What Is Message Integrity Verification in Email Archiving
Today, when email archiving is no longer a new practice (the Radicati Group’s 2020 report predicts the market revenue will double by 2024) and the vendors are plentiful, it’s not easy to choose the right archiving solution.
Today in our blog series, we’re exploring a hot topic ‒ message integrity, and a particular archiving method that ensures that the message content is not compromised.
Email archiving is a process in which an archiving system obtains email messages, attachments and metadata from email servers, and then indexes and stores them in read-only format in a central repository under your control.
There are two crucial things that need to be highlighted here.
1. Metadata tells a story
We archive messages for content and attachments. But the story doesn’t end there. Every email contains header data ‒ data that is stored in an email about the email. So what does metadata tell us?
Apart from the obvious info such as the sender and the recipient, metadata contains other interesting information about the message:
- exact message route (which allows you to reconstruct the actual message routing across servers),
- the sender’s IP address,
- the sender’s time zone,
- reply threading,
- type of device,
- the operating system they’re using.
This information is vital in ediscovery cases when every email is thoroughly inspected as a piece of evidence and when message fidelity is key.
2. Your archive needs to be tamper-proof
Under the SEC Rule 17a-4 and many other data retention and compliance laws, electronic records must be preserved in a non-rewritable and non-erasable format. This means that proper email archiving solutions must be designed in a way that preserves message content and prevents its alteration or deletion. This is usually done by choosing the right technology (the solution with proper data protection features) and establishing the right processes.
User roles are a typical way of doing this. End users are given minimal privileges, while compliance officers, lawyers, C-level executives and administrators have different levels of access, which allows them to change retention periods, inspect other people’s messages and track user activities on the archiving platform.
When it comes to technology, organizations can ensure full compliance with federal, state and industry regulations by making sure that their email archiving solutions record data in WORM (write once read many) format and that they contain software capabilities such as encryption, dynamic roles, activity trail and message integrity verification.
An extra layer of security
Given that email and other electronically stored information can be used as evidence, it is of paramount importance that your organization can prove that the emails have been archived in their original state and remained intact while in the archive.
To minimize legal risk, improve compliance and help with ediscovery or internal investigations, a good archiving solution will make sure all messages are time and date stamped.
Choose an archiving software which offers integrated (mailbox) archiving together with authenticity features and message verification to easily prove that a specific email has not been manipulated or tampered with.
The verification process begins with message ingestion ‒ each and every email gets a unique hash number that is visible when the message is retrieved. This serves as proof that what compliance officers or lawyers are reviewing is the original message with its original content and metadata.
To see how message integrity verification works in Jatheon’s solution, . To learn more about the challenges of email archiving, watch our free webinars, visit our Content Hub or subscribe to our blog.
Originally published at https://jatheon.com on June 29, 2020.
