GFI MailArchiver
eDiscovery and Email Compliance
Email has become the standard method of correspondence used by businesses both for internal communication as well as to engage in business affairs with outside clients. Therefore emails often contain important, and sometimes confidential, information that needs to be archived for possible future use in order to comply with eDiscovery requests, specific regulations as well as the company's email compliance policies.
There are various reasons why a company should implement a suitable email compliance policy for their email correspondence. Emails are often the only form of written correspondence that exists between a company and their clients, and therefore it is important that a copy of this correspondence is retained to ensure that the company fulfils the requirements of email compliance regulations that it must follow and to be in a position to respond to legal issues such as eDiscovery requests at short notice. Emails also contain internal correspondence between staff members that may need to be referred to at a later stage and possibly require regular monitoring.
Why a company needs email archiving
Existing regulations such as Sarbanes-Oxley, HIPAA and the FRCP treat emails as being equal to paper-based documents in terms of valid and admissible documentation in a court of law. Such documentation is often requested by attorneys or courts in the form of an eDiscovery request. eDiscovery is the process of locating, securing and using documentation from a company's archives in a legal setting, so the ability to easily locate emails with the secure knowledge that they haven't been tampered with is something that companies need to invest in, as failure to abide by procedures could result in court fines and other financial burdens, as well as damaging their reputation.
Therefore a company primarily needs to recognise the need to implement an email compliance policy with particular attention to email archiving; draw up a suitable policy to suit the company's needs and ensure that there is the appropriate infrastructure in place to put the policy into practice.
How email archiving should be implemented
Email archives should not be archived on the mail server but should have their own localized server that is specific to its task. The reasons behind this revolve around security, maintenance and resources.
Having your emails archived on a separate database, and not local computers or the email server, ensures more protection for the archives should the server crash, as well as lightening the load on the server. The email server should be used for one specific task, which is to filter emails; therefore when archiving is another process that the server is meant to handle, its resources are being stretched to capacity risking poor performance in both tasks. Maintenance of the servers also comes into play because by not having multiple systems running on one machine, you reduce the risk of problems and crashes. A dedicated email server and a dedicated archiving server render the upkeep of both machines a simpler and cleaner process.
Moreover, separate backups of both servers ensure a safer environment and minimize the risk of loss of all the data should a backup fail to work. By having the archived emails on a separate server, should the email server crash all is not lost since the archived emails would be accessible and easily recoverable meaning that work can be resumed from a certain point. The retrieval of emails would also be a lot simpler and quicker making it hassle-free for administrators.
Email archiving compliance
A system with in-built auditing capability, such as recording, logging and retention or database and user activity, or other secure methods such as encryption will go a long way to ensure that the emails have not been tampered with and/or amended in any way, as this would invalidate them in a court of law. This is particularly important in industries and countries where regulations require organizations to monitor user activity and keep audit trails of this activity. Moreover it’s important to have an email compliance archive that is easily searchable so that emails can be retrieved quickly upon demand. An email archive that is cumbersome to administer is likely to be more of a problematic feature, than a solution.
Email archive systems need to be auditable for compliance purposes. Log files and counts need to be maintained as proof of all actions taken relating to the email compliance archive. Logs must prove that all emails are being captured and that all emails (including their attachments) can be searched for, found and viewed in their original format. It is also important to advise users that their emails are being recorded and archived as this will act as a deterrent to any abuse of the system.
Email archiving is becoming a standard practice in today's businesses as the implementation of a successful email compliance policy could save a company a lot of time, money and resources, and provide guarantees that it is in a position to respond to eDiscovery processes and fulfil the requirements of compliance regulation which the company must adhere to.
Email archiving softwaresuch as GFI MailArchiver for Exchange will help organizations to respond to any eDiscovery requests and to comply with many laws and compliance regulations in different industries related to email usage.
Product Information »
Library »
Screenshots »
DOWNLOAD »
Pricing / Licensing »
BUY NOW »
| Version: | 6.1 |
| Date: | 11/05/2009 |
Home
Products
Support
Company