When you are evaluating an email archiving service, there are some key features to look for. Not all services for archiving emails are the same, with some having better mechanisms than others to prevent email data loss, ensure compliance, and enhance productivity.
Email data loss has become a massive problem for businesses. Cybercriminals have started hacking into mail servers, stealing email data, and even deleting data and demanding a ransom to return business-critical emails. Ransomware is also used to encrypt files and disable the email system, with the decryption keys only provided if a substantial ransom payment is made.
Not all email data loss is attributable to outsiders. According to a study conducted by Osterman Research in 2016, 69% of businesses have suffered “significant data or knowledge loss” due to employees maliciously deleting emails or taking email data with them when they leave their jobs. The results of the study mirror those found by the Ponemon Institute in 2009 – implying that email data loss due to insiders is not a recent phenomenon.
Regulatory-Compliant Email Archiving Services
Email data loss is not the only issue businesses have to content with in relation to archiving. Several industries have regulations stipulating retention periods for sensitive or personal data such as SOX and HIPAA. There are also federal and state legislation to comply with. The IRS requires records relating to tax to be retained for between 3 and 7 years, depending on the type of data, and businesses are also required to store email data to comply with the Federal Rules of Civil Procedure which, since 2006, have required businesses to retain and produce electronically stored information (ESI) within 30 days if required to do so by a court order.
According to data from IDC, over 60% of a business’s data is stored in email, and much of that is found nowhere else. On average, a user will receive 126 emails a day, many of which will need to be retained. This can create storage capacity problems and the volume of messages and email attachments can reduce network performance. It is therefore essential that whichever email archiving service is implemented has the necessary storage capacity, can prevent server performance issues, and ensure that when emails need to be found, searches can be performed quickly and easily. With respect to the latter, there is a high chance that the archive may need to be accessed and email data retrieved. IDC found that 74% of organisations have been ordered to produce employee email as part of legal action.
Email Archiving Services and GDPR Compliance
As well as being fast and accurate at restoring data, an email archiving service needs to be efficient at searching and retrieving data if your business collects, processes, or maintains data in email format containing EU citizens´ personally identifiable information. Under the General Data Protection Regulation (GDPR), an EU citizen has the right to request access to their data at any time, and access requests must be resolved within thirty days. A request can also be submitted to have all personal data deleted, which means data in email systems will need to be found and erased. It is essential for a mechanism to be in place that allows personal data to be found easily and rapidly.
Also under GDPR, businesses must not only ensure the integrity of personal data and protect it against theft, loss, or unauthorized disclosure, but prove compliance if requested to do so by a “supervisory authority”. In terms of regulatory compliance, GDPR has the security requirements of Sarbanes-Oxley, the audit requirements of HIPAA, and the broad reach of the Federal Rules for Civil Procedure.
How an Efficient Email Archiving Service can Enhance Productivity
A survey sponsored by Adobe in 2016 found that 57% of employees wasted at least one hour per day searching for misfiled or missing documents and emails. Many of the missing emails had been deleted by mistake and employees would request IT personnel would recover them – decreasing the productivity of two employees rather than one.
It is possible to eliminate the dual loss of productivity with an email archiving service that provides employees with an easy-to-use search and retrieve function. Missing emails can be found and restored, printed, or exported within minutes without the assistance of IT personnel. Naturally, it is important that proper access controls are implemented when providing this facility.
What to Look for in an Email Archiving Service
The most effective type of email archiving services are cloud-based. Cloud-based email archiving services have the benefit of centralizing emails distributed across multiple servers into one location. Copies of each inbound and outbound email are made in real time, are de-duplicated, compressed, indexed, and encrypted before being transferred via a secure connection to an IL5 certified data center.
This process eliminates the need for mailbox quotas as archived emails are always accessible. Authorized employees can search for and retrieve archived emails at any time via a web browser or mail client plug-in. Consequently, the process also lightens the burden on mail servers.
Deduplication is a process that removes duplicated content and attachments from emails to reduce the amount of storage space required. It also accelerates the search and retrieval process, and ensures search results are not full of duplicated content.
Access controls are necessary in order to mitigate the risk of email data loss and ensure regulatory compliance. The simplest way to implement access controls is to integrate the email archiving service with Active Directory or LDAP for assigning role-based access controls.
Tamper-Evident Audit Trail
A tamper-evident audit trail is a key capability for determining when an archived email has been accessed, by whom, and what actions were taken. The best email archiving service allows administrators to reverse alterations when they have been made without the proper authorization. It is also essential for an original copy of emails to be retained so they can be produced for an audit or eDiscovery.
ArcTitan – An Effective Cloud-Based Email Archiving Service
ArcTitan is a user-friendly cloud-based email archiving service that is compliant with all domestic and international regulations for data retention, security and auditing. ArcTitan enables businesses to apply their own archiving policies to ensure archived emails are never lost and can always be recovered.
In addition to including all the things to look for in an email archiving service, ArcTitan is proven to be secure. All data transfers are protected by end-to-end encryption via mandatory TLS, during which passwords are also hashed to eliminate the threat of “Man-in-the-Middle” attacks and other unauthorized interceptions. The archive is encrypted and stored Replicated Persistent Storage on AWS S3 (IL5-certified) and is automatically backed up. The archive will always be accessible, even during an email service provider outage so you will continually have access to business-critical emails.
Being a cloud-based service, ArcTitan is compatible with every operating system and works with all email service providers and common email clients. Our email archiving service can process up to 200 emails per second and search a database of 30 million emails in under a second. For larger businesses and enterprises, ArcTitan scales up to 60,000 users with no loss of performance and customers are not charged for storage space, only a flat fee for the number of active users.
Your Invitation to See ArcTitan in Action
If your business would like to mitigate the risk of email data loss, ensure compliance with federal, state, and industry regulations, and enhance productivity, speak with us about a free demo of ArcTitan. Our team of Sales Technicians will be happy to schedule a demo for you and your team at a convenient time. If you subsequently choose to proceed with a subscription, we are happy to discuss the deployment and configuration processes with your IT team to ensure a seamless transition.