In this post we will explain why businesses using Office 365 should implement a third-party email archiving service rather than use the Office 365 email archiving feature to ensure compliance.
Many businesses have ditched their on-premise Exchange email systems and have migrated their email to the cloud. There are many benefits of such a move. Switching to the cloud means it is not necessary to purchase and maintain on-premises hardware and the space devoted to housing that hardware can be freed up and put to better use. There is also no limit on the number of mailboxes that can be set up and mailbox limits do not need to be set as storage space is never an issue.
Businesses store huge amounts of business-critical information in mailboxes, such as contacts, purchase orders, legal documents, and intellectual property. It is important that this information is always available and cannot be accidentally deleted. A study by IDC suggests that 60% of business-critical information is actually stored in the email system, and much of that data is not stored elsewhere. It is therefore no surprise that when ransomware attacks result in encryption of email data, businesses have little option other than pay the ransom demand.
Most of the time, data in the email system is not required, so it makes sense to archive the messages. When information in the archive needs to be recovered, it can be found with a simple search.
If a customer gets in touch, emails related to past email conversations can be recovered, but if emails need to be recovered for legal reasons, businesses need to demonstrate that the email in the archive is exactly the same as the message that was received or sent. They must be able to prove emails have not been altered in any way.
Users of Office 365 can prove the authenticity of an email by placing it on Legal Hold in Office 365. Messages placed on Legal Hold are stored in their original, unedited form. Legal Hold is activated by the Office 365 administrator through the admin panel. Provided Legal Hold remains switched on, edited and deleted messages can be recovered along with the original message through the Compliance Center.
To ensure compliance, Legal Hold should never be switched off. Without Legal Hold, messages can be forever lost from the email system. There are two legal hold options available – Litigation Hold and In-Place Hold. The former will ensure that all messages are retained, even if they are deleted from mailboxes. They will be retained for as long as Litigation Hold remains active.
With In-Place Hold, the admin can set criteria for a search query and only messages that meet that search query will be preserved. With In-Place Hold, if a user deletes an email that is not covered by the search query, it will be purged within 14 days and will not be recoverable, even by the IT team. With this option, businesses will not be able to prove that a message has not been sent. If a message is not in the archive, it could just mean that the message was not picked up by the search query.
Legal Hold is therefore the best option, but while Legal Hold is set up, the mailbox cannot be deleted, even if that individual leaves the company. If a user account is deleted, and that user has a mailbox, since the account is no longer connected to a user account, it will be marked for deletion. It does not matter if the account is still on Legal Hold.
Most third-party email archiving solutions use an archiving method called journaling. Journaling takes a copy of all incoming and outgoing emails on the mail server – or all messages for selected users – in real time. In addition to the message, all associated meta-data and attachments are included in the journal message. This archiving method is utilized by Microsoft Office 365, but there are limitations. For example:
- Searches are limited to under 10,000 mailboxes in any one search
- Search results are limited to 250 results in the Compliance Center. For more results in a single search, a .PST file must be used. Since .PST files can be edited, this method does not guarantee message authenticity as edits could potentially be made.
- Only a maximum of 2 eDiscovery searches can be made at any one time by the same company
- If the email service goes down, emails on Litigation Hold and/or live email cannot be accessed
- If Litigation Hold is turned off, it is not possible to prove that emails are originals
- Without a permanent Litigation Hold, it is not possible to prove that an email has not been sent
- Searches are limited to the Outlook search bar
- Searches can be difficult for non-technical users
- Searches are slow, especially when searching multiple folders or mailboxes.
- If individuals leave the company, emails will only be retained if the mailbox is maintained and that has cost implications.
The latter issue can prove costly for organizations. In order to maintain a mailbox when a user has left the company, the license for that user must be maintained. If that user is replaced, another license will be required for that person’s replacement.
That means that for an organization with 50 employees who stay for an average of 2 years, in four years the company would be paying for 200 licenses a year, even though at any one time only 50 licenses should be required. That adds up to a significant extra and unnecessary cost.
TitanHQ has developed its email archiving solution, ArcTitan, to work seamlessly with Office 365. The solution solves the above compliance and performance issues and augments Microsoft’s Compliance Center with much more powerful search and recovery tools. Messages can be found and retrieved much more quickly and efficiently, and there are considerable savings to be made as customers only pay for the licenses they need, regardless how many individuals leave the company and are replaced.
Key Features of ArcTitan
- Scalable, email archiving that grows with your business
- Email data stored securely in the cloud on Replicated Persistent Storage on AWS S3
- Lightning fast searches – Search 30 million emails a second
- Rapid archiving at up to 200 emails a second
- Automatic backups of the archive
- Email archiving with no impact on network performance
- Ensure an exact, tamperproof copy of all emails is retained
- Easy data retrieval for eDiscovery
- Protection for email from cyberattacks
- Eliminate PSTs and other security risks
- Facilitates policy-based access rights and role-based access
- Only pay for active users
- Slashes the time and cost of eDiscovery other formal searches
- Migration tools to ensure the integrity of data during transfer
- Seamless integration with Outlook
- Supports, single sign-on
- Save and combine searches
- Perform multiple searches simultaneously
- Limits IT department involvement in finding lost email
- Compliant with regulations such as HIPAA, SOX, GDPR, Federal Rules of Civil Procedure, etc.
If you are looking for a more powerful email arching solution to work on top of Office 365 that can be quickly and easily implemented in one step and will save you money and ensure compliance, give the TitanHQ team a call.