchange Hosted Services Archiving service provides an extensive range of archiving and discovery capabilities Smaller organizations may choose to use an Exchange Server as an archive but it is not explicitly supported.

UC In-Place Archiving & Compliance Provide a richer feature set incorporating customer feedback and take archive and discovery to the cloud Archive on a separate DB Archive in the cloud Outlook 2007 Support PST Import into Archive Admin Delegation EWS Support Search Preview De-duplication Search and Destroy Annotations Cross Premise Search CmdLet Auditing Non-Owner Auditing Managed through EMC EWS Support for Archive Support for Tasks, Calendar and Voic Move/Delete Policy Automatically move content from the Primary to Archive dumpster Managed through ECP Hold Policy Audit Policy Mailbox audit Manage through ECP, cmdlets Report and exports results

Architecture Design Session Solution Overview Technology Overview Point out technologies for relevant capabilities Discuss technologies VPC-based demo View the capabilities in action Show various possibilities Vision scope input from solution briefing Solution Briefing Summary

Keep Delete Keep Archives Backups for Compliance Transport Journaling Selectively Retain Message Retention Management Mailbox Journaling Delete Mailbox Quotas Keep It or Delete It Org Profile Litigation Risk Small Medium Orgs Relatively tight budgets Archive optional Org Profile SOX, JSOX, CSOX, LSF, L262, etc. Financials/Govt. agencies Large Orgs Large Budgets Archive optional High Discovery Cost

In-Place Archiving… Archive on a separate DB Archive in the cloud Outlook 2007 Support PST Import into Archive Admin Delegation EWS Support Managed through EMC EWS Support for Archive Support for Tasks, Calendar and Voic Move/Delete Policy Search Preview De-duplication Search and Destroy Annotations Cross Premise Search cmdLet Auditing Non-Owner Auditing Automatically move content from the Primary to Archive dumpster Managed through ECP Hold Policy Audit Policy Mailbox audit Manage through ECP, cmdlets Report and exports results Provide a richer feature set incorporating customer feedback and take archive and discovery to the cloud

Familiar Personal Archive A specialized Exchange mailbox configured and associated with the user’s primary mailbox Delivers your users a familiar experience by seamlessly surfacing in both Outlook and Outlook Web App Your users can use the same skills and methods they already use today to interact with archive “Drag and Drop” to folders Create folders and categorize Conduct searches and filter results Reply to messages and set flags Separate quotas may be set for archive and primary mailboxes Archive Primary Mailbox

Seamless User Experience Primary mailbox folder hierarchy maintained Conversation view scoped to archived Read, reply, and navigate archived same as live

One User Search Experience Same search steps with option to search across archived

Streamlined Administration Use your existing Exchange admin skills and tools to manage and deploy the personal archive Enable the archive on an existing mailbox Set separate quota for archive mailbox Add an archive when creating a new mailbox

Support for Tiered Storage

Archive and the User Delegation Support for delegating primary and archive mailbox.

PST Import and Export Native support for PST export and import from Exchange Same job scheduling semantics as mailbox moves Ability to import directly into the archive

Archive and the Cloud On-Premises Cloud On-Premises

Archive in the cloud

Web-Based Multi-Mailbox Search Rich search criteria and targeting options Delegate capability to specialist users Results stored in specialized discovery mailbox Empower compliance officers to conduct multi- mailbox searches with ease

Simplified e-Discovery Results Mailbox searches include results from primary and archive mailboxes, as well as recoverable items Attachments included with search results One query searches all possible locations Use built-in search and filtering to conduct additional investigation

Improved Workflow Search preview provides info on estimated number of results with keyword statistics before copying result set to designated discovery mailbox De-duplication of search results copies only one instance of a message Searchable annotation offers tagging of reviewed items

On-Premises & Cloud Discovery Search Tools

In-Place Compliance… Archive on a separate DB Archive in the cloud Outlook 2007 Support PST Import into Archive Admin Delegation EWS Support Personal Archive Managed through EMC EWS Support for Archive Support for Tasks, Calendar and Voic Move/Delete Policy Search Preview De-duplication Search and Destroy Annotations Cross Premise Search Cmdlet Auditing Non-Owner Auditing Automatically move content from the Primary to Archive dumpster Managed through ECP Hold Policy Multi-Mailbox Search Audit Policy Mailbox audit Manage through ECP, cmdlets Report and exports results Provide a richer feature set incorporating customer feedback and take archive and discovery to the cloud

Retention Management Set policies that allow you to define, deploy, and automate the expiry and archiving of Automatically move content to personal archive Time-based criteria (such as older than 2 years) Preserves primary mailbox folder hierarchy Automatically move content to personal archive Time-based criteria (such as older than 2 years) Preserves primary mailbox folder hierarchy Automatically delete content Time-based criteria (such as older than 2 years) Retention policies travel with archived messages Automatically delete content Time-based criteria (such as older than 2 years) Retention policies travel with archived messages Automatically move message to archive after ‘x’ months, then delete from archive after ‘y’ months More specific policies override generic defaults Automatically move message to archive after ‘x’ months, then delete from archive after ‘y’ months More specific policies override generic defaults Archive Policy Retention Policy Combined Policies

Granular Yet Flexible Policies Apply Retention and Archive policies to individual messages Retention policy and expiry details Allow your users to select policies for items or folders in Outlook and Outlook Web App Policies assigned to all within a folder

Simplified Configuration Create and manage Retention Policies in the Exchange Management Console

Optional Retention Tags Additional policies for special projects, or roles (e.g., HR) Archive Policy Delete Policy

Preserve: Move Primary Mailbox Message delivered (Policy applied) Deleted Items Inbox …… Messages moved 2 years after receipt Archive Mailbox Admin Created Default Move Policy of 2 years Deleted Items Inbox …… Admin Move Policies Only

Primary Mailbox Deleted Items Inbox …… Messages moved 2 years after receipt Archive Mailbox Admin created Default Move Policy of 2 years Optional Move Policy of 5 years User applied User Policy of 5 years applied to Project X folder (can also be applied to item only) Deleted Items Inbox …… Message moved to Project X folder Project X Message moved 5 years after receipt Project X Preserve: Move Admin + User Move Policies

Primary Mailbox Message delivered (Policy applied) Deleted Items Inbox …… Messages moved 2 years after receipt Archive Mailbox Admin Created Default Move Policy of 2 years, Delete Policy of 10 years Deleted Items Inbox …… Messages deleted 10 years after receipt Preserve: Delete Admin Move and Delete Policies Only

Primary Mailbox Deleted Items Inbox Messages moved 2 years after receipt Archive Mailbox Admin created Default Move Policy of 2 years, Delete Policy of 10 years Optional Move Policy of 5 years, Delete Policy of Never User applied Optional Policy of 5 years applied to Project X folder Optional Policy of Never applied to Item “Contract” Deleted Items Inbox Message moved to Project X folder Project X Messages moved 5 years after receipt Project X Messages deleted 10 years after receipt RE:Contract Message Never Deleted Preserve: Move and Delete Admin + User Move and Delete Policies

Preserve: Retention Hold Administrator override to pause all message retention policy actions when employee on vacation

Overview Hold Policy captures all edits/deletes irrespective of user or admin access Users can receive notification they are on hold; eliminates manual process Scenarios Litigation hold: capture all indefinitely for pending lawsuit or internal investigation Single item recovery: ensure that remains available for X days for retrieval without restore from backup Preserve: Hold Policy

Set legal hold to capture all changes indefinitely Captured data found in multi- mailbox search results Optionally set an “on hold” alert message for users with Outlook 2010 Provides separate settings to enable single item restore Capture any edits or deletions to items made by the user under hold Preserve: Legal Hold

Enable auditing and reporting capabilities to our previous feature set. Managed Folders: Logging for creation of folders, moving messages to a folder, deletion or mailbox journaling of items Export-Mailbox search logging included in log capabilities PowerShell logging for who/what cmdlets are run Transport Journaling Configuration logging provides audit trails for compliance Statistical reports identify non-compliant users Preserve: Audit

Audit: Audit Configuration Configured per tenant organization Logged to tenant arbitration mailbox Results can be searched/exported using Audit: Audit Mailbox Configure per mailbox Logged to special Audit folder in user mailbox Results can be searched/exported Preserve: Audit

Journaling Default per-database journaling with Standard CAL (same as Exchange 2003) Per-user, per-DL, and org-wide journaling with Enterprise CAL (new in Exchange 2010) Journal by policy with journal rules using wizard Journal to any valid SMTP address: Exchange mailbox Exchange Hosted Archive Third-party archival products

Journaling Features Includes clear text copies of protected messages and attachments in journal mailbox Enables virus scanning, content filtering, and content-based rules on IRM-protected messages Includes clear text copies of protected messages and attachments in journal mailbox Enables virus scanning, content filtering, and content-based rules on IRM-protected messages Journal Decryption Journal to individual mailboxes or SMTP address Detailed reports per To/CC/BCC/Alt-Recipient and distribution group expansion Journal to individual mailboxes or SMTP address Detailed reports per To/CC/BCC/Alt-Recipient and distribution group expansion Transport Journaling Exchange 2010 creates one report per message Helps reduce hosted archive storage costs Exchange 2010 creates one report per message Helps reduce hosted archive storage costs Journal Report De-duplication

Journaling Example-Journal Report Detailed recipient addressing! BccDL-expansion Forwarded mailboxes

Lync Server 2010 Unified Communication Compliance & Governance

Why Log and Archive IM? Federal Rules of Civil Procedure (FRCP) require production of electronic stored evidence (ESI) in federal court cases. eDiscovery Privacy Archiving guards against data leakage through federated and public channels Regulatory Required: NASD 3010, SEC Rule 17a-4 requires Recommended: Sarbanes-Oxley

Logging and Archiving IM archiving The archiving server role provides a way to archive The archiving server role provides a way to archive IM communications sent through Lync Server Archive the IM messages from conversations of all users Just the IM messages for conversations involving only the users you specify Archive all peer-to-peer content including IM sent in the Group Chat client Archive IM messages from all multiparty conferences Conference Content, including uploaded content and event related content Can mark IM Archiving as critical and blocks IM, and conferences if Archiving fails Group Chat archiving The Group chat server has inbuilt Compliance Service that archives all chat room content

Logging and Archiving Call Detail Reports (CDRs) The Monitoring Server role capture usage information related to VoIP calls IM messages A/V conversations Meetings, File Transfers, Application Sharing, Application Sharing, and Remote Assistance and Remote Assistance CDR data is captured for both peer-to-peer and multiparty conferences Compliance solutions Provided by partners: Facetime, Akonix, Symantec

What is New in Archiving and Monitoring Tight coupling of web conference content archiving and IM archiving Event based content activity log Honor per user archiving settings when logging group IM and web conferences Tool to create and export searchable session transcripts 58

Web Conferencing Archive 59

Policy Settings for Compliance 60 Global archiving policy By default, Lync Server 2010 creates a global archiving policy when you deploy Archiving Server. Site archiving policy You can enable or disable archiving support for specific sites User archiving policy You can enable or disable archiving support for specific users by assigning the policies to users that are defined in Users.

Recording Capabilities (Client Side) 61 Note : You need to enable recording from Lync control panel or Lync Power shell

Archive Storage Capacity Planning 62 Database size is dependent on call volume and call report retention settings Database size is dependent on call volume and call report retention settings Database grows 49 KB per user, per day Database grows 49 KB per user, per day Estimate database size with this formula: Estimate database size with this formula: DB size = (DB growth per user per day)*( # of users)*(# of days) For example 60 days of data in the CDR database for 50,000 users would be 31.5*50000*60 for a total of 90 GB.

Archiving Server 63 Call Detail Report Improved diagnostics for all modalities “Expected” Failure vs. “Unexpected” Failure Registration Diagnostics IP phone service data Capture data from analogue devices

CDR Reporting 64 Reports – call detail report samples

Architecture Design Session Solution Overview Technology Overview Point out technologies for relevant capabilities Discuss technologies Architecture Discussion Discuss Architecture Decision Points VPC-based demo View the capabilities in action Show various possibilities Vision scope input from solution briefing Solution Briefing Summary

Message Classification Determine message categories that will require special handling; define appropriate notifications Identify transport rules and MRM policies that will help enable automatic enforcement Archiving and Retention Determine the archival and retention requirement of organization Determine the affect of long-term retention on storage design Define any interaction with your archival and backup processes Journaling Determine whether your planned archival and compliance solutions require journaling Define the needed scope and granularity to determine client licensing Search, Discovery, and Audit Consider what expectations you and your users have for searches Determine common search scenarios; map them to search abilities Key Deployment Scenarios

Enterprise Network Edge Transport Client Access Hub Transport Mailbox Unified Messaging Sample Architecture Exchange Server 2010 Compliance and Governance Archival, Retention, Journaling Internet

Sample Architecture Lync Server Archiving and Compliance PIC XMPP MSN AOL Yahoo Remote Users Remote Users Federated Businesses Federated Businesses Edge Services Front End (incl. Mediation) Back End ExUM UC Endpoints Archiving Monitoring AD DNS ` Media GW / SBA On-premise or online UC Pool Direct SIP AV Conf. 68 Perimeter Network Group Chat

Architecture Decision Points Determining how long to archive communications data and when to delete it Archiving and Retention Interfacing with external archival and compliance solutions Journaling Attaching classifications to messaging data Messaging Records Management Allowing searches of messaging data for discovery and auditing Search, Discovery, and Audit Instant messaging and Call Data Records Office Communications Server

Architecture Decision Points Archiving and Retention How long does messaging data need to be retained? What types of data need to be retained? Are there multiple retention requirements? Will data be moved to an archival system? What controls are needed to prevent premature deletion? What are the archiving habits of user? Do they use PSTs heavily? How will database design be impacted by message archival and retention policies? What are the backup and recovery requirements? Can MRM help manage message retention? How much bandwidth will be needed to support an onsite or offsite archival solution?

Architecture Decision Points Journaling Journaling is required for interaction with most retention and compliance solutions, hosted or on-premise. What types of messaging data need to be captured? What journaling scope is required? Where are the journal reports stored? What level of access control is required? What level of transport protection is required? How much bandwidth will be needed to support an onsite or offsite archival solution? What are the current and future storage needs?

Architecture Decision Points Messaging Records Management What folders need to be managed? What retention policies are required? What content types will be managed? Can managed folders act as archival points? What requirements can classifications help address? How can classifications be used by Transport Rules? How can message classifications be used by MRM to store messages for retention and archival? How will classifications be enabled and distributed to clients? Training users to classify messages What are the reporting requirements?

Architecture Decision Points Search and Indexing Consider the performance impact of search on mailbox and archive servers. Who is permitted to conduct searches, and under what conditions? What common search criteria will be needed? Will search data need to be exported? Will you use dedicated search workstations? How do you validate search queries? Searching the live database and searching the archive can vary widely depending on the archiving solution

Architecture Decision Points Lync Server What policy and governance requirements will Lync Server need to adhere to, and what will their effect be ? How much data (including CDRs and conference recordings) will need to be archived? How will the data storage volume affect database design, backup, and recovery ? Consider the performance impact of archiving on the Lync Servers Plan bandwidth required for archive servers based on network distance to other Lync Servers

Architecture Design Session Solution Overview Technology Overview Point out technologies for relevant capabilities Discuss technologies Architecture Discussion Discuss Architecture Decision Points POC Planning Develop scope and specifications for POC VPC-based demo View the capabilities in action Show various possibilities Vision scope input from solution briefing Solution Briefing Summary

POC Planning Sponsor Name Project Timing Goals and Objectives ScopeMilestones Risks & Dependencies

Next Steps Proof of Concept Assemble resources from the business side and from the IT group Understand business processes that are being addressed Gain knowledge about technology infrastructure Verify the technology roadmap Review the POC scope and assumptions Proof of Concept Architecture Design Session Solution Briefing Solution Development

© 2007 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.

Appendix Slides…

Messaging and the Regulatory Environment Primary Focus IntentRegulation Information retention Established by the SEC, establishes retention policies for brokers, dealers, and Exchange members. Per SEC 17a-4 regulations, broker-dealers as well as many multiline financial firms need the capacity to capture, index, archive, search, and retrieve their and instant message (IM) communications. SEC 17A-4 Controlled access Relates to the privacy of patients' health information. The act is intended to protect medical records and other health information held or disclosed by health-related organizations. Heath Insurance Portability and Accountability Act (HIPAA) Addresses the public's increasing concern regarding the protection and use of their private information. Mandates that financial institutions take steps to ensure the security and confidentiality of their customers' personal information. Gramm-Leach Bliley Act Mandates public disclosure of computer-security breaches in which confidential information of any California resident may have been compromised. Confidential information includes social security numbers, California driver's license numbers, account numbers, and credit or debit card numbers. It became effective on July 1, California SB 1386 Information and process integrity Impacts financial reporting processes, with long-term effects on corporate governance and the regulation of auditors. Sarbanes-Oxley Act of 2002 Created in response to recent growth in international financial markets. It intended to encourage banks to manage their capital appropriately and to improve their risk-control processes. It is a set of international risk-based capital guidelines due to take effect in Basel II Established the criteria under which electronic records (including ) and signatures will be considered equivalent to paper records and handwritten signatures in manufacturing processes regulated by the FDA. 21 CFR Rule 11 Developed in response to the September 11, 2001, terrorist attacks. The act requires financial services and insurance companies to implement antiterrorism and anti-money- laundering regulations, including capabilities to identify customers and flag suspicious transactions. USA PATRIOT Act Source: IDC, 2004

Potential Barriers to Archiving A Poor User Experience Unfamiliar experience for your users Separate tools for searching and accessing archived Loss of full fidelity of Exchange user productivity features Complex Administrative Experience Difficulty deploying add-ins and impact to Outlook ® performance Different methods for conducting multi-mailbox searches Complexity managing high availability and access to the archive High Costs and Overhead Separate archive infrastructure investment Additional archive management overhead User training and education costs

On-Premises Vs. Cloud Management Symmetry of Management Tools and Experience

Preserve: On-Premises Vs. Cloud Archive Archive Provisioning sourced from on-premises whenever possible Archive property management against current primary MBX location (on-premises or cloud) Applies in hybrid cases as well: E.g. some mailboxes with archive in the cloud and some with mailbox + archive in the cloud.

Preserve: On-Premises Vs. Cloud Archive Management

Preserve: Archive Management in ECP Fully cloud based Enable/Disable Archive

Preserve: Archive in the cloud

Preserve: Mechanics of Archive in Cloud Microsoft Online/BPOS Topology AD FS

PST Import into Archive Assign “Mailbox Import Export” RBAC Role (restart shell) Initiate Import to Archive Wait to complete....

Goals and Assumptions Performs distributed search across end user mailboxes located on multiple servers. Search is throttled and parallelized Results are copied to discovery mailbox after search Admins by default do not have access to search all mailboxes, specific RBAC Discovery Role is required Partners: Enable web services access to the multi- mailbox search for partners to build discovery solutions. Discover: Multi-Mailbox Search

OutlookOWA User selects 5 Years from set of Policies “Example - Set Explicit Move Policy on a Folder” Message Retention Archive and Retention policies

User selects 5 Years from set of Policies OutlookOWA “Example - Set Explicit Move Policy on an Item” Message Retention Archive and Retention policies

User selects 5 Years from set of Policies User selects 5 Years from set of Move Policies Outlook OWA Outlook OWA “Example - Set Move Policy on a Folder With Delete Policy” User selects 5 Years from set of Policies User selects 10 Years from set of Delete Policies Message Retention Archive and Retention policies

User selects 5 Years from set of Move Policies User selects 5 Years from set of Policies User selects 5 Years from set of Move Policies OutlookOWA “Example - Set Move Policy on an Item With Delete Policy” User selects 10 Years from set of Move Policies Message Retention Archive and Retention policies

Preserve: Legal Hold Overview

Preserve: 2010 Hold Message Flow Hold Period of 10 years Primary Mailbox Dumpster 2.0 Recoverable Items Deleted Items Inbox …… (1) Message delivered (2) Message Edited/Deleted (3) Message Permanently Deleted (4) Message “purged” by user Edits Purges (5) Message removed from system after Hold Period (10 years)

Preserve: Hold Policy Move and Delete policies are for end users and while Hold Policy is for Admins Hold is respected whether the message is deleted by the user by Admin or User applied delete policies Admin may configure Retention policy to delete s to the Deleted Items, Dumpster 2.0 or permanently. With Archive on a separate Database, content will be moved from primary dumpster to archive dumpster.

Preserve: Hold Management & the Cloud

Lync Archiving Settings