Follow GFI:
Find us on Facebook Follow us on Twitter Find us on Linkedin Subscribe to our RSS Feed Find us on YouTube Find us on Google+
 

10 Tips for Successful Email Archiving

on February 28, 2011

While companies with unlimited storage, tiers of redundant servers, and high-speed WAN links may want to provide unlimited online storage for their users, the rest of us have to contend with budgets, hardware limitations, and bandwidth that is never enough. Combine this with users’ tendencies to use PSTs, hard drives that crash, and the chance of receiving a subpoena, and you find that you need something between the limits of your small Exchange farm and the dream of unlimited online storage. Enter email archiving.

Email archiving is a solution that offers great flexibility for the email admin. You can literally archive every single email in and out of your company if you wish, simply log things like sender, recipient, and subject, or anything in between. If you want to implement an email archiving solution, here are ten tips for ensuring you have all your bases covered.

  1. Enable Auditing
    Good email archiving solutions offer an auditing function that stores logs in a tamper proof fashion. If you are involved in a legal action, these logs can be submitted as evidence of the existence of, or the non-existence of, any particular email.
  2. Locate the archiving system at a central point
    Small companies may have only one egress point, but larger companies may have a distributed network and site server that can send or receive email. Set up your archiving so that all mail is caught no matter which site is involved. Use SMTP routing queues if necessary to enforce this.
  3. Create sensible policies
    Users will send and receive personal email. There isn’t anything wrong with that as long as your policies clearly define what is acceptable and what is not, and inform users that archiving is in use. You might also consider creating archiving rules that will archive all emails to or from client, partner, and vendor domains, but ignore emails from other domains.
  4. Consult with HR
    Make sure you work with your Human Resources department when publishing your written  policies, to ensure you are in compliance with company policies, and that user notification is in place.
  5. Consult with Legal
    Also involve your legal department (or corporate counsel) to make sure your archiving meets any contractual requirements or legal orders.
  6. Consult with Audit
    Email archiving can factor into external audit reports for things like SAS70, or can be invoked into meeting requirements for Sarbanes-Oxley. Work with your auditors to take advantage of, and to make sure you are supporting, any requirements for certification or accreditation.
  7. Migrate existing PSTs into the archiving system
    And then use a GPO to disable the ability to create PSTs. Not only do PSTs present the risk of lost data, they can severely impact network performance.
  8. Provide users easy access
    Whether that is through a snap-in in Outlook, or a web based interface, make sure users have a ‘self-service’ option to search for and find archived emails and to recover deleted messages.
  9. Make sure the solution works in your environment
    Appliances may be the right choice for some, but many companies are moving towards virtualisation. Whether that is with VMware or Microsoft’s Hyper-V, make sure your solution works with your platform of choice.
  10. Ensure there isn’t any way around the system
    Audit and discovery are great, but if a user has a way to circumvent the archiving solution, that could bring the logs into question. Make sure the firewall blocks outbound SMTP from anything other than systems that are a part of the email infrastructure, and the proxies block access to personal webmail sites.

With these ten tips, you have plenty to consider when evaluating email archiving.

About the Author:

Ed Fisher is an information systems manager and blogger at several sites including his own site, http://retrohack.com. An InfoTech professional, aficionado of capsaicin, and Coffea canephora (but not together,) he has been getting my geek on full-time since 1993, and has worked with information technology in some capacity since 1986. Stated simply, if you need to get information securely from point A to B, he’s your guy. He is like "The Transporter," but for data, and without the car; and with a little more hair.

submit to reddit
 
Comments
Chris O'Brien February 28, 201110:22 pm

Email archiving is generally a fantastic idea, but considering current events, tip #10 is particularly poignant, and while I certainly don’t have any laundry I’m worried about being aired, large corporations really have something to consider when it comes to having a digital storehouse of all internal communication like that. One has to really be sure that all vulnerabilities are accounted for before implementing a company-wide policy like this, I think.

 
Ed Fisher May 19, 20115:25 pm

Spot on Chris! It’s frightening how something put into an email in passing may come back months or even years later, and be interpreted completely out of context. Thanks for chiming in!
Ed

 
Bruce Roberts March 26, 20117:54 pm

We as users might not like the idea that all our emails are taped and nobody knows who can access copies of them but since business emails are business assets, not private chats, they must be emailed. It is true that you never know when an email can be leaked and used against you but if you have no skeletons in your emails, this shouldn’t be scary. As for personal emails, users just should know that a corporate network isn’t the place to send/receive personal emails from. Get a mobile and check your personal email from there – that simple!

 
Ed Fisher May 19, 20115:27 pm

Hi Bruce,
Too often the line between business and personal is blurred; it happens every time I get a call after hours or have to work on a weekend! But keeping that separation is a great idea and the best way to avoid any issues.
Thanks for weighing in.
Ed

 
Bob morton from Florida May 18, 20117:51 am

Does email archiving depend or rely on how large or small a business is? I’m managing a medium-sized company. Our IT head recommends we use a powerful email archiving software so that if in case there’s a hardware or software failure, all messages and contacts will have a backup.

Also, can the 10 tips mentioned here be applied to my business? I have about 50 employees with 80 email accounts.

 
Ed Fisher May 19, 20115:31 pm

Hi Bob,
The size of the company is less a factor than the volume of email. Your IT head is spot on that an archiving solution can be a backup for your email system, as long as it is not the ONLY backup, and that you are backing it up!
The tips are meant for any business that uses/relies upon email; only the scale of the solution will change based on the size of your company and volume of emails.
Hope that helps,
Ed