How should we maintain our files and emails to help facilitate corporate auditing?

Security & Compliance

Security & Compliance


If you are in a regulated industry, you will likely need to meet regulatory requirements around safeguarding emails and files for government audits. For instance, the Health Insurance Portability and Accountability Act (HIPAA) require healthcare organizations to safeguard emails and files containing patient data to prevent alteration and unauthorized access. Financial firms must store and index emails with time stamps for easy search and retrieval. Files must be secured and protected from unauthorized access. And in many cases, these emails and files must be preserved for anywhere from 2 to 7 years.

And even if you aren’t in a regulated industry, you should still be concerned with properly securing and storing your data. 82% of US businesses will be involved in some type of litigation. If you are involved in a lawsuit, you may be required to produce emails in court as evidence. But courts won’t allow the submission of email as evidence unless you are able to prove the data hasn’t been tampered with.

You need tamper-proof email archiving and file storage

Email. Courts consider email to be evidence of a “conversation” between people, so your data needs automatically archived in a way that prevents anyone (administrators or users) from being able to delete, modify, or tamper with messages or attachments. You also need a granular way to comb through that data. The service should index both emails and attachments, making searches for eDiscovery easy and ultra-fast.                   

Files. Your main goal is preventing data loss in the event of a disruption, protecting data against unauthorized access, and having an easy mechanism for restoring files from backup. So when planning your business continuity strategy for file storage, you want to make sure files are backed up with a frequency that can meet those requirements.

And for both email and files, you want to have multiple copies of your data stored in multiple, dispersed locations. The easiest way to accomplish this is with cloud-based solutions for email archiving and file backup.

Deploy business systems that provide the proper safeguards

You’ll need both an email archiving service and a file backup solution to effectively store and manage your data.

Email. Look for a tamper-proof archiving service that captures 100% of all emails sent from or received at your email domain. You’ll want both emails and attachments to be automatically indexed for easy search and retrieval. To do this the archiving service should be able to index as many file types as possible – not just the most common document, spreadsheet and presentation formats. To help ensure that the service is truly tamper-proof, look for a service that provides WORM-compliant (Write Once, Read Many) storage.

Files. A good cloud backup service will provide real-time multi-folder backup for PCs, Mac® and on-premises file servers. Some services will only do scheduled backups, but you can find services that will also perform file backups every time they are saved. This real-time backup capability provides greater protection against data loss and makes it easy to restore a file to a specific version. Your administrators should to be able to perform both single and mass point-in-time restoration rather than having to contact customer service. And they should have complete control over backup policies like how long versions are retained and whether files can be permanently deleted.

With both email archiving and file backup services, vendors may charge you based on how much storage you use in their cloud. Ideally, you should find service providers that only charge you a flat per-user fee with unlimited storage. That way, you won’t need to worry about surprise charges on your bill or need to choose between what to preserve and what to delete.



Mac is a registered trademark of Apple Inc.

More about Security & Compliance