Today, when email archiving is no longer a new practice (the Radicati Group’s 2021 report predicts the market revenue will double by 2025) and the vendors are plentiful, it’s not easy to choose the right email archiving solution.
Today in our blog series, we’re exploring email message integrity and a particular archiving method that ensures that the message content has not been compromised.
Email archiving is a process in which an archiving system obtains email messages, attachments and metadata from email servers, and then indexes and stores them in a read-only, accessible and searchable format.
There are two crucial things that need to be highlighted here.
1. Metadata tells a story
We archive messages for content and attachments. But the story doesn’t end there. Every email contains header data ‒ data that is stored in an email about the email. So what does metadata tell us?
Apart from the obvious info such as the sender and the recipient, metadata contains other interesting information about the message:
- exact message route (which allows you to reconstruct the actual message routing across servers),
- the sender’s IP address,
- the sender’s time zone,
- reply threading,
- type of device,
- the operating system they’re using.
This information is vital in ediscovery cases when every email is thoroughly inspected as a piece of evidence and when message fidelity is key.
Email metadata is vital in #ediscovery when every email gets thoroughly inspected as evidence. Click To Tweet2. Your archive needs to be tamper-proof
Under the SEC Rule 17a-4 and many other data retention and compliance laws, electronic records must be preserved in a non-rewritable and non-erasable format.
This means that email archiving solutions must be designed in a way that preserves message content and prevents any alterations or deletions. This is usually done by choosing the right technology (the solution with proper data integrity and protection features) and establishing the right processes and organizational measures.
User roles and permissions are a typical way of doing this. End users are given minimal privileges, while compliance officers, lawyers, C-level executives and administrators have higher levels of access. This allows them to change retention periods, inspect other people’s messages and track user activities on the email archiving system.
When it comes to technology, organizations can ensure full compliance with government-imposed and industry data retention regulations by making sure that their email archiving solutions record data in WORM (write once read many) format and that they contain software capabilities such as:
- encryption,
- configurable user roles,
- activity trail and
- message integrity verification.
Activity or audit trail is critical to data integrity because it provides the organization with the ability to track down and pinpoint the source of the issue.
It’s generated automatically and it records every creation, modification, view and deletion while aligning it with the user who performed the action. Every event needs to be time-stamped, so that the administrators or compliance officers can have complete oversight of the who, what and when of every action.
An extra layer of security
Given that email and other electronically stored information can be used as evidence, it is crucial that organizations can prove that the emails have been archived in their original state and remained intact while in the archive.
To minimize legal risk, improve compliance and help with ediscovery or internal investigations, a good archiving solution will make sure all messages are time and date stamped.
Choose an archiving software which offers integrated (mailbox) archiving together with authenticity features and message verification to easily prove that a specific email has not been manipulated or tampered with.
What is email message integrity?
Data integrity is one of the pillars of data security and it refers to the validity and wholeness of data by preventing accidental or deliberate modification or destruction of data. In email archiving, email integrity check means that organizations need to be able to prove that a particular email record has not been compromised or tampered with in any way.
How does email integrity check work?
The verification process begins with message ingestion ‒ when an email message file is processed, its digest hash is calculated and saved in the index. The message file is then archived in the filesystem.
In order to conduct an email integrity check and test whether the archived email record has been modified or tampered with, the digest hash can be computed once again at any time and then compared with the value that was calculated during processing.
The match in values would mean that the email integrity is intact. If not, it’s likely that the archived file is corrupted or has been altered in some way.
This serves as proof that what compliance officers or lawyers are reviewing is the original message with its original content and metadata.
Jatheon is a global leader in the development and distribution of secure on-premise and cloud data archiving for compliance, ediscovery and organizational efficiency. Jatheon’s email archiving solutions come with an email integrity verification feature which allows administrators to check message integrity at any time. To see how your organization can benefit from archiving electronic communication records with Jatheon, book a 20-minute, no-commitment demo. |