HTML Injection Attacks: Impact and Mitigation Strategies
Email Management and Email Archiving
1.
2. Business Drivers for Email Archiving Regulatory Pressure Increasing Email Volume Increasing Discovery Requests Increasing Sources: Osterman Research, “Messaging Archiving & Document Management Market Trends, 2008-2011,” 2007 Radicati Group “Email Statistics Report, 2009-2013 Osterman: The concise guide to E-Discovery, January 2010 67% 507 75% Companies ordered to produce email by a court or regulatory body Billion email messages per day by 2013 Percentage of discovery cases involving email
For most organizations, email is now a critical company asset. It is not only vital to effective business communication, but in many instances is also a store of intellectual property and sensitive client and company information. This has attracted the attention of industry regulators and put a burden on IT departments to effectively manage email stores. The key drivers for email archiving are: Regulatory Pressure is Increasing SOX requires retention of documents that contain information about business transactions and business decisions. Additional requirements are stipulated by HIPAA, Gramm Leach Bliley, and the SEC Increased requirements for legal discovery 67% of companies have been ordered to produce email by a court or regulatory body. Federal Rules of Civil Procedure (amended in 2006) require that organizations be prepared for legal discovery. Email Volume is Increasing According to Osterman research, corporate email volumes are projected to grow 68% through 2012. Radicati expects the volume of email per day to be 507 billion by 2013 Email Storage Needs are Increasing – by 40% per year according to Osterman research To address these issues, organizations require effective tools for complying with email retention policies, streamlining e-Discovery, and reducing IT costs.
The two examples here further demonstrate the potential risk of not having an email archiving solution in place. Even though most organizations are not likely to see judgments on this magnitude, these examples help to illustrate the willingness of courts to impose steep fines for failure to produce emails. In the Qualcomm v. Broadcom case, the court found that Qualcomm’s attorneys assisted Qualcomm in committing “Monumental Discovery Violations.” The significant ruling that followed definitely made the legal community sit up and take notice. The court sanctioned Qualcomm $8,568,633, ordered certain members of their in-house and outside Counsel to participate in a "Case Review and Enforcement of Discovery Obligations" Program, and referred six of Qualcomm’s outside counsel to the State Bar for possible ethics violations. Other examples: Feb 2007 – Nationwide fined £980,000 following the theft of one of its laptops due to inability to establish whether the laptop contained confidential customer information . December, 2007 – County of Suffolk spends an estimated $617,000 - $672,000 and restores 417 backup tapes when required to produce email relevant to the case: Toussie v. County of Suffolk. Even after going through the exercise, the plaintiffs remained unsatisfied with the production and argued that “even after the restoration, the County's total production could not possibly represent the emails exchanged by dozens of people in the targeted departments.”
Email Archiving.cloud service addresses the core requirements of an effective archiving solution; e-discovery, compliance, storage management, and tools for end-user productivity. In addition, as a hosted service, Email Archiving.cloud provides the following benefits: Low Total Cost of Ownership - Email Archiving.cloud offers a pure SaaS option with no onsite appliance, server, software or plug ins. Less technology within the network, means less for the customer to install, manage and maintain reducing the costs associated with the solution. Customers also lower costs by simply deleting emails from the local mail server and storing them in our off-site data centers, thereby reducing local email data stores. This capability helps to improve Exchange performance, lowers backup times and allows end users to have an unlimited personal archive that can be searched through Outlook, Outlook Web Access or BlackBerry devices. Our service also requires minimal upfront investment, scales to meet the changing business needs of our customers, and does not need dedicated full-time IT staff. The CIO and CFO benefit from a predictable cost structure that is easily budgeted as an operational expense. In addition, cost savings are realized as local IT teams are freed from the need to manage backup or high-availability for the archive environment. Increased efficiency – Unlike on-premise options, which have a reputation for difficult and lengthy deployment cycles, Email Archiving.cloud service can be deployed in a matter of days. For many organizations, time to benefit and reduction in deployment risk are key concerns. Ongoing management is also simpler than an onsite deployment. Reduced complexity – As a pure SaaS solution, Email Archiving.cloud dramatically reduces complexity compared to an in-house deployment. There are no appliances, servers or software to install, configure and manage. Our unlimited storage and retention model does away with the need for capacity planning and as the archive is stored off site, the customer does not need to worry about redundancy or backing up the archive.
Let’s talk more specifically about archiving addresses the needs of a broad range of stakeholders: End Users want to have access to all emails they have sent or received. They are also looking for ways to minimize the amount of time they spend managing their email and want to avoid the unnecessary filing and search tasks that result when mailbox quotas drive adoption of personal archives (.PST files). Ideally, they would like access to their email archive from their desktop, laptop or BlackBerry. Legal / General Counsel/HR is looking for a way to streamline e-discovery and easily manage legal holds, which define the universe of content under review for a particular case, define access privileges for that content, and prevent content from being deleted. Compliance Officers and Records Managers need to be able to define and enforce policies for retention and supervision. They want to be able to do “spot checks” of email to make sure that policies are being applied correctly, have the ability to update archiving policies when needed, and keep a record of policy changes through an automated audit trail. IT is responsible for implementing and managing the solution. This group is interested in selecting a solution that is quick to setup, lowers storage costs, increases mail server performance, shortens backup windows, and reduces the need to manually satisfy search and retrieval requests. They also have the responsibility of planning how the email archive will be protected in the event of a site disaster.
Let us summarize the advantages of Email Archiving.cloud: Pure hosted solution – No appliances, servers, software or client plug ins make the service simpler to install, manage and maintain. Unlimited storage and retention – Customers no longer have to plan for future capacity or worry about increasing data costs. Easy to use end user search – within the archive users can search across their inbox, sent items and folders simultaneously to quickly find what they are looking for. Search filters break the results down into facets such as sender, date and attachment to quickly narrow down search results. Searches operate within the email and attachments. Bounded global search capability can be delegated to legal staff or managers. Powerful Legal Hold & e-discovery – Easily establish legal holds with the ability to change legal hold parameters and dynamically capture new emails that meet criteria as they enter the archive. Alerts can also be enabled to notify when new material is added to a legal hold. Multi platform support – The service supports Exchange 2003, 2007 and 2010 as well as Domino 6.x to 8.x and GroupWise. Hosted Exchange/cloud email support – The service has been engineered to be compatible with Hosted Exchange multi tenanted environments and other cloud email providers. Customers can deploy with an on-site email server today but leave themselves the option of moving to a cloud email platform in the future.
By clicking on a folder within Microsoft Outlook, users have access to their email archive. Cached sign in technology means they don’t have to sign in or worry about lost user names and passwords. Once in the archive, the service enables users to quickly search and retrieve relevant emails. Easy to use end user search – within their archive users can search across their inbox, sent items and folders simultaneously to quickly find what they are looking for. Search filters break the results down into facets such as listing results by sender, date or whether they had an attachment enabling users to quickly narrow down search results. Searches operate within the email and attachments and searches can be saved for future use. Restore email, reply or forward – Restored emails go straight to the top of the user’s Inbox, appearing exactly as the original email did. Users also have the option of replying and forwarding to messages from within the archive. Retain company knowledge – Users can be given supervision rights other other’s mailboxes. This is useful in instances where a new employee can be given access to a departed employee’s mailbox to search for relevant email communications and documents.
Email Archiving.cloud retains your emails and attachments to meet your organization’s specific retention requirements. Features enable legal or HR to enforce legal retention and find and export email records as and when needed. Legal discovery – quickly and easily implement legal holds over mailboxes of users implemented in cases so that potentially important emails are not lost. These holds can then be refined and saved with new emails meeting the criteria being automatically added Delegate access – granular access permissions to reviewers within your organization. Access can also be given to users outside your organization by enabling trusted IP ranges Enforce retention policies – establish retention policies based on a wide range of criteria with emails automatically deleted at the end of the retention period. Flexible export options - export search results into PST, EML, NSF and EDRM XML file format.
For companies that operate in highly regulated industries, the optional supervision and review features allow compliance staff to automate the process of monitoring, reviewing, and commenting on email communications. Monitoring/supervision – the service offers a number of tools to streamline the supervisory process, including automatic flagging of suspicious emails for auditor review. Multi tiered review structure supports workflow between compliance officers, Offices of Supervisory Jurisdiction (OSJs) and branch managers. Random sampling – Auditors can conduct random sampling to meet regulatory compliance requirements. This feature quickly compiles a random set of messages for review Tamper-proof storage - WORM (write once, read many) storage meets the strictest regulatory compliance requirements.
Email Archive.cloud is a purely hosted service enabling rapid set up and lowering ongoing management costs. Pure hosted service – no appliance, server, software or client plug ins make set up a simple process. The emails are sent to the data centres using journaling, over a secure TLS connection Active Directory integration – an optional tool provides integration with directories for easy management of users and automated deployment of archive folders to users ’ Outlook clients and Outlook Web Access
In the majority of email archiving projects, the customer wants to import email stores so that they have a complete archive. Having the ability to easily and reliably do this can be major benefit. Automated data collection – unique tools assist with importing data from legacy on premise archives, email server stores or hosted archives Manage & control PST/NSF files – a software application will crawl the network for PST files and gather them all into one place for import Maintain personal folder structure – when importing PST files the user ’ s folders can be maintained so that they have a familiar structure in the archive.
BlackBerry devices are increasingly used throughout organizations, proving the ability to receive and reply to email on the move. Unlimited email access – normally a BlackBerry user will have access to the last 90 days of email, but with the Email Archiving.cloud BlackBerry client, they will have access to their entire email archive right from their BlackBerry Access your archive during email outages – use the unlimited archive to compose, reply to and forward emails when your email server is unavailable Consistent user experience – the BlackBerry client has a similar look and feel to the archive search capability within Outlook enabling users to easily retrieve email from their archive
Email Archiving.cloud satisfies the needs of end users, compliance officers, legal, HR and IT departments. As a managed service, it is easy and fast to deploy and provides the organization with predictable costs and lower total cost of ownership.
![An Introduction to Symantec MessageLabs Email Archiving.cloud Chris Russell ,[object Object]](https://image.slidesharecdn.com/emailmanagementarchivingcloud-13037753205796-phpapp02/85/Email-Management-and-Email-Archiving-1-320.jpg)
