Email Archiving

E-mail Management - Best Practices for Compliance
'How to achieve compliance while simplifying electronic data management'

Undeniably, one of the most important applications that keep companies running is the corporate messaging system, which is most typically e-mail. In a recent survey on data protection conducted by Enterprise Strategy Group (ESG), 59 percent of enterprise companies and 63 percent of mid-tier companies claim that e-mail is their most critical application. However, e-mail is also becoming an IT professional’s worst nightmare particularly as it relates to compliance.

When it comes to managing e-mail for compliance, some best practices and standards have been established. Information from consulting firms is available for organisations striving to become more knowledgeable on the best practices for electronic data management. When all of this information is boiled down, however, there are four key components that companies must pay attention to in order to ensure compliance:

• E-mail must be tamper proof: E-mail must be password protected, read only, non-deletable, encrypted, and digitally signed, and exist in a closed system online and offline.

• E-mail must follow the defined polices of the business: Policies include what e-mail is archived, where e-mail is archived, how long e-mail archives are retained, and how e-mail is protected.

• E-mail must have full audit ability of access and movement: E-mail must have the ability to be audited by a third party.

• E-mail must be fully indexed and provide full search capability: Specifically, e-mail archiving must be indexed based on capturing standard RFC-822 header information.

With these components in place, corporate IT departments can also develop an e-mail infrastructure that is scalable and easy to manage. Additionally, these e-mail best practices allow IT managers to manage more with less, saving valuable time, money, and resources.

What is Archiving?
With a number of storage vendors defining “data protection” to mean anything they want as it pertains to their products, many customers have been left confused as to what, exactly, archiving measures entail.

An archive is a collection of computer files that have been packaged together for backup, to transport to some other location, for saving away from the computer. Archiving creates an exact copy of data that never changes and is preserved for any number of reasons. This “exact” copy provides authenticity to anyone who would need to know that the version of the file is exact. Proper archiving captures a copy of a file each time it is saved such that each version is captured. Additionally, multiple copies may be made so that they can be moved to some permanent storage device to keep for long periods of time, and the original copy can be deleted to save on primary storage space.

Please choose from the following list of Blueloop Email Archiving Products:

Archiving Requirements
When it comes to best practices for archiving e-mail, there are four key factors to keep in mind when choosing an e-mail archiving solution:

• Discovery. Information must be easy to access and consistently available in order to meet legal discovery challenges from regulatory committees. In the case where companies do not need to meet regulatory requirements, having data readily assessible allows end users to search for information which they may have lost or accidentally deleted, alleviating calls to the help desk.

• Legibility. Information must have the ability to be read today and in the future, regardless of technology. One problem with backup systems is that they need to exist for years in order to recover tapes created on old systems with old backup software. As a result, when selecting an archiving technology, companies should look for solutions that are based on open systems, in the event that their e-mail applications should change. For example, if companies migrate from Novell GroupWise to Microsoft Exchange, they must still able to obtain archived e-mail.

• Audit ability. An e-mail archiving solution must have the ability to allow third parties to review information and validate that it is authentic.

• Authenticity. Information must meet all security requirements, account for alteration, and provide an audit trail from origin to disposition. An audit trail can track any changes made to an e-mail; anyone performing a search is informed when a file is altered and by whom.

Whether or not IT aims to create an e-mail archiving system for corporate governance or regulatory compliance, if an e-mail archiving solution meets these four criteria, then any piece of information captured in the archive is authentic and will ensure companies are confident in the material they present as evidence.

As IT is under pressure to keep more data for longer periods of time due to compliance efforts and the sheer increase in electronic data, e-mail management can seem like an IT professional’s worst nightmare. Once IT makes a knowledgeable distinction between e-mail backup and archiving and is aware of the best practices for archiving, challenges such as new compliance regulations and storage and recovery issues can be managed with success.

Blueloop provide a comprehensive range of email archiving solutions that meet these criteria for Microsoft Exchange & Novell GroupWise.