Email archiving
Email Archiving is the act of preserving and making searchable all email to/from an individual. Email archiving solutions capture email content either directly from the email application itself or during transport. The messages are typically then stored on magnetic disk storage and indexed to simplify future searches. In addition to simply accumulating email messages, these applications index and provide quick, searchable access to archived messages independent of the users of the system using a couple of different technical methods of implementation. The reasons a company may opt to implement an email archiving solution include protection of mission critical data, to meet retention and supervision requirements of applicable regulations, and for e-discovery purposes. It is predicted that the email archiving market will grow from nearly $2.1 billion in 2009 to over $5.1 billion in 2013.[1]
Definition
Email archiving is an automated process for preserving and protecting all inbound and outbound email messages (as well as attachments and metadata) so they can be accessed at a later date should the need arise. The benefits of email archiving include the recovery of lost or accidentally deleted emails, accelerated audit response, preservation of the intellectual property contained in business email and its attachments and "eDiscovery" in the case of litigation or internal investigations (what happened when, who said what).
Overview
Email Archiving is the process of capturing, preserving, and making easily searchable all email traffic to and from a given individual, organization, or service. Email archiving solutions capture email content either directly from the email server itself (journaling) or during message transit. The email archive can then be stored on magnetic tape, disk arrays, or now more often than not, in the cloud. Regardless of the location of the email archive, it gets indexed in order to speed future searches, and most archive vendors provide a search UI to simplify query construction.
In addition to email, attachments and associated metadata, some email archiving applications can also archive additional aspects of a mailbox including public folders, .pst files, calendars, contacts, notes, instant messages and context.
Objectives of Email Archiving
There are many motivations for enterprises or end-users to invest in an Email Archiving solution, including:
- Data Preservation
- Protection of Intellectual Property
- Regulatory compliance
- Litigation and Legal Discovery
- Email Backup and Disaster Recovery
- Messaging System & Storage Optimization
- Monitoring of Internal & External Email Content
- Records Management (Email Retention Policies)
- Business & Email Continuity
Regulatory Compliance
As enterprises of all sizes grow more reliant on email, the business value of that content is also growing. To protect this increasingly valuable information (intellectual property), numerous standards and regulations have been enacted to require records protection and retention as well as timely response to legal (discovery) and information (FOIA) requests.[2] Modern email archiving solutions allow companies to meet regulatory requirements or corporate policies by securing and preserving data and providing flexible data management policies to enable authorized users to enact 'legal holds', set retention and purge policies, or conduct searches across multiple mailboxes to complete various inquiries.
Some of the primary compliance requirements driving the need for secure email archiving are (alphabetically):
Canada
- Investment Industry Regulatory Organization of Canada (IDA) 29.7
- Mutual Fund Dealers Association (MFDA)[3]
- PIPEDA
Germany
Switzerland
- Schweizerische Obligationenrecht, article 962
United Kingdom
- British Standards Institution - BS 4783, BS 7799/ISO 17799, BS ISO 15489-1, BSI DISC PD 0008, BSI DISC PD0010, BSI DISC PD0012
- Data Protection Act 1998
- Freedom of Information Act 2000
United States
- FDA Title 21 CFR Part 11
- Federal Rules of Civil Procedure (FRCP)
- Freedom of Information Act
- Gramm-Leach-Bliley Act
- HFTA (Hedge Fund Transparency Act)
- HIPAA
- Investment Advisors Act
- NASD Rule 3110 and NYSE Rule 440
- Sarbanes-Oxley
- SB 1386 (Only in California)
- Securities and Exchange Commission Rule 17a-4 and SEC Rule 17a-3
- The USA Patriot Act
Note, that many of the compliance regulations require the preservation of "electronic business communications" which consist of not only email, but may include instant messaging, file attachments, Bloomberg Messaging, Reuters Messaging, PIN-to-PIN and SMS text messages, VoIP and other electronic messaging communications used in business.
Litigation and Legal Discovery
For legal discovery, email archiving solutions will lower the overall risk of spoliation and greatly speed up electronic discovery. This is because messages are indexed, audit trails are provided, messages are deduplicated, and legal hold/preservation can be applied.[5] For litigation support, email can be retrieved quickly and a history of the email exists to prove its authenticity for chain of custody. For compliance support, email records are stored in the archive according to administrator defined retention policies. When retention periods expire, email is automatically deleted by the archiving application. In order to be compliant, an organization can intentionally destroy email messages, so long as (1) the destruction is done pursuant to a stated company policy and (2) the destruction stops immediately if an incident occurs which could give rise to a lawsuit. [6]
If an organization has multiple separate applications, for example for e-discovery, records information management, and email archiving, each application may have a separate database and it becomes difficult to de-duplicate messages and ensure that a single retention policy is being applied. From a legal point of view, this is important because once retention periods have expired the message should be purged from the archive.[7] Messages that are not purged are still discoverable, should litigation arise at a later date. As such, without a unified archive it is difficult to ensure one single retention policy. This problem is magnified for large organizations that manage tens of millions of emails per day.
Without email archiving, email likely exists on some combination of backup tapes and on end users’ local workstations. If a specific email needs to be found for an internal investigation or in response to litigation, it can take weeks to find and costs a great deal. With today’s legal discovery rules (see FRCP: http://www.uscourts.gov/uscourts/RulesAndPolicies/rules/EDiscovery_w_Notes.pdf) and compliance legislations, it has become necessary for IT departments to centrally manage and archive their organization’s email, so email can be searched and found in minutes; not days or weeks.
Email Backup and Disaster Recovery
Email is the lifeblood of many modern businesses, and enterprises today depend more on reliable email service. Virtually all enterprises implement a messaging infrastructure to connect workers and enable business processes. In the e-commerce arena, employees may require access to email to close sales and manage accounts. These employees, plus many others, may choose to keep their emails indefinitely, but some organizations may mandate that emails more than 90 days old be deleted. Setting these kinds of retention policies deserves careful consideration as a single email could help a company win a lawsuit or avoid litigation altogether. Email archiving can also be used for business continuity at the individual employee level. When one employee quits, his/her replacement can be given access to the departed employee's archived messages in order to preserve correspondence records, and enable accelerated on-boarding.
As part of a comprehensive disaster recovery plan, an email archive can be instrumental in an organization's effort to "get back to business". An offsite, online archive means that secondary facilities can spin up messaging servers and quickly get access to the last mails sent/received as well as all historical messaging data. Offsite archives can take the form of disk farms (SANs) in distant DR facilities or email archives stored in public/private cloud environments. It should be noted that while email archiving products do capture and copy all messages, they are not mirrored copies of the messaging server itself, and therefore cannot help recreate user accounts/groups in the event of a disaster.
Messaging system & storage optimization
Every email message takes up space on an email system's hard drive or some other permanent storage device (e.g. Network Attached Storage, Storage Area Network, etc.). As the number of these messages increase, simple operations such as retrieving, searching, indexing, backup, etc. take utilize more information system resources. At some point older data must be removed from the production email system so that they can maintain a level of performance for their primary use, exchange of email messages. Email archiving solutions improve email server performance and storage efficiency by removing email and attachments from the messaging server based on administrator defined policies. Archived email and attachments remain accessible to end users via the existing email client applications.
References
- ↑ The Radicati Group, Inc. Releases "E-Mail Archiving Market, 2009-2013" Study
- ↑ E-Mail Archiving Growth Fueled by Federal Rule Changes
- ↑ MFDA Rules
- ↑ Principles of data access and of digital documents (GDPdU)
- ↑ The Sedona Canada Principles: Addressing Electronic Discovery, 2008
- ↑ Kest, Kristopher; Drew Sorrell; Lowndes, Drosdick, Doster, Kantor & Reed, P.A. (April 12, 2013). "Are You Allowed to Intentionally Destroy Emails? Re: Privacy in the Workplace". The National Law Review. Retrieved 17 April 2013.
- ↑ http://www.usdatavault.com/library/email_archiving_best_practices.pdf
External links
- Best Practices: Email Archiving by Forrester Research
- Booming Archiving Market to Evolve Beyond E-mail @ www.internetnews.com