You’ve got questions? We’ve got answers.
-
Email Archival is the process of withholding all legitimate emails sent to, from and within your organization for a variety of purposes, but most often as a requirement for regulations stemming from laws passed at the federal level. These emails are used as the primary content for Discovery (the legal term for data recovery, extraction and presentation) when an organization inevitably receives an inquiry or lawsuit, both from internal employees or external organizations.
When not being used for regulatory purposes, archives are also often used for internal investigation, email content monitoring, tracing back on contracts that may be unfulfilled and even to protect an organization from a lawsuit filed by their own employees.
The key difference between a backup and an archive is the requirement from many of these regulations regarding non-spoliation of the data, i.e. an inability to modify or otherwise delete the data prior to its regular purge schedule, as defined by the law. Backups are designed for eventual overwrite and often contain data that has changed over time, most often by deletion from the user's mailbox. Such occurrences never occur on an archive, making it a true compendium of the organization's email history and thus suitable for e-Discovery purposes.
Remember that an archive is different than a backup: archivers store all data continuously, immutably and for as long as your document retention schedule requires; backups come and go frequently and only contain what users had in their mailbox at that point in time, which is usually not everything.
-
DataCove relies upon a built-in feature of many mail servers, known as Journaling, which captures a copy of every message that touches them (spam excluded, as this capture occurs after filtering is applied), including both internal, inbound and outbound emails, and sends that copy into a Journaling Mailbox. DataCove constantly trawls this mailbox for new emails via the POP3, IMAP4 or in some cases, SMTP (and their secure variants) protocols, fetches them to the archive and then deletes that now extraneous copy on the mail server.
For some mail systems, like Office 365 and GSuite, DataCove receives all of the journaled traffic directly via SMTP without a mailbox involved.
Once pulled into DataCove, the system will deduplicate their attachments, shred the email into tiny pieces for selective data recall and index them for searching. Eventually, when these emails pass the threshold for how long they should be retained based on your organization's retention policy, they will be purged from the system and the backup volume associated with it, freeing up space and removing any liability from holding data over the stated policy limits.
-
Any mail server that supports Journaling, which is practically all of them sans GroupWise, FirstClass and a couple others.
Common mail servers like Microsoft Exchange, Kerio, iMail, Office 365 and Google G-Suite are fully supported.
-
Several mail server types have archive features, but there are two deficiencies with the vast majority of them: volatility of data and limited search functionality.
Data volatility, in this context, means the ability to change that data or otherwise delete it without any audit trail indicating as such. For systems that allow for deletion of archived data, including platforms like Office 365 where the archive is simply placing a mailbox on litigation hold regardless of whether there is litigation or not occurring, this can lead to administrative overhead both at time of mailbox creation and deletion. As this is reliant on humans to conduct, there is inevitable human error and mailboxes will get missed, easily knocking an organization out of compliance and risking unnecessary legal exposure.
In terms of Search, like within Microsoft Purview and Google Vault, search is fairly limited to just some keywords and mailboxes to sort through; they simply don’t have the decades of experience and design that went into third party dedicated archivers like DataCove.
This translates into far more results appearing under a search than necessary and with consequently more time spent reviewing and redacting by your organization’s legal counsel, and the billable hours therein.
Deeper reading on this can be found in our review, put together with many different clients that have come to us after having used the built-in archiving options of these vendors. -
-
DataCove comes in a range of sizes, designed to support user bases of below 200 and all the way up to 25,000 users on a single machine.
Additional DataCove’s can be federated together for very large environments and can support tens of thousands of users. -
DataCove comes in three flavors:
Physical appliances that are installed on your local network. These come with their own storage space and processing power. You don’t need anything more than rack space, power and a network uplink.
Virtual machine appliances that run locally on your virtualization infrastructure and resources. For VMWare 5.5+ and Hyper-V 2012 R2+ environments.
Completely Cloud Hosted service for entirely offsite deployments and not having to worry about anything. Great for those looking to offload on-premises systems and particularly for those in disaster-prone areas.
-
DataCove supports both Tags (for marking down emails of interest without necessarily placing them on hold) as well as full on Legal Holds, which lock down an email in perpetuity until that Hold is removed.
These are in addition to the Retention Policy’s lockdown abilities that can effectively place an entire email address, and everything sent to and from it, on Legal Hold.
-
DataCove supports exports of files (and their attachments and headers; all useful for metadata purposes) in .EML, .PST and .PDF formats.
-
DataCove pricing is pretty straightforward: you pay for how much capacity you use to meet your retention needs.
DataCove’s licensing is effectively priced per-terabyte of storage, allowing you to have as many users and however-long a retention policy you require, all while paying a flat price and not having to worry about seat count (and their varying fluctuations over time).
-
Yes. Physical appliances, virtual machines and hosted virtual machines are available for 30-day evaluation periods with full services available, including technical support.
-
DataCove systems can meet most of the data security requirements of HIPAA/HITECH natively, with one notable exception (but with some mitigating circumstances):
Data-at-Rest for data stored on the system:
Emails stored on the system are not encrypted in the traditional sense; they are instead broken apart into multiple disparate pieces that each contain unencrypted email data, but not in a contiguous format (i.e. a message body would be in one directory with some random filename, while the headers would be in another directory with another random filename, attachments elsewhere still, etc).
While this meets many security requirements in terms of making the data painfully illegible if a disk were stolen, it does not meet the strict requirement of data at rest being encrypted. The data-at-rest consideration can be mitigated through other safeguards, such as physical security to the server room where the DataCove is located, preventing access at a higher level.
Data-in-Transit: Email communication for fetching/receipt of data is encrypted via TLS.
Secondary forms of Data-at-Rest: DataCove backups are encrypted with 256-bit AES encryption.
-
Yes, Tangent can sign Business Associate Agreements (BAA); we’d need to review them first to ensure compliance with any specific needs of the requesting organization has outside of the Health and Human Services’ boilerplate requirements, but it is likely we’ll be able to meet the needs.
Looking for answers to something a bit more advanced? Try our Knowledge Base.
If it’s still not there, contact us and we’ll find the answers for your specific needs.