Email Archiving

Email archiving offers several key benefits over email backups. In contrast to a backup, an email archive is a searchable database of old emails that no longer need to be accessed regularly, but cannot be deleted due to email retention laws.

Email archives can be quickly searched and allow single or groups of emails to be quickly retrieved. If a freedom of information request or a legal discovery request is received, finding all relevant emails in a backup could take days or weeks. With email archiving, they can be quickly recalled.

The same applies when access requests or erasure requests are received under the EU´s General Data Protection Regulation (GDPR). As well as helping manage requests efficiently, an email archiving solution helps businesses comply with GDPR encryption, data storage and access control regulations.

While it is possible to store an email archive locally or on a mail server, many companies are taking advantage of the cloud and are storing their archives with a solution provider. Cloud-based services do not require any server space for storage, reducing hardware and maintenance costs.

This category contains the latest news and advice on email archiving, including new legislation and industry-specific news on email retention and information on cloud-based archiving services.

Is an Email Archive the Same as a Backup?

One of the most common misconceptions about email archiving is that an email archive is the same as a backup, but there are some important differences. In this post we explain those differences and why your business needs to be archiving emails as well as creating email backups.

In the event of disaster, you need to be able to recover your data and the same is true of emails. A huge quantity of important information is saved in email accounts and businesses cannot afford to lose all that data. In the event of disaster, a ransomware attack for instance, without some form of backup, all of your email data will be permanently lost. In the case of a ransomware attack, you can pay the ransom and the attackers may supply viable keys to decrypt your data but there is no guarantee that they will make good on their promise. You must have a backup plan, and that is an email backup.

Email accounts can be restored to a particular moment in time from a backup file, and emails can be recovered with little to no data loss. From a business perspective, your backups may not need to be retained for very long. Their primary purpose is to allow data recovery in the event of disaster, and they will be replaced with a new backup.

Backups are designed to restore entire mailboxes. Problems arise if you need to recover a single email that has been accidentally deleted, if you need to respond to a request to have a person’s data deleted in its entirety to comply with GDPR, or if you get an eDiscovery request or have to produce emails to settle disputes. You may also need to review emails to determine if there has been a data breach or to investigate potential malicious insiders. In all of these cases, backups fall short as they are not designed to be searched.

Email archives are different. An email archive can be viewed as an extension of an inbox, where searches for individual emails can be performed and messages can be quickly recovered when needed. Every sent and received email is sent to the archive and is stored along with metadata, which allows searches to be performed. In fact, searching an email archive is almost as easy as searching for a message in an inbox.

If you wanted to restore emails from a particular moment in time, say last year, restoring data from your backup could easily result in loss of current email data. With the restoration of data from an email archive that would not occur. Many businesses only discover the difference between an email archive and a backup when they need to deal with one of the above situations. By then it is too late.

You should also bear in mind that businesses have a legal responsibility to preserve their emails, even in industries that are not highly regulated. The Federal Rules of Civil Procedure in the United States were updated in 2006 to include electronic communications, which require email data to be produced in the event of legal action. Further, an audit trail must be maintained, email data must be protected against accidental loss or deliberate tampering, and data must be immediately available. An archive allows this, a backup does not. The failure to produce information can result in a heavy fine and could well be the difference between winning and losing a case.

ArcTitan: Cost Effective Cloud Email Archiving for SMBs and MSPs

TitanHQ offers a lightning fast, email archiving solution that ensures that you will never lose an email again. ArcTitan is a set and forget email archiving solution that serves as a black box flight recorder for email. All emails sent and received by your business will be automatically sent to the archive for long term email storage, freeing up space on your mail server and improving performance. Set your email archiving policy, email retention periods, and your emails will be encrypted in transit to the archive and at rest and stored on Replicated Persistent Storage on AWS S3. Your archive will be automatically backed up to ensure that come what may you can recover your emails.

When you need to find an email, receive an eDiscovery request, are selected for a compliance audit, or otherwise need to find historic email, searching the archive is simple and fast. You can search up to 30 million emails a second and recovery of emails takes seconds to minutes. ArcTitan facilitates policy-based access rights and role-based access, so you can allow employees to access their own archives, so your IT department will not have to be involved every time an employee misplaces an email.

Key Features of ArcTitan

  • Scalable, email archiving that grows with your business
  • Email data stored securely in the cloud on Replicated Persistent Storage on AWS S3
  • Lightning fast searches – Search 30 million emails a second
  • Rapid archiving at up to 200 emails a second
  • Automatic backups of the archive
  • Email archiving with no impact on network performance
  • Ensure an exact, tamperproof copy of all emails is retained
  • Easy data retrieval for eDiscovery
  • Protection for email from cyberattacks
  • Eliminate PSTs and other security risks
  • Facilitates policy-based access rights and role-based access
  • Only pay for active users
  • Slashes the time and cost of eDiscovery other formal searches
  • Migration tools to ensure the integrity of data during transfer
  • Seamless integration with Outlook
  • Supports single sign-on
  • Save and combine searches
  • Perform multiple searches simultaneously
  • Limits IT department involvement in finding lost email – users can access their own archived email
  • Compliant with regulations such as HIPAA, SOX, GDPR, Federal Rules of Civil Procedure, etc.

MSPs looking to offer email archiving to their clients can integrate ArcTitan easily into their own packages with ease or offer the solution as a standalone service. The solution can be provided as a white label to MSPs and resellers to add their own branding.

To find out how easy and cost-effective it is to implement an email archiving solution, call TitanHQ today.

TitanHQ Forms Strategic Cloud Distribution Partnership with GRIDHEART

TitanHQ has formed a strategic partnership with the GRIDHEART, which will see TitanHQ’s leading cloud-based email security, web security, and email archiving solutions made available to users of the Cloudmore Cloud Commerce platform.

GRIDHEART is a privately-owned Swedish company that delivers the world’s leading cloud-based solutions through its Cloud Commerce platform, Cloudmore.

For the past 10 years, GRIDHEART has been offering leading cloud solutions to its customers and resellers and now deals with more than 1,000 cloud partners. The Cloudmore platform makes selling cloud services easy and brings a wide range of cloud services together in a single unified platform.

The platform gives users complete centralized control over their cloud solutions and allows them to easily provision new customers, bill for services, automate processes, and obtain pre-and post-sales support. The platform provides a host of management tools to make control of SaaS and cloud computing simple.

The partnership with TitanHQ will see the Galway, Ireland-based cybersecurity firm add its leading cybersecurity solutions to the platform, through which users can manage the solutions for free.

GRIDHEART’s customers will be able to offer their clients the SpamTitan Cloud email security solution, the WebTitan web filtering solution, and the ArcTitan email security solution and provide multi-layered security to protect against email, web, and modern blended threats.

“By offering additional layers of cloud-based security through Cloudmore’ s unique Cloud Commerce platform, MSPs can procure and deploy IT services for their customers and quickly maximize their IT investment, enhance their security stack and lower operational costs for their customers,” said Rocco Donnino, Executive VP of Strategic Alliances at TitanHQ. “This agreement highlights the importance of delivering comprehensive security solutions to the MSP community through a single and powerful platform”

“TitanHQ fits the bill as a perfect partner with their razor focus on advanced threat protection via email and the web. We’ve very happy to have them on board,” said Stefan Jacobson, Sales Director of GRIDHEART.
 

New TitanHQ Partnership Sees Firm Join HTG Peer Groups as Gold Vendor

New TitanHQ Partnership Sees Firm Join HTG Peer Groups as Gold Vendor

Today has seen the announcement of a new partnership between TitanHQ – the leading provider of email and web filtering solutions for MSPs – and the international consulting, coaching, and peer group organization HTG. The announcement was made at the Q1 HTG Peer Groups meeting at the Pointe Hilton Squaw Peak Resort, Phoenix, Arizona.

The partnership sees TitanHQ’s web filtering solution – WebTitan; its cloud-based anti-spam service – SpamTitan; and its email archiving solution – ArcTitan made immediately available to the HTG community.

TitanHQ has developed innovative cybersecurity solutions specifically for managed service providers to help them provide even greater protection to their clients from the ever-increasing volume of email and Internet-based threats. The multiple award-winning solutions have now been adopted by more than 7,500 businesses and 1,500 MSPs, helping to protect them from malware, ransomware, viruses, phishing, botnets, and other cyber threats.

HTG is a leading peer group association that was recently acquired by the global technology giant ConnectWise. HTG helps businesses plan and execute strategies to drive forward growth and increase profits. Its consultants and facilitators share wisdom, provide accountability, and build meaningful relationships with businesses to help them succeed in today’s highly competitive marketplace.

The new partnership will see TitanHQ join HTG Peer Groups as a Gold vendor, making the firm’s MSP-friendly cybersecurity solutions immediately available to the HTG community.

“We’re delighted to welcome TitanHQ on board for 2018. As soon as the initial discussion started we knew they would make a great match for our community, as web security is a key area for our members in 2018,” said HTG Peer Groups founder, Arlin Sorensen.

HTG Peer Groups Founder Arlin Sorensen (Left); TitanHQ CEO Conor Madden (Right)

“WebTitan web filter was built by MSP’s for MSP’s and this exciting relationship with HTG Peer Groups is a continuation of that process. It allows us to listen to the opportunities and difficulties faced by MSP senior executives while also allowing us to share how we became a successful web security vendor. Our goal is to successfully engage with HTG members to build strong and long-lasting relationships,” said TitanHQ CEO, Conor Madden.

Web security is a hot topic within the managed service provider community. MSPs are being called upon to improve web security for their clients and protect against a barrage of phishing, malware, and ransomware attacks. They are also called upon to mitigate malware and ransomware attacks when they are experienced by their clients, which can be time-consuming and costly. By implementing WebTitan, TitanHQ’s award-winning web filtering solution, MSPs can substantially reduce support and engineering costs.

WebTitan serves as a barrier between end users and the Internet, blocking attempts by users to visit malicious websites where malware and ransomware is silently downloaded. WebTitan is also a powerful content filtering solution that can be used to enforce organizations’ acceptable Internet usage policies.

The web filtering solution and TitanHQ’s anti-spam solution SpamTitan have been developed specifically with MSPs in mind. The solutions can be applied and configured in under 30 minutes without the need for additional hardware purchases, software downloads, or site visits.  The solutions have a low management overhead which means MSPs can protect their clients from email and web-based threats, reduce the hands-on time they need to spend on their clients and provide greater value while improving their bottom lines.
 

TIGTA Tells IRS to Implement an Enterprise Email Archiving Solution

An enterprise email archiving solution allows emails to be retrieved on demand and ensures messages remain usable. Emails must be produced in the event of an audit and during the legal discovery process. Federal laws require organizations to produce emails, such as when a request is made under the Freedom of Information Act. An email archive is searchable and allows emails to be quickly and easily located and accessed when needed.

Since recovering emails from backups is a long and complicated process, many companies now use an enterprise email archiving solution such as ArcTitan. ArcTitan makes archiving emails a quick and easy process, freeing up valuable storage space on mail servers. Recovering emails is also rapid and straightforward as the archive is searchable. Even large numbers of emails from multiple email accounts can be recovered in minutes. Multiple searches of the archive can be conducted at the same time, in contrast to Office 365 which restricts searches to two at a time, and the archive can be searched at a rate of up to 30 million emails a second. Recovering multiple emails from backups can take several days.

Even though federal laws require emails to be produced on demand, many companies have yet to switch to an email archive and the IRS is not setting a good example. The IRS has recently been discovered to have failed to comply with federal regulations on email storage.

The Treasury Inspector General for Tax Administration (TIGTA) recently conducted an audit of the Inland Revenue Service and discovered that IRS policies on email storage do not allow it to consistently ensure records are retained, and that in several cases, the IRS has been unable to produce emails on request.

The audit was requested by the Chairman of the Senate Committee on Finance and the Chairman of the House Committee on Ways and Means after the IRS reported that it was unable to produce some documents after receiving Freedom of Information requests. After searching for the documents, the IRS discovered documents had been accidentally deleted.

The auditors determined that emails are not automatically archived for all employees and some employees had been instructed to manually store emails on their hard drives or network drives. As a result, some emails and documents were permanently lost when hard drives were damaged or destroyed.

The audit also showed that even though a new executive e-mail retention policy had been introduced that should have resulted in emails being automatically archived, that failed to happen as some executives did not turn on the automatic archiving feature.

Polices on email archiving were also not applied consistently. The IRS was discovered to have failed to follow its own policies on email archiving in more than half of the 30 Freedom of Information requests assessed by auditors. Had an enterprise email archiving solution been used, all documents and emails would have been recoverable and could have been quickly been located.

TIGTA made five recommendations, including the implementation of an enterprise email archiving solution – which is something that all organizations in the United States should consider. In the event of an audit, Freedom of Information request or lawsuit, all relevant emails can be quickly produced and regulatory fines can be avoided.

An Enterprise Archiving Solution will Help IRS´ Compliance with GDPR

The implementation of an enterprise email archiving solution will also help IRS´ compliance with the EU´s General Data Protection Regulation (GDPR) due to be introduced in May 2018. Under the Regulation, the IRS (and any other US organization maintaining the personal data of EU citizens) have a duty to protect EU citizens´ personal data from loss, theft or unauthorized disclosure.

EU citizens also have the right to request access to personal data held by the IRS and a “right to be forgotten” if the IRS no longer has any lawful basis for retaining the data. TIGTA´s audit of email practices within the IRS could not have been more timely, as – should the IRS be unable to produce an email on request or fail to respond to a data access request within thirty days – the Service could be liable for a fine of up to 4% of global turnover. The IRS collected $3.3 trillion in taxes in 2015.

ArcTitan: Email Archiving Made Simple

ArcTitan is a powerful and fast email archiving solution from TitanHQ that serves as a black box flight recorder for email. All emails sent to the archive for long term storage are de-duplicated and compressed to save on space and to ensure searches can be performed rapidly. Emails are sent to the archive at a rate of 200 a second and searches can be performed at a rate of up to 30 million messages a second. ArcTitan facilitates policy-based access rights and role-based access, with the archive accessible through a web-based interface or via your normal mail client.

ArcTitan is scalable to tens of thousands of users, there is no limit on storage space, and no patching burden as the solution is automatically updated. Backups of the archive are automatic too. ArcTitan allows you to archive emails with no impact on network performance and is truly a set and forget solution that will ensure compliance with regulations such as HIPAA, SOX, GDPR, the Federal Rules of Civil Procedure, etc. and will allow you to find and retrieve emails for audits, customer complaints, and eDiscovery requests with ease. There are no proprietary data formats, you can import email from all mail services and servers, and export data in a variety of formats.

If you are looking for an email archiving solution, are not happy with the functionality or cost of your current solution, or have any questions about email archiving or ArcTitan, give the TitanHQ team a call today.

Email Retention Laws in the United States

Email retention laws in the United States require businesses to keep copies of emails for many years. There are federal laws that apply to all businesses and organizations, data retention laws for specific industries, and a swathe of email retention laws in the United States at the individual state level. Ensuring compliance with all the appropriate email retention laws in the United States is essential. Non-compliance can prove incredibly costly. Multi-million-dollar fines await any organization found to have breached federal, industry, or state regulations.

All electronic documents must be retained by U.S organizations, which extends to email, in case the information is required by the courts. eDiscovery requests often require large volumes of data to be provided for use in lawsuits and the failure to provide the data can land an organization in serious trouble. Not only are heavy fines issued, organizations can face criminal proceedings if certain data are deleted.

For decades, U.S organizations have been required to store documents. Document retention laws are included in numerous legislative acts such as the Civil Rights Act of 1964, the Executive Order 11246 of 1965, the Freedom of Information Act of 1967, the Occupational Safety and Health Act of 1970, and the Reform and Control Act of 1986 to name but a few; however, just over a decade ago, data retention laws in the United States were updated to expand the definition of documents to include electronic communications such as emails and email attachments.

To improve awareness of the many different email retention laws in the United States, a summary of the minimum email retention periods have been included below as a guide. Please bear in mind that this is for information purposes only and does not constitute legal advice. Industry and federal electronic data and email retention laws in the United States are also subject to change. Up to date information should be obtained from your legal team.

What are the Different Email Retention Laws in the United States?

As you can see from the list below, there are several federal and industry-specific email retention laws in the United States. These laws apply to emails received and sent, and include internal as well as external emails and email attachments.

Email retention law Who it applies to How long emails must be stored
IRS Regulations All companies 7 Years
Freedom of Information Act (FOIA) Federal, state, and local agencies 3 Years
Sarbanes Oxley Act (SOX) All public companies 7 Years
Department of Defense (DOD) Regulations DOD contractors 3 Years
Federal Communications Commission (FCC) Regulations Telecommunications companies 2 Years
Federal Deposit Insurance Corporation (FDIC) Regulations Banks 5 Years
Food and Drug Administration (FDA) Regulations Pharmaceutical firms, food manufacturers, food storage and distribution firms, manufacturers of biological products Minimum of 5 years rising to 35 years
Gramm-Leach-Bliley Act Banks and Financial Institutions 7 Years
Health Insurance Portability and Accountability Act (HIPAA) Healthcare organizations (Healthcare providers, health insurers, healthcare clearinghouses and business associates of covered entities) 6 Years
Payment Card Industry Data Security Standard (PCI DSS) Credit card companies and credit card processing organizations 1 Year
Securities and Exchange Commission (SEC) Regulations Investment banks, investment advisors, brokers, dealers, insurance agents & securities firms Minimum of 7 years up to a lifetime

Email retention laws in the United States that are applied by each of the 50 states are beyond the scope of this article.  There area also European laws, such as the GDPR email requirements.

What is the Best Way to Store Old Emails?

Storing emails for a few years is not likely to require masses of storage for a small business with a couple of members of staff. However, the more employees an organization has, the greater the need for extensive resources just to store emails. The average size of a business email may only be 10KB, but multiply that by 123 – the average number of emails sent and received each day by an average business user in 2016 (Radicati email statistics report 2015-2019), and by 365 days in each year, and by the number of years that those emails need to be stored, and the storage requirements become considerable.

If any emails ever need to be accessed, it is essential that any email archive or backup can be searched. In the case of standard backups, that is likely to be an incredibly time consuming process. Backups are not designed to be searched. Finding the right backup alone can be almost impossible, let along finding all emails sent to, or received from, a specific company or individual. Backups have their uses, but they are not suitable for businesses for email retention purposes.

For that, an email archive is required. Email archives contain structured email data that can easily be searched. If ever an eDiscovery order is received, finding all email correspondence is a quick and easy task. Since many email archives are cloud based, messages are deduplicated, and files are compressed, they also do not require huge storage resources. Emails are stored in the cloud, with the space provided by the service provider.

ArcTitan: TitanHQ’s Cost Effective and Convenient Email Archiving Solution

ArcTitan is a cost-effective, fast and easy-to-manage email archiving solution provided by TitanHQ that meets the needs of all businesses and enables them to comply with all email retention laws in the United States.

ArcTitan incorporates a range of security protections to ensure stored data is kept 100% secure and confidential, with email data encrypted in transit and at rest in Replicated Persistent Storage, with the archive automatically backed up for you.

In contrast to many email archiving solutions, ArcTitan is fast. The solution can process 200 emails per second from your email server and archived emails can be retrieved instantly via a browser or Outlook (using a plugin) or other mail clients. Emails can be archived from any location, whether in the office or on the go via a laptop or tablet. Multiple searches of the archive can be performed simultaneously with up to 30 million emails searched per second. There are no limits on storage space or the number of users and the solution can be scaled up to meet the needs of businesses of all sizes.

Main Features of ArcTitan

  • Scalable, email archiving that grows with your business
  • Email data stored securely in the cloud on Replicated Persistent Storage on AWS S3
  • Lightning fast searches – Search 30 million emails a second
  • Rapid archiving at up to 200 emails a second
  • Automatic backups of the archive
  • Email archiving with no impact on network performance
  • Ensure an exact, tamper-proof copy of all emails is retained
  • Easy data retrieval for eDiscovery
  • Protection for email from cyberattacks
  • Eliminate PSTs and other security risks
  • Facilitates policy-based access rights and role-based access
  • Only pay for active users
  • Slashes the time and cost of eDiscovery other formal searches
  • Migration tools to ensure the integrity of data during transfer
  • Seamless integration with Outlook
  • Supports single sign-on
  • Save and combine searches
  • Perform multiple searches simultaneously
  • Limits IT department involvement in finding lost email – users can access their own archived email
  • Compliant with regulations such as HIPAA, SOX, GDPR, Federal Rules of Civil Procedure, etc.

To find out more about ArcTitan and how it can benefit your business, contact the TitanHQ team today and kiss goodbye to all your email storage headaches.

 

Email Retention Laws in the United States FAQ

Is it difficult to change email archiving providers?

With ArcTitan you can important data in a wide range of formats, including from your legacy email archiving environment. Some email archiving providers use proprietary data formats which can make changing provider difficult. ArcTitan uses no proprietary formats. You can export data in all common formats should you ever wish to move your archive.

How does the GDPR affect email archiving?

The GDPR permits email data to be retained if the data is processed for archiving purposes. E.U. citizens can submit requests to access their data or have their data deleted, which is why an email archive is important for compliance. It allows personal data to be quickly found if requests are received.

Do I need to continue paying for inactive mailboxes?

Some email archiving providers require you to continue paying for mailboxes and storage even if an employee leaves the company. With ArcTitan, you only pay for active users, even if you still need to store archived email data associated with inactive mailboxes.

Can I search inside archived email attachments?

With ArcTitan you can search emails across the entire organization, within departments/user groups, or individual mailboxes. You can also search inside all common email attachment types, including Microsoft Word, Excel and PowerPoint files, OpenOffice documents, as well as PDFs, RTFs, ZIP files, and many more.

How can I migrate my email archive to ArcTitan?

Migration of an existing archive to ArcTitan is a straightforward process and assistance will be provided. You can use a cutover migration – a straight transfer from an existing provider, perform a staged migration if you have a very large archive to minimize disruption, or a hybrid migration of you want to have a physical and virtual server.