Email in the dock - would yours survive legal scrutiny?

Increasingly onerous compliance obligations and growing data volumes are driving companies to invest in email archiving systems. What approach is right for your business?

More than 75% of UK businesses cannot rely on email as legal evidence. That's the finding of a recent survey commissioned by Forensic & Compliance Systems.

According to the survey – which was carried out by Vanson Bourne among IT decision makers across all UK business sectors - nearly half (44%) could not prove whether or not their email had been tampered with and more than a third (35%) did not know whether any changes had occurred to their email archives.

The best prepared of the respondents (45%) were those working for financial services organisations - a reflection of the weight of regulation to affect the sector in recent years. At the other end of the scale, 58% of companies in the retail, distribution and transport verticals said that they could not prove whether an email had been tampered with. In the utility and similar industries, nearly half (43%) of respondents said they did not know whether they could rely on the integrity of emails.

We were spending too much time on manual back-up and information retrieval.
Richard Hall
Group IT managerCoda Plc
The integrity of email archives is increasingly important to business. Under a number of regulatory regimes – such as the Freedom of Information Act, the Data Protection Act and those affecting the financial services sector such as MiFID and Sarbanes Oxley – businesses are obliged to keep verifiably un-tampered-with email records.

The requirement to present intact email records can also arise in other scenarios. Last year supermarkets Asda and Tesco were forced to present 12 million emails to the Competition Commission as part of an investigation into anti-competitive practices. Email archiving is also necessary in cases where email is used as legal evidence, for example in cases of unlawful dismissal or harassment.

Businesses are increasingly looking to dedicated email archiving products, which come as software, hardware, services and combinations of all three. Relying on native email systems to store messages and attachments tempts serious performance problems, while simply storing old emails on conventional storage media can lead to legal pitfalls or a lot of unnecessary work.

The most basic task of archiving technologies is to automate the storing of emails from the email server within a given period, which keeps the production email system in trim and allows messages to be retrievable. Beyond that basic functionality archiving systems include features such as single instancing of attachments, search functions, tamper-proofing, audit trails and reporting.

Email archiving products reduce cost and reduce risk, says, Dennis Szubert, principal analyst with Quocirca.

"Specialised archiving solutions reduce IT operating costs through the use of a common repository with single instancing and provide a foundation for knowledge management by preserving information assets and intellectual property," says Szubert. "They make it far easier to find a needed document among millions of messages and aid performance by moving overflowing e-mail stores off the main server."

What to buy?

Archiving solutions fall broadly into three types - software, hardware, services and combinations of all three.

Firstly there is the software-plus-storage approach, in which organisations buy archiving software and the necessary hardware. In this approach archiving software schedules the copying of email to a repository and enables search and retrieval.

Financial accounting software provider Coda took this approach, using HP's Integrated Archive Platform, which ties together software and hardware in a grid-like configuration of so-call Smartcells. It made the move when annual email traffic of around 8 to 9 million became too onerous to deal with in Outlook natively.

Group IT manager Richard Hall, says, "We were spending too much time on manual back-up and information retrieval. It was time and cost intensive to archive and search for emails and we were aware we could be leaving the business open to risk because we could not prove in court that emails had not been tampered with."

The HP RISS product stores Coda's emails securely with date and time stamping of objects to prevent tampering with or change to retained messages. As emails arrive they are simultaneously stored in Coda's RISS architecture and attachments are archived out of Outlook after seven days. After 30 days everything is auto-archived and single instanced.

"We used to have situations where people were spending hours every day searching for things. We had a case recently where we had to retrieve an email from four years ago and were able to find it in seconds rather than go through old tapes," says Hall.

A more self contained approach is the email archiving appliance, such as supplied by FCS. You get all the hardware and software in one box that you need to begin archiving. FCS claims 'forensic' standards of email retention that provide an unbroken record of email and instant messaging communications at arm's length from existing operational systems.

London law firm Finers Stephens Innocent chose the FCS appliance over a KVS software-based offering three years ago. Its compliance features clinched it for them, says IT manager, Nick Boarland.

"The thought process was twofold. As IT manager I had issues with the amount of email and at the same time the lawyers had to store email for use in court. We looked at FCS and at KVS. The latter did archiving better but the FCS appliance guaranteed archiving plus compliance that was tamper-proof and without any management overheads," he says.

Finally there is the outsourced approach in which a third-party software interface to the messaging system captures and transmits messages to a service provider's datacentre for storage. This method is often a hybrid, such as with Messagelabs' service in which software and hardware is installed at the client's site and combined with secure storage managed by a third-party provider with full encryption, the keys to which are held by the customer.

Which approach you take really depends on your business. Do you need legal standards of evidence or are you addressing performance issues, says Quocirca's Dennis Szubert.

"Do you want to make your mailboxes smaller and solve IT problems, do you want to archive to support compliance and searching, or do you want to do both?" says Szubert. "Archiving software varies considerably in the features they offer to support each function. Some programs are designed to aid compliance. Others are more about managing storage."

Read more on Data protection regulations and compliance