O365 exchange rules v outlook Rules
Discussion
I am after some PH guidance on email rules and exchange transport rules vs outlook rules.
Due to recent changes, employees now get their payslips emailed to there work email account (it would be problem solved if they would do it to their person account)
We have a few part time staff, that when they aren’t in the office, have an outlook rule setup that forward their emails to another colleague to deal with, and hence the issue is now people are seeing other people’s payslips.
So email comes from e.g payroll@payoll.com to fred@company.com, Fred has an outlook rule setup to then forward his emails to john@company.com
There are no exchange rules that I can see that will stop this. I’ve tried if an email comes from payroll@payroll.com don’t process any more rules (but it seems it only stops processing exchange rules and not outlook rules)
I created an exchange rule if an email from payroll@payroll.com and its type is autoforward, then delete it. On the assumption that the email will get delivered to the user’s mailbox, then outlook rules will send it back to exchange as a forward to move it on to the forwarded email address. This doesn’t work either.
Any pointers?
TIA
Due to recent changes, employees now get their payslips emailed to there work email account (it would be problem solved if they would do it to their person account)
We have a few part time staff, that when they aren’t in the office, have an outlook rule setup that forward their emails to another colleague to deal with, and hence the issue is now people are seeing other people’s payslips.
So email comes from e.g payroll@payoll.com to fred@company.com, Fred has an outlook rule setup to then forward his emails to john@company.com
There are no exchange rules that I can see that will stop this. I’ve tried if an email comes from payroll@payroll.com don’t process any more rules (but it seems it only stops processing exchange rules and not outlook rules)
I created an exchange rule if an email from payroll@payroll.com and its type is autoforward, then delete it. On the assumption that the email will get delivered to the user’s mailbox, then outlook rules will send it back to exchange as a forward to move it on to the forwarded email address. This doesn’t work either.
Any pointers?
TIA
Thank you, that is one option we looked at. If there was a way a policy could be created to push this out, then that would work.
Ideally, we would like to make this user proof, and rule out the human element, so it isn't reliant on them to create an exception, as they may forget over time, or new users may not be told.
Ideally, we would like to make this user proof, and rule out the human element, so it isn't reliant on them to create an exception, as they may forget over time, or new users may not be told.
Surely your payroll provider shouldn't be sending payslips in plain text/an email attachment? Every payroll provider I've ever used send an email to a web link where you need to login to view and download the payslip.
However if you're stuck with using such a unsecure system, look into applying sensitivity labels that prevent forwarding to the payroll emails in Purview.
This won't help though if users have delegate access or exchange permissions to the mailbox directly so I would say start with your payroll provider.
However if you're stuck with using such a unsecure system, look into applying sensitivity labels that prevent forwarding to the payroll emails in Purview.
This won't help though if users have delegate access or exchange permissions to the mailbox directly so I would say start with your payroll provider.
The problem is really a process one rather than a tech issue. Payroll shouldn't be sending out sensitive data via open email in the first place, as others have mentioned the payslips should be accessible via a separate portal login. Failing that personal information should be sent to the employee's personal email address, and in the final instance should be on a good old fashioned bit of paper. Ultimately however if users are are of the consequenses and still forward their email to someone else, then it's their own lookout!
drmotorsport said:
The problem is really a process one rather than a tech issue. Payroll shouldn't be sending out sensitive data via open email in the first place, as others have mentioned the payslips should be accessible via a separate portal login. Failing that personal information should be sent to the employee's personal email address, and in the final instance should be on a good old fashioned bit of paper. Ultimately however if users are are of the consequenses and still forward their email to someone else, then it's their own lookout!
In the context of secure internal email systems being secure and internal it's perfectly acceptable and to email payslips unencrypted. The failing is in setting up the mail inbox to forward emails to someone else inbox, as an employee there's no way you could get me to do that and someone else accessing the company's data on how much they pay me would be the least of my worries.
How about employees stop forwarding all email and simply set up and out of office informing senders their away and provide the email address of who to contact if it's urgent?
You can provide a knowledge article on how to exclude certain addresses via a forwarding rule and advertise this. If a user chooses to ignore this and forwards all email to someone else, that's on them.
It shouldn't be you responsibility to patch a not fit for purpose way of emailing out pay slips.
You can provide a knowledge article on how to exclude certain addresses via a forwarding rule and advertise this. If a user chooses to ignore this and forwards all email to someone else, that's on them.
It shouldn't be you responsibility to patch a not fit for purpose way of emailing out pay slips.
Gassing Station | Computers, Gadgets & Stuff | Top of Page | What's New | My Stuff