Advanced persistent threats make email security a necessity

Most email administrators consider security to be a large part of what they do. With so many laws and regulations governing the storage, discovery and retrieval of email messages, security has become a second job to many.

Unfortunately, many administrators either forget, or simply aren’t aware, that securing email requires much more effort than hardening the email servers against attack. In order to fully protect your organization’s email and their contents the mailbox also needs to be defended. Especially when you consider how popular Advanced Persistent Threats are becoming with large cyber crime syndicates who use email not only as a way to harvest sensitive information, but also as a method of attack through phishing and social engineering. Continue reading Tips for Better Email Security

IT managers must account for many demands on their time and resources. Storage is always an issue and having to estimate the growth needs of the company and all the various departments can be a time-consuming and sometimes thankless job.

Estimating email storage needs can be started by making assumptions about the average size in bytes that attachments will require, the hours of day that the email servers will be the busiest and the number of users per email server. Those three variables multiplied together are a good starting point in estimating how much storage to allocate for email servers.

And the same computations can also be used when estimating how much storage to allocate for archiving purposes.

Archiving email messages can save an IT data center in many ways. Some of the reasons for archiving email messages include:

Continue reading 7 Reasons for Email Archiving

Last week, Governor Schwarzenegger of California signed the state’s Electronic Discovery Act, which is effective immediately. An earlier version had been vetoed for what was said to be budgetary reasons. The Act lays out procedures for discovery of electronically stored information in California. As is the case with any piece of legislation, especially legislation from California, the actual text is quite lengthy, but it’s similar to the most recent revisions of the Federal Rules of Civil Procedure. For most data centers, there is no big cause for alarm, since the law doesn’t deviate much from the Federal e-discovery standard.

Under the new legislation, when somebody requests electronically stored information (ESI), they may specify the format they would like to receive it in. If the party doesn’t specify a format, then the data should be produced in the same format that it was originally created, or in another format that is “reasonably usable.” It’s only necessary to produce the documentation in a single format.

If the data is not what the Act terms “reasonably accessible,” it is possible to refuse the request if it causes undue burden or high cost. But it’s not enough to just say “I can’t get to it”–if you want to claim that the data is inaccessible, you have to state specifically why, and you have to identify the sources and types of data that can’t be accessed. The burden of proof that the data is not accessible falls on the party from which the data is being requested. This is of course a very subjective rule, and an email admin managing archives should be prepared to produce in any event. So long as the requesting party has a more expensive lawyer, the point of whether it is “reasonably accessible” could be debated endlessly, or until your company runs out of money, whichever comes first.

The administrator may appropriately be tasked with administering, or at least overseeing, the process of email archiving, if for no other reason than the fact that end-users are not likely to do it themselves. The process of archiving emails, if left to individual end-users, would be chaotic at best. Uniform standards must apply, and archiving needs to be done according to a rule-based procedure; without such a rule-based procedure, the enterprise risks falling out of compliance with one or more legislative mandates.

But there are two pieces to the archiving puzzle: Putting things into it, and taking things out of it. The first part can be largely automated and done according to a set of rules that specify that emails get archived after a certain period of time. But as for the other end—searching the archives—that’s another story entirely.

Continue reading Self-service retrieval

The benefits associated with archiving Microsoft Exchange email and associated data, creates many cost effective solutions. Archiving facilitates government regulatory or civil litigation searches for ediscovery requests. It also allows for more complete archive journaling, and provides storage benefits for both mailbox growth and the various storage devices that can be utilized.

Although lowering storage reduction costs is a common denominator for email archiving, compliance requirements are moving more companies to implementing archiving strategies. Depending on the motivation factors, cost savings on storage are subject to interpretation by different people.  For some people, compressing email could reduce licensing, as well as storage hardware costs.  For others it may mean creating a mailbox for end users, which has virtually unlimited space.

Continue reading Archive Stubbing Techniques Not Recommended

Started in 2005, the Electronic Discovery Reference Model (EDRM) Project was created to address the lack of standards and guidelines in the electronic discovery market.  EDRM is a great reference tool to develop guidelines and standards for ediscovery consumers and service providers.  EDRM helps reduce the cost, time and manual work associated with ediscovery.

Referencing the  accompanying EDRM diagram on their web site, the 8 areas lay out a structured foundation for facilitating the implementation of an archiving software solution.  This makes life easier with providing all the players standard guidelines, as part of the archiving and information retrieval process related to legal and government requests.

We will cover a cursory overview of EDRM.

Information Management
Getting your electronic house in order to mitigate risk and expenses should electronic discovery become an issue. This covers the initial creation of electronically stored information all the way through its final disposition.

Identification
This refers to the process of learning the location of all data which a company has a duty to preserve and potentially disclose in an upcoming  legal proceeding.

Preservation
Preservation for electronic discovery has become a complicated, multi-faceted, steadily-changing concept in recent years.  Certain suggested standards and guidelines have been emerging to provide checklists for those preparing to respond to electronic requests for production.

Collection
The acquisition of electronic information, which is  tagged as potentially relevant in the identification phase. Continue reading EDRM Guides Archive Strategy

Let’s eliminate the confusion by understanding the difference between archiving and eDiscovery. Both are tied together, but serve two (2) distinct functions. The everyday operations performed with software processes that maintain historical email correspondence is that component referred to as archiving.  eDiscovery enters the business picure as an official legal or regulatory compliance request. eDiscovery requests ask for specific documentation which may be attached to an email or may contain relevant verbiage within the body of an email.

Let’s focus on those companies that perform eDiscovery. These companies are very different and unrelated to companies that provide archiving software solutions. You will find in your research that archiving software is referred to as “eDiscovery software”. The interchangeability of terms is semantical, at best.

Continue reading Email Archiving Facilitates eDiscovery Processes

eDiscovery is fast becoming one of the hottest areas in law. This isn’t something that is yet taught in law schools. Many firms are just now starting separate departments for e-discovery.  This new course is really going to rachet up the need for implementing archiving systems.

According to Barry Murphy, formerly  of Forrester Research, the challenges are similar for all organizations, whether a bank, a consulting company or a biotech firm. The only difference is that banks are under more government regulation (e.g., SEC) than some other industries and often do discovery specifically for regulatory requests.

Continue reading eDiscovery fast becoming the hottest area in law

According to Christopher S. Rugaber of The Associated Press, companies that help businesses track and search their e-mails and other electronic data are experiencing a surge of interest in the wake of a 2006 federal rule changes that clarify requirements to produce such evidence in lawsuits.

Companies used to be focused on how they store information. Now they’re focusing on how to retrieve it.

The new rules require U.S. companies to keep better track of their employees’ emails, instant messages and other electronic documents in the event the companies are sued, legal experts say. They are part of amendments to federal rules governing civil litigation and were approved by the Supreme Court’s administrative arm in April after a five-year review.

Continue reading U.S. Rules favour Email Storage and Retrieval

More businesses are becoming subject to regulatory compliance. This could be either very formal stringent regulations such as the Sarbanes-Oxley Act or less strict regulations, such as the  Federal Rules on Civil Procedure (FRCP).   Exchange Server administrators should be educated on what levels of regulations their businesses are mandated to follow.  Email administrators should also be aware of what their responsibilities and deliverables might be if asked to provide current or historical information during an investigation. Organizations may direct that the human resources (HR) department, legal or the regulatory representatives lead this investigation.

The main purpose of implementing an archiving solution is to have the ability to secure email for search and discovery purposes. Archiving and store reduction is an additional bonus.  So how should an email administrator and information technology (IT) department proactively prepare for search and e-discovery requests?

Continue reading Remove the IT Department from the e-Discovery Process