Posts Tagged ‘email archiving’
Email retention is a very important component in every company’s day to day business practices. The reasons are many: legal requirements, efficient use of storage, privacy of corporate email messages and others.
Policies and best practices should be clearly stated in every company’s IT department for how best to archive the multitude of emails that accumulate each day.
Here are some of the best practices and considerations for email archival.
- Indexing and searching capability should be features of all email archival systems. Companies need to be able to respond quickly to requests for old emails particularly when those requests are coming from legal entities outside of the company. Months and months of email messages can quickly become millions of archived messages. IT departments will need to be able to respond to information requests in the least amount of time possible so as to meet any legal requirements necessary. Having a fully indexed archival message system will support the retrieval of any documents or email messages in a short period of time. In addition, being able to respond to requests for archived emails can help to meet discovery or subpoena requests in a timely manner.
- Audit trails should be another component of any good email archival system. Companies need to secure and track their archived emails to meet the regulations of the various governing bodies such as the SEC (Securities and Exchange Commission) that can request specific emails from them. Audit trails can also be used to prove compliance with reporting regulations such as the Sarbanes-Oxley Act.
- Complete email integrity needs to be maintained so as to meet the rules of evidentiary standards. Email integrity can be maintained by use of electronic signatures and time stamps of each email that is archived, redundancy of archival systems to provide continuous access to archived emails and encryption of email messages to protect against tampering of original data.
- Virus scanning of all email messages prior to archival should be an additional step in the archival process so as to ensure not only the integrity of archived email messages but also the protection of email system at the time of retrieval of email messages from the archive system.
- Support of multiple email systems and protocols is another feature that can help to reduce the number of archive systems that are needed within a corporation. Some of the more widely used email systems that ought to be included in an email archive system include: Microsoft Exchange, Lotus Notes, Novell Groupwise, First Class, standard POP3, SMTP and Imap protocols.
- Administrators should coordinate with their in-house legal department and with the department managers of the various business units that the IT organization is responsible for supporting. Those department managers may have additional requirements for email archiving of their employees emails based on their applications used and types of businesses they engage in. And legal departments can also provide guidance in the necessary archival rules and regulations which the company as a whole must comply with.
- Know what time periods are required by specific regulations when determining how long to keep email messages in the archives. Some companies do not routinely rotate their archived email messages out to the bit bucket and as expected continue to drive up their storage and administrative costs unnecessarily. The more email messages that are stored then the more indexes are required and longer search times than are necessary will occur.
- Designate someone within the IT organization who is the interface to the legal department. In smaller organizations the legal department will most likely be an outside law firm. Schedule regular quarterly reviews of the laws and regulations specific to your industry that have mandates related to email retention requirements. Some of these compliance laws, regulations, and standards that can impact how email is retained include: the Federal E-Discovery Rules; the Health Insurance Portability and Accountability Act (HIPAA); the Gramm-Leach-Bliley Act (GLBA); the Sarbanes-Oxley Act (SOX); the PCI Data Security Standard; the Federal Information Security Management Act (FISMA); the EU Data Protection Directive 95/46/EC; the Basel II Accord and others.
- Although not considered email, instant messages should also be included as electronic items that can be stored in an email archival system. Within the course of daily activities business communication emails that are received can sometimes start off as instant messages that have been converted into email when the sender was no longer able to communicate with the recipient.
- The implementation and execution of a good email archival system can save a company much valuable time and money when all contingencies have been taken into account and the planning has been done well.
With email playing a critical role in every business’s operations, protecting it has become more important than ever. One way to do that is by archiving it. Unfortunately, some organizations may find the task daunting.
Why? Messages may be stored all over the place–in .PST files, on SharePoint sites, on backup tapes, with third-party providers and in employees’ personal email accounts.
“With the potential of up to 90 percent of your e-mail residing outside of your Exchange Server, it can be daunting to enforce data retention policies or locate relevant communications when compliance matters arise,” Microsoft observed in a White Paper titled “Addressing E-mail Archiving and Discovery with Microsoft Exchange Server 2010.”
Another barrier to email archiving can be worker resistance. Some archiving solutions require both desktop and IT folks to change the ways they do things. Users may need to leave the comfort of their email applications to interact with archived messages. They may also need to learn new clients or applications to work in the new environment. Those things can discourage employee buy-in to the new system.
Not only can those accommodations to change disrupt established workflows of desktop workers, but it can affect an organization’s productivity. For instance, an archival system that doesn’t integrate seamlessly with an existing email setup can disable features in that existing system designed to increase productivity. For example, if the archives were set up outside Exchange, workers might lose the benefits of tools like Conversation View and the “anywhere access” capability of Microsoft’s Outlook Web App.
Similar challenges can confront an IT department. They may have to maintain new add-ons to email and Web apps to adjust to the archive scheme. What’s more, archiving could create a whole new infrastructure that must be made reliable and accessible to users. In addition, search methods that work with an existing system may not work with the new archival system. That can create quite a can of worms when compliance officers, legal departments and human resource people are breathing down an administrator’s neck for data to meet legal or regulatory demands.
The Outlook Personal Folders file (PST) had its day. It was once the ultimate or perhaps only solution to reducing the cost of storing old emails within the Exchange server database.
Those days are largely gone. Exchange servers can scale up to much larger database sizes than they could 10 years ago. Disk and tape storage is cheap, and emails themselves are getting larger and larger. And enterprise email archiving is efficient, cost effective, and even comes built in to the latest version of Exchange Server.
The benefits of the PST format are now close to nil, while all of the problems remain. PST files are single-user access only, can’t be indexed or easily searched, are sensitive to corruption when they get larger or are being accessed over networks, and consume more space due to their general inefficiency.
But many organizations have a lot of archived emails still stored in PST files. Moving to a new Exchange server doesn’t magically solve that problem. The question is what should you do about all those PST files? Continue reading What to do With Those PST Files
On more than one occasion I have worked with a customer whose email archiving strategy could be stated like this.
“When people stop working for us we never, ever delete their mailbox.”
As you might guess from the title of this post, that is not really “email archiving”. You could call it “email keeping”, but I would put it as “creates more problems than it solves”.
If your email archiving strategy is to have no strategy at all, and that’s a deliberate decision by your organization, then consider some of the problems that you are creating.
- Every mailbox you keep adds to the size of the database, which therefore consumes more disk space, and more backup media
- Larger databases take longer to back up, and longer to recover if there is a problem
- Every mailbox you keep is an active mailbox that can potentially continue to receive emails, increasing your storage needs at a rate faster than necessary
- Every mailbox you keep is also an active user account, leaving a potential attack vector for hackers or disgruntled former staff
- When the time comes to migrate to a new email server, the amount of data to move is that much larger
- Keeping emails in mailboxes on an Exchange server (prior to Exchange 2010 which relatively few organizations have moved to yet) does not make them easily auditable
Email Archiving Solutions
A proper email archiving strategy can be conceived and executed with the right archiving solution. Here are some of the ways that email archiving can be implemented. Continue reading When Email Archiving Isn’t Really Email Archiving
IT managers must account for many demands on their time and resources. Storage is always an issue and having to estimate the growth needs of the company and all the various departments can be a time-consuming and sometimes thankless job.
Estimating email storage needs can be started by making assumptions about the average size in bytes that attachments will require, the hours of day that the email servers will be the busiest and the number of users per email server. Those three variables multiplied together are a good starting point in estimating how much storage to allocate for email servers.
And the same computations can also be used when estimating how much storage to allocate for archiving purposes.
Archiving email messages can save an IT data center in many ways. Some of the reasons for archiving email messages include:
SearchExchange has written an article on the best and worst practices for email archiving in Exchange Server. It is a detailed post and I agree with it, however it highlights some best practices that Exchange Server does not do very well on its own without additional systems in place.
Outlook PST files are big disk space consumers and are not subject to inspection and retention by archiving systems. Exchange Server itself cannot prevent the creation of PST files. This requires the use of other systems such as Group Policy restrictions and file server storage policies.
For environments where PST files have been allowed to proliferate, Exchange Server offers very little in the way of tools to efficiently import the data into archives. Fortunately there are third party email archive applications that do offer these tools for bulk processing of PST archives.
Separate Archival and DR Storage
The built in archiving available in Exchange Server 2010 does not separate active mailbox data from archive mailbox data. Both types of data are stored in the same database, subject to the same backup and recovery process.
The best practice is to store and backup archive information on less expensive, high volume storage, and retain it separately (though it can be sent to the same offsite location as the active data).
During a recovery situation the active data can then be restored first as a priority, and archive data restored separately later when normal services have been resumed, because archive data is usually a much lower priority for restore in a DR situation.
Centralize Email Storage
Although Exchange Server environments are typically consolidated into fewer physical locations these days compared to previous years, in larger environments they are still often distributed into regional locations.
Archive information is best kept as centralized as possible, in one primary location with an additional offsite backup copy. Again the archive features of Exchange Server 2010 limit this capability, because archive data is stored in the same location as the active mailbox. Continue reading Email Archiving Best Practices that Exchange Server Doesn’t Do Well
Outlook is used in many corporations by many users and has been for many years. So it is not surprising that problems eventually emerge that are related to file sizes or email file corruptions.
Sometimes when an end user has started Outlook they will report receiving an error code such as 0×80040116. Usually the error message will read, “Outlook.pst can not be accessed – 0×80040116”. If this error message is received then be aware that this could result in a loss of all emails and contacts that have been saved in Outlook. So it is a serious error code message and one that will require immediate attention.
This is one of the reasons why I always encourage email archiving so as to reduce the use of Personal Storage Folder (.pst) files which can be difficult to use. Having a good email archiving solution can also help when data and other critical email files have become corrupted or accidentally damaged and are no longer accessible.
There are other reasons why the error code 0×80040116 can be received. It is also possible that the error code has been generated in response to a file size limitation having been reached. Usually this will occur if a 2GB maximum file size had been encroached while running Outlook 2000 or earlier versions. If this is the case then an administrator should try running a couple of different tools to correct the problem. Some of these tools include: ScanDisk, PST2GB and ScanPST. These tools can be used to reduce the size of the “pst” file below the 2GB limit.
In another post I discussed the situation of emails that are not sent and are instead stuck in the email outbox. The flip side of that problem is when emails that are in the email inbox seemingly disappear. This can occur after email messages have been read. It can also happen if the preview pane has been opened and the email has not yet been read.
What might be happening is that a filter is being applied that only displays unread messages. Obviously what needs to happen is to either remove the filter or modify it.
If you want to reset to a known state you can also just remove all filters. This is a very easy procedure.
- In Outlook 2000 bring up the View menu and move to the Current View.
- Once there you can click on Customize Current View.
- This will bring up a View Summary dialog box where you can then choose Filter which will pop up the Filter dialog box.
- Here you’ll want to click on Clear All and then click OK or hit enter a couple times to exit the dialog.
- You should now be able to view all email messages whether they are read or unread.
There is another possible cause for disappearing emails. If one of your end users has managed to set Outlook so that email delivery is pointed at a personal folder file such as a pst file then this can have the undesirable consequence of disappearing email.
So you’re thinking of acquiring a new email archiving tool and need to craft an acquisition and implementation strategy. Here are some things you may want to consider.
Regulations, rules, requirements and product warranties can make buying archiving tools a minefield. By consulting with your corporate legal and compliance people, as well as your company’s business managers, you can get an idea about where those mines are buried. Moreover, you can use your efforts to educate yourself about what requirements must be met by your new tools to build support and acceptance among your legal and compliance people.
When garnering information from legal and business colleagues, it’s important not to lose sight of your role as a technology advocate. While it’s critical to know what your new archiving tools must do to meet compliance and warranty demands, it’s also crucial that those unschooled in the intricacies of storage management understand basic concepts, such as the distinction between backups and archiving and the hard and soft costs attached to storage.
Keep in mind that your new archiving tools need to do more that meet compliance requirements if they’re going to be accepted by your users. After all, you don’t want to trade one headache–jumping through compliance hoops–for another–a disgruntled user base that sees your new technology as an impediment to its doing its job.
By now, every business knows that they need to archive their emails, for convenience, as well as for compliance, e-discovery, and disaster recovery purposes. But once archived, how long do you need to keep them?
There’s really no fixed answer, as is often the case when lawyers are involved. But what’s most important is that there is a written policy about data retention, and that it is followed to the letter, documented, and has an audit trail. The reason for this is clear. Suppose for example, that you are subject to a lawsuit, and opposing counsel has demanded records pertaining to a certain subject. You provide records going back two years. But you have no written policy on data retention. Guess what? Even if the records you provide show no evidence of your guilt, you still lose by default. That is of course, assuming that your opponent has a competent lawyer. The logic behind this is that since you have no retention policy, you may have deleted older emails that showed your liability.
Now suppose that you do have a written retention policy that says you archive all emails for two years. But, there’s no formal audit trail that shows when those archives are accessed. Again, you lose. Opposing counsel will argue that without an audit trail, there is no reason to believe that you haven’t gone in and erased the evidence! Oh, those tricky lawyers.