February 22, 2010

OCS Auditing Made (Slightly) Easier

Office Communications Server 2007 R2 is an unbelievable product.  There is literally nothing I don’t love about it.  Okay, maybe there are a few things – like redundancy, clustering, ease of installation, number of systems required – okay maybe there are more than a few things…BUT, overall – what a great product!  Software based phone systems are the wave of the future and I’ll be devoting an entire series of posts in the near future about OCS07R2 and how it can be used right now for SMBs and big boy enterprises alike.

One particular challenge of the OCS stack is auditing.  It is built in and works fantastically well.  You even have the opportunity to bring the entire OCS stack down if auditing fails – which is very important thing in a highly regulated environment.  Earlier today (like ten minutes ago) I talked about OCS Ethical Firewalls.  The enforcement of those firewalls is crucial to the success of many deployments, but you can’t prove out the system without auditing.  So there it all sits – every IM conversation (and more) you ever wanted, but the only way to get that data out was to A) query the db by hand (ewe) or B) use the Resource Kit which, if I may say, is … thick to say the least.

Via Doug Deitterick’s blog, a sample SQL SSRS report has been published that allows you to get right in there and query away.  Great script Doug!  It really simplifies the process and gets you started down the path of a very robust audit reporting tool.  Some suggestions for enhancements that you can try on your own is to continue to leverage his queries, but even extend those queries to filter by keywords texts, use SSRS Subscriptions to constantly monitor (daily perhaps) a certain subset of conversations around particularly sensitive subjects or even snapshot for legal purposes.

I should say that I am a firm believer in corporate oversight, as long as your end users know about it.  Big brother is one thing, and no employee should feel that a company resource provides them personal privacy, however, the OCS Client (Communicator 2007 and R2) come with a GPO setting that you can set to show a disclaimer at the top of all conversations that they are being recorded – I would suggest you use that in conjunction with your compliance and auditing activities.