WIXLIB

2.3About RetentionWhen messages are added to the archive, they are evaluated against the set of retention policy entries that were active at thetime the messages were archived and then assigned a target disposition month based on the retention period. The targetdisposition month identifies the month in which the message may be disposed of: messages need to be explicitly disposed of,following the instructions in “Disposition of Messages” on page 43. If retention is specified in years, the target dispositionmonth is calculated assuming the year ends on the month specified in the default retention policy entry (typically, this would bethe fiscal year).All messages matching the same retention policy entry during any given month are given the same target disposition month.For example, any message assigned an 18 month retention during July 2009 will have a target disposition month of February2011. Any message assigned a 4 year retention during July 2009, where the default retention policy entry says the year endsin December, will have a target disposition month of December 2013.When disposition is performed (see “Disposition of Messages” on page 43) it affects all messages with the same targetdisposition month.It is possible to have a retention policy entry that retains messages indefinitely. Such messages are identified in MessageLabsEmail Archiving Service by the month in which they are archived. As a result, all messages archived in a particular month foran indefinite retention period will be disposed of, if necessary, at the same time.2.4About SupervisionThe optional supervision features allow your company to set up a process for systematic review of electronic messages forcompliance with your company’s acceptable use policies. When messages are flagged as potentially violating the policy, thespecific types of violation are identified, allowing authorized individuals, known as “reviewers”, to better understand both thesource (who) and the type (what) of issue that needs to be reviewed.MessageLabs Email Archiving Service Supervision features are built around the idea that identifying inappropriate behavior isthe first step toward reducing that behavior. As a result, messages sent by an internal person (an employee) are considered tobe owned by the sender, not by those who received them. For messages sent into the company from external people (nonemployees), however, a message is considered to be owned by the first internal party on the To, cc or bcc lines. As mostincoming messages are only sent to a single internal individual, this approach is appropriate and ensures that each messageonly needs to be reviewed once.Messages that might violate acceptable use requirements are identified through specific policy entries that set out the rules forhow to identify such messages. Review policy entries then specify what percentage of such messages are to be reviewed.Review policy entries can also be used to select for review a random sample of messages that the system does not indicatemay be violations.Messages, whether identified as potentially violating policies or simply selected as part of a random sample, are reviewed byreviewers . You need to define the scope of each reviewer’s participation.Compliance and risk analysis is performed by senior managers or executives, using the available reports to ensure that thereview process is being followed consistently. They ensure continuous improvement by identifying and frequency and natureof policy violations. This information can be used to determine when and what corrective action is necessary. Reports areexplained in Reports.Copyright MessageLabs 20096

2.5Logging In to and Out of the MessageLabs Email Archiving Service User Interface2.5.1 Logging In to the MessageLabs Email Archiving Service User InterfaceTo log in to the MessageLabs Email Archiving Service user interface:1Open your web browser.2Enter the URL of the Archiving Appliance in the address bar of your web browser.The Login screen appears. If it is blocked by a pop-up blocker, you need to allow pop-ups from this site beforeproceeding.Note:3In the user name field, enter the user name that you use to log in to your computer.Note:45Your administrator can provide you with the URL of the Archiving Appliance. You may be able to access itusing a similar URL to the one you use to access your mail server. For example, if you normally enterhttps://www.mycompany.com/exchange, you would enter https://mail.mycompany.com/archive.You mayneed to add the URL to your “trusted sites” list.You can also log in using your primary SMTP address or UPN.In the password field, enter the password that you use to log in to your computer.Click Enter.The Home screen and Menu appear. From here you can navigate to other areas.Note:User names and passwords for MessageLabs Email Archiving Service are fully integrated with your networkuser name and password. Whenever you change your password on the network, your password used to login to MessageLabs Email Archiving Service is also changed.After a period of 60 minutes of inactivity, you will be logged out automatically. If you attempt to perform a task using your openbrowser window after you have been automatically logged out, you will be prompted to log in again. Once you do, the action isperformed.2.5.2 Logging Out of the MessageLabs Email Archiving Service User InterfaceTo log out:1In the title bar, click Logout.2The Login screen re-appears.Tip:Copyright MessageLabs 2009When you are finished working with the MessageLabs Email Archiving Service user interface, you shouldalways log out before you close the browser window. If you do not do so, someone who opens the browseron your machine within 60 minutes will be able to access your mail in the Archive.7

2.6About the MessageLabs Email Archiving Service User InterfaceThe Menu (on the left) is divided into sections, each containing a group of related functions. Clicking on a section opens it toreveal its contents. When you click a function, the right side of the screen changes as a result.You will work primarily with the Setup and Policy sections. The Policy section is described in more detail later. This documentsimply identifies the section containing the function you need to use: it does not explicitly state that functions are in the Menu.Copyright MessageLabs 20098

2.7Suggested Order for Creating MessageLabs Email Archiving Service Policy1Create MessageLabs Email Archiving Service user groups and assign members to them.You will use this information to identify which users a policy entry applies to. See “Setting up User Groups” onpage 10.2If you plan to classify messages based on InfoTags, define those InfoTags.See “Setting up InfoTags” on page 13.3In your draft policy, add or modify policy entries of the appropriate type, as your organization requires.Associate policy entries with users groups, InfoTags (created earlier) and/or rules (created in relation to thepolicy entry), as necessary. See “Working with Policy Entries” on page 19.4Use informative headings to illustrate the policy outline.The outline helps users understand the policy more quickly, but does not affect enforcement. See “AddingHeadings” on page 35.5Circulate a preliminary version of the policy document for review by the team in charge of creating the policy.See “Creating MessageLabs Email Archiving Service Policy Documents” on page 36.6Activate the policy and circulate it to all your employees via email.See “Activating Policy” on page 37.7Get each employee to sign a copy of the Policy Signoff Document for your records.See “Creating MessageLabs Email Archiving Service Policy Documents” on page 36.8Regularly view MessageLabs Email Archiving Service reports to understand the effectiveness of your policy.See Reports.9Review the policy regularly.Copyright MessageLabs 20099

3Setting up User GroupsChapter OverviewThis chapter provides information on setting up user groups. User groups do not grant access to MessageLabs EmailArchiving Service: they are used to determine which users a rule for an InfoTag or policy entry applies to. They are also usedto narrow down archive searches to find only messages related to specific groups. External parties can be members of usergroups.This chapter includes the following topics: 3.1Types of User GroupsCreating and Adding Members to Role and Department GroupsCreating and Adding Members to Partner GroupsTypes of User GroupsMessageLabs Email Archiving Service supports three different types of user groups: Roles represent groups of users who perform similar job functions, for example Customer Service Departments represent groups of users who belong to an organizational unit, for example, the Finance Department, Manufacturing or the Sales Division.Partners represent groups of external users, for example lawyers, external auditors and keycustomers.Representatives, Brokers or Analysts.3.2Creating and Adding Members to Role and Department GroupsA role or a department can be comprised of individual users and/or members of an Active Directory group. When using ActiveDirectory groups, you can choose to reference or import the group.When you reference an Active Directory group, the membership of that group synchronized with membership in ActiveDirectory. Each day, MessageLabs Email Archiving Service updates its list of group members so it reflects the current ActiveDirectory entries. To see when the groups were last synchronized, in the Status and Issues section, click GroupSynchronization Status.When you import an Active Directory group, names are added in a static way, that is, the names of the users who are actuallyin the Active Directory group at the time it was imported are added to the role or department. If membership in the ActiveDirectory group changes, this change does not affect role or department membership.To create a role or department:1In the Setup section, click Roles or Departments.The list of existing roles or departments appears.2On the toolbar, click Add.The Add a New Role or Add a New Department Details screen appears.3Enter a Name and Description for the role or department.Note:Copyright MessageLabs 2009Names of roles and departments must be unique.10

4Optionally, to have the group not available for policy or search use, check Hide from search and policy screens.5Add members to the group, following one of the procedures below.To add an individual user or Active Directory reference to a role or department group:1If necessary, open the role or department for editing and click the Members tab.The Members tab appears.2Click in the Enter a full or partial name field.3Identify the user’s Active Directory user name, display name or group.If you know the specific name, enter it. If you are not sure of the name, enter a partial name and click CheckName. Either the name becomes underlined (indicating it can be added) or a list of suggested names/groupsappears for you to choose from. For names, the list includes two tabs: one for current names, one for deletednames.Note:If you add a group to the chosen role or department, its membership is maintained in Active Directory. If themembership of the group is changed later on in Active Directory, the membership of the role or department isupdated.4Click Add.5Repeat to add additional members.6Click Save.The Role/Department Details screen closes and the role or department is saved.To import members of an Active Directory group to a role or department group:1If necessary, open the role or department for editing and click the Members tab.The Members tab appears.2Click the Import Active Directory group Members link.3Click in the Enter group name field.4Enter the name of the Active Directory Group that you want to import.If you know the specific name, enter it. If you are not sure of the name, enter a partial name and click CheckName. Either the name becomes underlined (indicating it can be added) or a list of suggested groups appearsfor you to choose from.Note:56You are adding a static list of names to the chosen role or department. Even if the membership of the groupis changed later on in Active Directory, the membership of the role or department remains the same.Click Import.Click OK to confirm that you want to import the selected group.The screen refreshes, showing how many members were added to the list.Copyright MessageLabs 200911

3.3Creating and Adding Members to Partner GroupsTo create a partner group:1In the Setup section, click Partners.The list of existing partners appears.2On the toolbar, click Add.The Partners Details screen appears.3Enter a Name and Description for the partner group.4Optionally, to have the group not available for policy or search use, check Hide from search and policy screens.5To add members to the group, follow one of the procedures below.Note:Names of partners must be unique.To add a specific email address to a partner group:1If necessary, open the partner record for editing.The Partner screen appears.2On the Member Email Addresses tab, click in the Enter an Internet email address link.3Enter the Internet (SMTP) email address.For example: john@ourauditors.com4Click Add.The email address is added to the list.56Repeat steps 2 - 4 to add additional members.Click Save.The Partner Details screen closes and the partner is saved.To add all email addresses that are part of a domain to a partner group:1If necessary, open the partner record for editing.The Partner screen appears.2On the Member Domains tab, click in the Enter an Internet Domain field.3Enter the Internet domain (the part after the @ sign).For example: ourauditors.com4Click Add.The domain is added to the list.5Add additional domains.6Click Save.The Partner Details screen closes and the partner is saved.Copyright MessageLabs 200912

4Setting up InfoTagsChapter OverviewThis chapter explains provides information on InfoTags, which are used to categorized messages. Use of InfoTags is optional.This chapter includes the following topics: 4.1About InfoTagsCreating InfoTagsAbout InfoTagsInfoTags are pieces of additional metadata that are used to characterize messages. For example, InfoTags can be used todistinguish financial correspondence from that related to human relations issues.InfoTags are used by two functions in MessageLabs Email Archiving Service: Users can search for messages based on the messages’ InfoTags.Policy entries can be defined to act on or exclude messages based on their InfoTag.Note:Some InfoTags may be appropriate only for internal use and should not be revealed to users. You can definewhich users can see a given InfoTag.During the archiving process, as a first step in policy application, each message is evaluated against the rules of each definedInfoTag. If a message matches the rules for a specific InfoTag, it is marked with that tag. Messages can be tagged with morethan one InfoTag.For example, you can create an InfoTag called “Contracts” whose rule states that it will match messages

2.1 MessageLabs Email Archiving Service Overview . MessageLabs Email Archiving Service provides a complete message archiving solution that can protect your organization from legal liabilities and regulatory risks while improving email storage management and end-user productivity. Its easy-to-