imageteam - Fotolia
What are best practices for archiving emails?
Archiving email is crucial to the business continuity and disaster recovery process. For example, consider how cybersecurity and cloud storage can integrate with the archiving.
Given that emails are one of the most important assets to an organization, the ability to preserve them through archiving is an essential activity. Technology has greatly improved the process of archiving emails.
Some time ago, TechTarget's SearchCIO site published the "Top 10 best practices for email archiving." While those best practices for archiving emails are still relevant -- for example, it is essential to move email retention from a manual to an automated process and to review your archiving procedures regularly -- several more email archiving guidelines are important. It's crucial to have proper integration with other processes, and incorporate newer technologies. Here are six best practices for archiving emails:
- Ensure that email archiving is part of business continuity (BC) and disaster recovery (DR) planning. Email is an important business asset and it may also have legal and regulatory requirements that you need to address, such as the Health Insurance Portability and Accountability Act, the Payment Card Industry Data Security Standard, the Gramm-Leach-Bliley Act and the Sarbanes-Oxley Act. Make sure that you factor these and other requirements -- such as GDPR -- into BC/DR plans, especially when planning for data backup, recovery and archiving.
- Factor cybersecurity considerations into planning for archiving emails. Cyberattacks can occur at any time, and can damage valuable business data and other records. A popular strategy is to encrypt data and databases, whether at rest or in motion. When archiving email, be sure they are encrypted.
- Document email archiving policies and procedures. Ensure these important resources are securely stored (e.g., encrypted), so only the appropriate people can access them. Make sure they are distributed to employees at all levels.
- Periodically test to ensure you can retrieve and decode archived emails and that you can verify their content. In these tests, check that you can retrieve valuable emails when needed, such as for legal discovery or regulatory and audit review. You can include testing as part of BC/DR tests of data backup and storage technologies.
- Conduct email archive process training as part of BC/DR and emergency response training activities. It may also be useful to include references to email archiving in company-wide information sources, such as on SharePoint and other similar platforms.
- Take cloud storage resources into account as an important strategy for archiving emails. Products such as Mimecast, Cloudian, Office 365, Gmail and many others offer email archiving capabilities. Benefits include a reduced need for data migrations from one platform to another, increased data durability so it is unaffected over time, greater scalability of resources to accommodate archiving needs, ease of capacity planning via modular growth capabilities of today's systems, and the potential to lower archiving costs over conventional enterprise storage.