Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Compliance

Email Retention Should Be a Business Concern Not an IT Problem

Email retention management is about managing email data according to prescribed corporate policy and legal requirements

Enterprises that treat their large and increasing volumes of email data as a technology issue to be handled by their IT departments rather than managing it as the business asset and risk it truly are putting themselves in a dangerous position, according to experts at C2C, a provider of email, file and messaging management solutions.

Email retention management is about managing email data according to prescribed corporate policy and legal requirements

Enterprises that treat their large and increasing volumes of email data as a technology issue to be handled by their IT departments rather than managing it as the business asset and risk it truly are putting themselves in a dangerous position, according to experts at C2C, a provider of email, file and messaging management solutions.

Advanced retention management is about managing email data according to prescribed corporate policy and legal requirements. Implementing email archiving software as part of an overall IT function designed to simply retain data and enable the recall of this information at a later date can fail to properly account for its impact on business value (including the time and expense required to retrieve needed emails from backup) or the litigation risks of keeping an email too long or not long enough. Retention management is an important aspect to email archiving solutions and is a particularly important business tool. By setting uniform policies that govern email retention and enforcing those policies consistently throughout the organization, companies are better positioned to maximize its business value and minimize potential pitfalls in regards to litigation.

Email Retention

“There needs to be a balance between collecting and keeping business-critical company emails and the cost of managing these large amounts of email data,” said Dave Hunt, CEO of C2C. “The more emails under management, the higher the cost in storage and management – an IT problem. But greater than that is the legal risks posed by not properly archiving email data or in not purging information that is not legally required beyond an acceptable retention period – a business concern. The consequences of not retaining emails properly can be an extremely expensive proposition and prove especially problematic to companies of all sizes.”

Compliance dictates that companies ensure they have readily-accessible exact copies of all the email correspondence taking place using company servers. The consequences of not doing so can be extremely costly. Deleting emails too soon after an employee leaves the company may require a company to locate them on backup tapes, costing unnecessary time and money. Having too much data and not being able to respond to legal inquiries regarding company email in a timely manner is likewise inexcusable and may expose a company to additional liability.

Industry analysts suggest that organizations check with their legal counsel to determine a best practices approach as to what email retention policies they should adopt and how long emails should be retained to minimize the risks associated with old data. Email archiving software can be installed so that all company email is in compliance with governmental demands and retention times can be set accordingly.

The best archiving software allows companies to set different retention periods for emails related to different data, giving them greater control in terms of internal policy. This software should also allow administrators to stipulate whether data is expired, deleted or overwritten when its retention period comes to an end. These processes may differ depending on the nature of the information contained in each individual email.

Email archiving solutions that feature advanced retention management are designed to allow for multiple retention policies making it possible to implement compound requirements as well as the ability to change retention periods at any time for greater control in terms of internal policy.

By enabling administrators to enforce data retention policies and comply with various regulatory requirements regarding the use, access and retention of critical data, organizations can utilize their email archive software to not only centralize, automate and accelerate tasks for improved IT operations, but they can also ensure that their business interests are well protected against the risks associated with the retention of emails throughout the enterprise.

Subscribe to SecurityWeek

Written By

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Audits

Out of the 335 public recommendations on a comprehensive cybersecurity strategy made since 2010, 190 were not implemented by federal agencies as of December...

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...

Application Security

Software maker Adobe on Tuesday released security patches for 29 documented vulnerabilities across multiple enterprise-facing products and warned that hackers could exploit these bugs...

Cybercrime

A database containing over 235 million unique records of Twitter users is now available for free on the web, cybercrime intelligence firm Hudson Rock...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...