Title

Mailboxes and messages are not retained until backups are complete. (Cat II impact)

Discussion

Backup and recovery procedures are an important part of overall system availability and integrity. Complete backups reduce the chance of accidental deletion of important information, and ensure that complete recoveries are possible. It is not uncommon for users to receive and delete messages in the scope of a single backup cycle. This setting ensures that at least one backup has been run on the mailbox store before the message physically disappears. By enabling this setting, all messages written to recipients who have accounts on this store will reside in backups even if they have been deleted by the user before the backup has run.

Check Content

Ensure that mailbox retention for backups are complete. Procedure: Exchange System Manager >>Administrative Groups >> [administrative group] >> Servers >> [server name]>> [storage group] >> Mailbox store [server name] >> Properties >> Limits tab >> Deletion settings The “Do not permanently delete mailboxes and items until the store has been backed up” should be selected. Criteria: If “Do not permanently delete mailboxes and items until the store has been backed up” is selected, this is not a finding.

Fix Text

Configure messages and mailboxes for backups. Procedure: Exchange System manager >>Administrative Groups >> [administrative group] >> Servers >> [server name]>> [storage group] >> Mailbox store [server name] >> Properties >> Limits tab >> Deletion settings Select “Do not permanently delete mailboxes and items until the store has been backed up”.

Additional Identifiers

Rule ID: SV-20389r1_rule

Vulnerability ID: V-18723

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.