Corporate email has become an important source of evidence in many of today's high-profile court cases. As email...
takes on an increasingly critical role in corporate litigation, IT shops need to be prepared with an archiving plan should they be called upon by a judge to produce a single email or a series of electronic messages.
Email archiving is still a relatively new idea that has been slow to take off, despite the recent attention it has received during the Enron trial and other highly publicized legal proceedings where corporate email has been central to the case. IT managers assigned the responsibility of developing an email-archiving strategy will be happy to know that there are options available to accommodate companies with varying budgets and wide-ranging security requirements.
There are two basic approaches that enterprises can use to store and manage their archived email. One approach creates the function in house while the other relies on an off-site service.
For those companies that are most concerned about security, creating an in-house email-archiving system is the way to go. Companies can buy all of the servers and software and manage their data completely within their own facilities.
But those that want to keep control will have to pay for it. In-house setups are typically expensive – probably too expensive for all but the biggest corporations to consider.
An outside hosting service is another option companies can use to archive old email off site. This may be the most cost-effective approach for smaller companies that can't afford to build that function within their IT departments or just choose not to do it.
In the hosted model, the enterprise customer needs only to have a VPN connection to an off-site service provider, such as those offered by Iron Mountain Inc., based in Boston. Here, any incoming email to the customer site is funneled through a VPN to the service provider for storage and indexing. The customer buys no equipment and no software.
One of the perceived downsides of a fully hosted model, however, is the concern by some corporations that they are placing their private communications in the hands of another company. "It's not an idea that a lot of companies are wild about," said Bill Tolson, principal consultant and practice manager at Contoural Inc., a data and storage consulting firm in Mountain View, Calif.
A relatively new twist in email archiving is a compromise between the two approaches. In this hybrid model, mailboxes are managed by internal IT staff, and the actual archiving portion is completed in another location – typically off site.
The hybrid model, which has been available for more than a year, allows customers to manage the archiving servers without buying the storage. Email can be managed and encrypted by the customer's IT shop. The encrypted email is sent to the off-site location, which is managed by a service provider. The advantage of this hybrid model is that because the archiving equipment is local, mailbox indexing, retrieval and similar functions are faster, Tolson said.
"If [the off-site provider] has the data but it's unreadable without my key, then I am more comfortable knowing that I'm just storing a blob of data," said Lee Benjamin, principal at ExchangeGuy Consulting in Waltham, Mass. "The crown jewels aren't worth anything unless you unlock them."
Several companies are now making available offerings with encryption . Fortiva Inc., based in Norwalk, Conn., released a hybrid product in February 2005 that encrypts email in an appliance at the customer's site behind a firewall. Zantaz Inc. in Pleasonton, Calif., uses its EAS software on top of customer-supplied hardware.
IT managers at Colonial Properties Trust, a real estate investment company in Birmingham, Ala., wanted to have quick access to their messages but didn't want to have to manage additional storage facilities. The company decided to use a hybrid model to store email for its 1,400 end users, said Jack Kempf, the company's director of technology services.
Archiving email is also a function that must be managed for legal reasons. In one scenario, an image is created of each email as it is received. One copy goes to the recipient and one copy is encrypted and sent to a Fortiva server off site. Messages are kept on local servers for 90 days. After that, the mail can still be retrieved, but it's accessed from the remote server. This arrangement gives his company "better discovery and a back-up solution," Kempf said.
Companies that want to keep their email-archiving function in house have higher up-front costs because they are paying for all of the equipment, software, support and storage. Hosting email completely off site using services is a good fit for small companies.
There are some advantages in the hybrid model that offer the benefits of local mailbox management and allow end users to search their own archives quickly. The only savings is in the storage costs, but moving storage off site does build in the potential for disaster recovery into the model.
Another reason companies might consider a hybrid is that it's quicker to set up than if the IT shop had to build everything from scratch. It might take an IT shop two to three months to develop an internal archiving installation and it might still require weeks of lab testing, Tolson said. On the other hand, a hybrid might take from four to six weeks to install and test. Fully hosted archiving can sometimes be set up inside of a week, he added.
This article originally appeared on SearchWinIT.com.