How Hidden Email Data Increases Corporate Risk

Microsoft Outlook and Exchange dominate the corporate email industry with more than 80 percent market share, yet create complexity in discovering and recovering valuable data when it is increasingly stored into archive files not supervised by IT.

Apart from live mailboxes and Outlook Archive files, corporate data can exist in email systems public (shared) folders, calendars and notes. The rise of litigation and the need to discover data for compliance with corporate, legal and regulatory procedures makes any hidden data of value, and risk, to an organization.

The increase in corporate risk is compounded by mailbox capacity quotas. More than 60 percent of companies still impose mailbox quotas, resulting in loss of productivity as employees must self-manage their email usage, but more importantly put legally actionable data and documents in jeopardy.

Users resort to various approaches to living within quotas, from moving emails or attachments to shared folders; saving emails to Outlook Archive files, then storing those files on their laptop or desktop, away from IT supervision; deleting large emails that may not necessarily be unimportant ones and/or deleting attachments, losing the context in which they were sent. With the rise of litigation and the need to discover data to stay in compliance with corporate, legal and regulatory procedures, this method of meeting mailbox quotas is not only unacceptable, but puts a company at legal risk.

Early-generation email archiving systems required data to be ingested into an archive so that it could be ‘discovered’ and placed on legal hold. The processes were flawed, complex and time-consuming. The locations of the data had to be known. In the case of Outlook Archives, this meant visiting every laptop/desktop to scan for them and move the files to a central location. Email data on shared folders and emails sent internally among employees was often skipped, since it was frequently assumed that only external email was of sufficient threat to the organization to warrant retention.

"One could excuse IT managers for not foreseeing Enron, Worldcom, and other corporate crises that shaped today’s business environment, but these events rightly place many more demands on finding and securing data for compliance and internal policy requirements," said Dave Hunt, CEO of C2C, provider of email, file and messaging management solutions. "Few predicted the complexities of managing massive amounts of data, but since 1996, C2C has preached against mailbox quotas, and offered solutions for email management."

C2C’s ArchiveOne locates email data regardless of its proximity to the server, and can scan and report on the amount of data as well as the content. Recent enhancements enable authorized business users (not necessarily IT specialists) to find data in any location, and if matching a discovery request, take a copy and place it on secure hold until the request is proven or removed. Discovery, retention and archiving, regardless of the state or location of the data, is achieved through a policy engine that manages data at rest in the email store, in an Outlook Archive (PST) or in a formal email archive.

C2C’s ArchiveOne solutions are tools for email and files, compliance management, policy enforcement and storage management. ArchiveOne for email provides secure access to archived emails through iPhone or BlackBerry devices and through web and web service technologies for offsite workers. PST management allows administrators to discover, search, delete or consolidate PST files across the organization.