Focus: Email Archiving
1. What are the issues behind email archiving?
2. Which regulations must be followed when archiving email?
3. What are the consequences of violating legal statutes?
4. How can organizations set about implementing an email archiving project?
5. What are the benefits of server-side email archiving?
6. How does Email Management impact archiving?
7. How is Email Management different from ILM?
8. How can email archiving be implemented with iQ.Suite?
9. How can organizations ensure that the email archiving process is audit-proof?
10. How can we get the exploding volume of email under control?
2. Which regulations must be followed when archiving email?
3. What are the consequences of violating legal statutes?
4. How can organizations set about implementing an email archiving project?
5. What are the benefits of server-side email archiving?
6. How does Email Management impact archiving?
7. How is Email Management different from ILM?
8. How can email archiving be implemented with iQ.Suite?
9. How can organizations ensure that the email archiving process is audit-proof?
10. How can we get the exploding volume of email under control?
What are the issues behind email archiving?
When it comes to email management, many companies still focus only on taking immediate actions like implementing virus protection and spam filtering, and do not yet regard email as a long-term business process.
Because electronic messages are regarded as commercial documents, new legal statutes like the GDPdU in Germany and the Sarbanes-Oxley Act in the US now require businesses to keep emails on file for specific timeframes. To ensure that email traffic is properly documented and can survive an audit, businesses must now view the connection of email with archiving systems as a high priority. Many businesses don't archive email at all, however, and some leave it to employees to decide what is legally relevant. In this case formalized email archiving guidelines can help, but in many organizations these also do not yet exist.
Because electronic messages are regarded as commercial documents, new legal statutes like the GDPdU in Germany and the Sarbanes-Oxley Act in the US now require businesses to keep emails on file for specific timeframes. To ensure that email traffic is properly documented and can survive an audit, businesses must now view the connection of email with archiving systems as a high priority. Many businesses don't archive email at all, however, and some leave it to employees to decide what is legally relevant. In this case formalized email archiving guidelines can help, but in many organizations these also do not yet exist.
 |
 |
|
|
Which regulations must be followed when archiving email?
|
Many businesses are either incognizant of compulsory electronic archiving regulations or indefensibly neglect them. There are a number of email archiving regulations that businesses should diligently observe to create an element of legal security. Organizations are always on the safe side when they have documented their business processes - including incoming and outgoing emails - and have archived this information so that it is complete, tamper-proof and effective in cases of controversy. Important German regulations that impact email archiving include the tax code, the principles of proper bookkeeping, the principles of data access and auditability of digital documents (GDPdU) and the principles of proper data-processing-based bookkeeping systems. These regulations mandate not only completeness, but require that archiving processes be both tamper-proof and audit-proof. |
|
|
|
|
|
What are the consequences of violating legal statutes?
Violation of legal statutes can lead to costly legal processes, punishments and penalties into the millions, claims for third-party damages and loss of public image. In some cases imprisonment threatens those responsible. For example, the Federal Data Protection Act (BDSG) in Germany has recently been amended to provide significantly stronger rules for governing cases where someone has been damaged through intentional or negligent misuse and storage of personal data. The rules put the burden of proof not on the person damaged, but instead on the person who caused the damage, who must prove the information was handled properly.
|
|
|
|
How can organizations set about implementing an email archiving project?
Today, emails can be centrally transferred to an archiving system without error or omission. To ensure that archived emails are tamper-proof, incoming and outgoing messages should be intercepted on the mail server and transferred to the archiving system as originals before they are delivered to their recipients. The possibility of user tampering is thus excluded, because users only receive copies of the original emails. Leveraging indexing and keywords, emails can then be easily located and securely restored on demand. This enables fast access to centrally managed information and ensures compliance with regulatory requirements for audit-proof archiving.
Before they are archived, emails should be additionally filtered for spam and viruses to ensure that only business-relevant messages are stored. Solutions like iQ.Suite also provide the ability to automatically classify emails according to content before archiving them. This makes later retrieval significantly easier.
Integrating the email platform with CRM and ERP systems is also no longer a major challenge.
Before they are archived, emails should be additionally filtered for spam and viruses to ensure that only business-relevant messages are stored. Solutions like iQ.Suite also provide the ability to automatically classify emails according to content before archiving them. This makes later retrieval significantly easier.
Integrating the email platform with CRM and ERP systems is also no longer a major challenge.
|
|
|
|
What are the benefits of server-side email archiving?
Directly archiving emails on the server ensures that messages are automatically and completely archived as originals. Recipients receive only copies, and do not need to be involved in the archiving process. It also becomes impossible for users to manipulate email content or to intentionally or accidentally delete messages.
The server-sided approach also provides the opportunity to implement additional processing steps associated with archiving, for example spam and virus filtering or email classification that take place before storage. Implementing similar steps on client desktops would be extremely labor-intensive and clearly expensive.
The server-sided approach also provides the opportunity to implement additional processing steps associated with archiving, for example spam and virus filtering or email classification that take place before storage. Implementing similar steps on client desktops would be extremely labor-intensive and clearly expensive.
|
|
|
|
How does Email Management impact archiving?
Email Management focuses on the entire lifecycle of an email from its creation to its deletion, similar to the classic document management concept everyone is familiar with. iQ.Suite is a set of tightly interlocking software modules from GROUP Technologies that makes it easy to implement Email Management in the enterprise. The solution makes sure emails are properly organized and stored after they have entered and before they leave the organization so that they can be retrieved, edited and saved during their prescribed lifetime without the risk that their original context is lost. The review, classification and filtering of emails is, in the end, implemented to achieve this goal.
|
|
|
|
How is Email Management different from ILM?
Solutions for Information Lifecycle Management (ILM) come into play only after data is "storage ready" on the email client. Whether users have intentionally or accidentally modified emails or completely deleted them is irrelevant to the process. This makes it impossible to ensure that emails are properly and completely archived. A reliance on storage management as prescribed by ILM solutions can thus lead to legal sanctions for example when important data contained in emails cannot be produced during an audit.
More importantly, conventional ILM strategy fails to take advantage of the opportunity to significantly improve the organization's email process. That's where Email Management comes in. When email volume is minimized through spam defense, physical storage requirements are reduced. When flexibly configurable guidelines are used to sort, classify and assign incoming emails and their attachments to individual business processes according to type and ownership, messages become more effectively archived and faster to locate again on demand. Unlike ILM, the goal of E-mail Management is to optimize the email process and to focus on the business relevant.
More importantly, conventional ILM strategy fails to take advantage of the opportunity to significantly improve the organization's email process. That's where Email Management comes in. When email volume is minimized through spam defense, physical storage requirements are reduced. When flexibly configurable guidelines are used to sort, classify and assign incoming emails and their attachments to individual business processes according to type and ownership, messages become more effectively archived and faster to locate again on demand. Unlike ILM, the goal of E-mail Management is to optimize the email process and to focus on the business relevant.
|
|
|
|
How can email archiving be implemented with iQ.Suite?
There are three modules within iQ.Suite: Organizations can implement email archiving with iQ.Suite Safe or leverage leading archiving solutions from third party vendors by connecting them to iQ.Suite using iQ.Suite Bridge. Data secured in iQ.Suite Safe can be safely and easily transferred to another audit-proof archiving system at a later time if desired. iQ.Suite Store supports the external storage of messages and attachments on inexpensive media and enables when used in combination with the module iQ.Suite Bridge to centrally archive emails before they are delivered using a rule-based process that runs on the email server.
iQ.Suite Safe
Before messages are delivered, iQ.Suite works in the background to centrally store tamper-proof, original versions of emails in various logical archives. The use of multiple archives is supported, and functions for searching and restoring previously archived emails are provided. Only clean, business-relevant emails are stored, and the multiple-copy archiving scenario that results from non-centralized processes is eliminated. External and internal email processes are completely re-constructible and verifiable, and the integrity of archived messages is at all times ensured. iQ.Suite Safe therefore supports the direct requirements of ISO 9000ff. Internal corporate security guidelines for archiving, such as restricting access to secured data to authorized personnel, can also be optimally implemented with iQ.Suite Safe.
iQ.Suite Bridge
iQ.Suite Bridge connects third-party archiving systems from leading vendors such as SAPERION, TJ Group and others to iQ.Suite. The module runs on the mail server and is centrally configurable. Its role is to intercept messages before delivery and securely transfer them to external archiving systems after they have been reviewed for spam, viruses and compliance with guidelines. Tamper-proof copies of messages are automatically stored in individual databases, and as desired encrypted. This reduces the burden on the mail server and on the archiving system.
Security considerations stand in the foreground. Messages reach their recipients only after they have been checked and filtered. This also helps prevent the unauthorized distribution of sensitive documents via email. Existing archive systems can also be connected to the email platform and used for email archiving.
In addition, iQ.Suite sends important metadata like the email header, processing details and search engine category to the archiving system. Email correspondence can then be immediately restored at a later time, for example during a tax audit or for other internal or external audits, using keyword searches.
iQ.Suite Store
iQ.Suite Store uses customizable rules to control all processes associated with the legally-compliant, automated archiving of emails and attachments up through and including their deletion after specified timeframes. The scalable module supports compression, encryption and the external storage of messages and attachments on inexpensive media. It also delivers a comprehensive search facility and makes it possible to restore true originals of emails into user mailboxes.
iQ.Suite Store can in addition operate as the interface between the messaging system and archiving solutions (for example FileNet, SER, COI and Axxento) or storage systems (for example IBM Tivoli Storage Manager, EMC Centera, NetApp Snaplock, Grau Data Storage and NT File System (NTFS)).
When used in combination with the module iQ.Suite Bridge, iQ.Suite Store makes it possible to centrally archive emails before they are delivered using a rule-based process that runs on the email server. This centralized approach not only relieves the email system from the need to handle archiving processes and data it ensures that stored messages are tamper-proof and enables "single instance" archiving of redundant email attachments. In addition to being able to integrate with archiving and records management systems, iQ.Suite Bridge can also tie other critical applications like compliance, ECM/DMS and ERP systems into iQ.Suite to yield a comprehensive Email Lifecycle Management solution.
iQ.Suite Safe
Before messages are delivered, iQ.Suite works in the background to centrally store tamper-proof, original versions of emails in various logical archives. The use of multiple archives is supported, and functions for searching and restoring previously archived emails are provided. Only clean, business-relevant emails are stored, and the multiple-copy archiving scenario that results from non-centralized processes is eliminated. External and internal email processes are completely re-constructible and verifiable, and the integrity of archived messages is at all times ensured. iQ.Suite Safe therefore supports the direct requirements of ISO 9000ff. Internal corporate security guidelines for archiving, such as restricting access to secured data to authorized personnel, can also be optimally implemented with iQ.Suite Safe.
iQ.Suite Bridge
iQ.Suite Bridge connects third-party archiving systems from leading vendors such as SAPERION, TJ Group and others to iQ.Suite. The module runs on the mail server and is centrally configurable. Its role is to intercept messages before delivery and securely transfer them to external archiving systems after they have been reviewed for spam, viruses and compliance with guidelines. Tamper-proof copies of messages are automatically stored in individual databases, and as desired encrypted. This reduces the burden on the mail server and on the archiving system.
Security considerations stand in the foreground. Messages reach their recipients only after they have been checked and filtered. This also helps prevent the unauthorized distribution of sensitive documents via email. Existing archive systems can also be connected to the email platform and used for email archiving.
In addition, iQ.Suite sends important metadata like the email header, processing details and search engine category to the archiving system. Email correspondence can then be immediately restored at a later time, for example during a tax audit or for other internal or external audits, using keyword searches.
iQ.Suite Store
iQ.Suite Store uses customizable rules to control all processes associated with the legally-compliant, automated archiving of emails and attachments up through and including their deletion after specified timeframes. The scalable module supports compression, encryption and the external storage of messages and attachments on inexpensive media. It also delivers a comprehensive search facility and makes it possible to restore true originals of emails into user mailboxes.
iQ.Suite Store can in addition operate as the interface between the messaging system and archiving solutions (for example FileNet, SER, COI and Axxento) or storage systems (for example IBM Tivoli Storage Manager, EMC Centera, NetApp Snaplock, Grau Data Storage and NT File System (NTFS)).
When used in combination with the module iQ.Suite Bridge, iQ.Suite Store makes it possible to centrally archive emails before they are delivered using a rule-based process that runs on the email server. This centralized approach not only relieves the email system from the need to handle archiving processes and data it ensures that stored messages are tamper-proof and enables "single instance" archiving of redundant email attachments. In addition to being able to integrate with archiving and records management systems, iQ.Suite Bridge can also tie other critical applications like compliance, ECM/DMS and ERP systems into iQ.Suite to yield a comprehensive Email Lifecycle Management solution.
|
|
|
|
How can organizations ensure that the email archiving process is audit-proof?
Companies are required to store emails for specific timeframes depending on their content so that archived messages can be later restored for audit purposes. Internal corporate guidelines must be taken into account during the archiving process.
What's important here is to intelligently connect the email infrastructure and the archiving system to create a solid basis for implementing both regulatory compliance and efficient email management. Using interfaces like iQ.Suite Bridge, archiving systems can be seamlessly connected to the email system. Tamper-proof versions of messages can then be transferred to an audit-proof archiving system directly on the server, and at a later time located with keyword searching and restored.
What's important here is to intelligently connect the email infrastructure and the archiving system to create a solid basis for implementing both regulatory compliance and efficient email management. Using interfaces like iQ.Suite Bridge, archiving systems can be seamlessly connected to the email system. Tamper-proof versions of messages can then be transferred to an audit-proof archiving system directly on the server, and at a later time located with keyword searching and restored.
|
|
|
|
How can we get the exploding volume of email under control?
According to the Computer Industry Almanac, the number of worldwide internet users has for the first time in 2005 exceeded one billion, and analysts expect email volume to continue increasing. With iQ.Suite, only business-relevant messages reach user mailboxes and archiving systems. Server-side filtering of incoming and outgoing emails for spam, viruses and prohibited attachments prevents unnecessary growth in data volume.
Any email software in use should be able to incorporate established corporate guidelines into the filtering process. This is ensured by iQ.Suite's flexibly configurable rule-based framework. The existence of such automated rules should also be communicated to every affected employee in the business. This "email policy" then makes it possible to clearly define what is allowed and not allowed with respect to email usage. What should be avoided in all circumstances is the oblivious and simple deletion of emails, as this can have very expensive consequences.
Any email software in use should be able to incorporate established corporate guidelines into the filtering process. This is ensured by iQ.Suite's flexibly configurable rule-based framework. The existence of such automated rules should also be communicated to every affected employee in the business. This "email policy" then makes it possible to clearly define what is allowed and not allowed with respect to email usage. What should be avoided in all circumstances is the oblivious and simple deletion of emails, as this can have very expensive consequences.
|
|
|
|
