A business email archiving solution can help mitigate one of the most underrated cybersecurity threats – insider data theft. Research shows insider data theft occurs more often than most businesses believe, and consequently few businesses implement measures to prevent it.
The scale of insider data theft – employees stealing confidential data to either sell on the black market or use to leverage a new job – has been well chronicled since 2009; when research conducted by the Ponemon Institute revealed that almost 60 percent of departing employees delete email data when they leave their jobs or take data with them.
A similar survey conducted in 2017 by Osterman Research found that 69 percent of the businesses surveyed had suffered “significant data or knowledge loss” due to insider data theft; but whereas previously stolen data consisted mainly of client contact lists, departing employees where loading up their mobile devices with much more business-critical information.
The concern with these two reports is that the figures quoted only relate to insider data theft that has been identified. Much more data could have been stolen, but the businesses researched did not know about it. A third study found that 60 percent of businesses are unprepared for employee data theft and that fewer used a business email archiving solution.
How to Mitigate Insider Data Theft with a Business Email Archiving Solution
Not all insider data theft is intended – or intentionally malicious. The Osterman Research study found some employees stole data without realizing they were doing it, while others only took intellectual property they helped create. Nonetheless, the outcome is still the same; and because many email services fail to provide backup and recovery services by default, the stolen or deleted data is often not recoverable.
A business email archiving solution mitigates the threat of insider data theft by copying each email as it passes through the mail server, indexing it, and archiving it in a secure server – ideally one in the cloud that encrypts data in transit and at rest. A cloud-based business email archiving solution also has the advantage of storing data in one place – eliminating the need for physical data to be restored and searched through in order to find specific emails.
Provided an appropriate email archiving policy is enforced, any unauthorized access to archived email data is prevented. Authorized employees can retrieve emails on demand quickly and easily, with the business email archiving solution monitoring user activity and producing audit logs so any alterations to archived emails can been identified and reversed if necessary – ensuring the integrity of data and fulfilling compliance requirements for businesses in regulated industries.
More about the Compliance Benefits of a Business Email Archiving Solution
In many businesses it is necessary for data to be stored securely, retained for certain periods of time, and be quickly accessible when a natural or man-made disaster occurs. A cloud-based business email archiving solution saves time when businesses are subject to e-discovery or compliance audits, and retention policies can be enforced by keyword to avoid the accidental deletion of indexed emails.
In addition to mitigating insider data theft, accelerating searches, and helping to enhance compliance efforts, a cloud-based solution for archiving business emails frees up space on on-premises servers, and lessens the number of requests made to IT personnel from employees who have deleted an email in error as the solution enables authorized employees to recover lost emails without assistance.
Solution for archiving business emails are quick to implement, and simple to use, and integrate with business directories Active Directory and LDAP so that access controls can be applied with the click of a mouse. The job of monitoring user activity and ensuring the integrity of data is also simple due to the reporting capabilities of a business email archiving solution that can identify suspicious activity.
Business Email Archiving for GDPR Compliance
In May 2018, businesses that collect, process, or store personally identifiable information relating to the EU citizens became subject to the General Data Protection Regulation (GDPR). GDPR allows EU citizens to request access to data kept on record about them and know who it is shared with. EU citizens also have the right to request their data is permanently deleted – which it should be automatically once it has served the purpose for which it was collected.
Responding to access requests, or deleting email data once its useful purpose has been served can be a time-consuming process when emails are backed up and archived on removable physical devices. Certainly it is difficult to reply to a “right to be forgotten” within the thirty days allowed and be sure that every piece of data pertaining to the individual has been located and deleted.
A cloud-based business email archiving solution resolves this issue and avoids the business being subject to a financially penalty for non-compliance; which, in the most extreme cases, can amount to 4 percent of global turnover – even if a breach of data has not occurred. Furthermore, a business email archiving solution will also comply with the GDPR rules relating to data security and audit trails.
ArcTitan – WebTitan’s Solution for Archiving Business Emails
ArcTitan is WebTitan´s cloud-based solution for archiving business emails. It is extremely fast – archiving up to 200 emails per second and capable of searching 30 million emails per second – and extremely scalable – supporting up to 60,000 users. Importantly for businesses of all sizes, ArcTitan is compatible with all leading email service providers, and compliant with regulations such as GDPR, HIPAA, and Sarbanes-Oxley.
ArcTitan´s versatile policy engine enables administrators to apply permission tiers so that authorized users can either search for their own emails, departmental emails, or business-wide emails. Authorized access to archived data is instant, and retrieved emails can either be restored to the mail server, printed, or exported to file – with every activity monitored in real-time for accurate and immutable reporting.
If your business is experiencing email data loss due to the actions of departing employees, or a risk assessment has found gaps in its regulatory compliance, do not hesitate to get in touch in order to find out more about our business email archiving solution. Our team will be happy to answer any questions you have and will invite you to take advantage of a free trial of ArcTitan to evaluate our business email archiving solution in your own environment.