Is Your E-Mail Secure, Protected and Recoverable?

E-Mail communications is the lifeblood of any organization and you want to protect it as best you can with the tools that are available to you

© markrubens - Fotolia

© markrubens – Fotolia

With e-mail security and protection we are really talking about 3 main areas of focus …

  • Backup and Disaster Recovery of email and email items
  • Virus, Spam and Content Filtering
  • Forensic Archiving and Storage

Let’s take a look at each of these separately …

Backup and Disaster Recovery of email and email items

Let’s face it, we’ve all had a situation where we’ve deleted an email folder by accident or actually “fat fingered” a delete key and Murphy’s Law strikes! That important email you received yesterday and absolutely must have tomorrow is gone!

The very first thing to do is to look in your “Trash Bin” and see if it’s there at all!

I know I know … you’re likely thinking “DUH! Of course I’d look there!!!” but you’d be surprised the number of people over the years that have faced this kind of situation and not done the obvious and looked there first so I thought I’d just get “STEP #1” out of the way

If this doesn’t work for you then the solution to finding your email depends on what your particular setup scenario is.

I think the best way to handle this would be for me to suggest a few different scenarios and if none of those apply please feel free to leave a comment below, or at my website, and I’ll try and address that specific scenario for you!

Scenario #1 : Standard Internet Service Provider E-Mail using POP3 for e-mail access

If the account set up on the machine is set to leave the email on the server for a number of days before removing it then you may be in luck. You can simply log in to the web interface for your email and retrieve the email if it was sent fairly recently … (have your current IT Staff check and see if your POP3 account is set up this way)

If this setting is set but the email you are missing was received outside the “# of days” window that is set on the POP3 account settings then you will need to go to your backup for this … if your email files are kept on your local PC or Laptop and you don’t have a backup of those local files …. then …. well … how do I say this … it’s likely time to cut your losses and move on!

If your email files are stored on the server at your office then you will need to contact your IT Administrator and have them do a restore of those email files and sift through them to retrieve the email you are looking for …

(See It’s Late On Friday, Do You Know Where Your Data Is? for tips on being aware of where all your data is at all times)

Scenario #2 : Hosted Microsoft Exchange Services in the Cloud (Office365 or others)

It would very much depend on the hosting provider that you use as to what their policies are as far as backup and restores are concerned.

Many of them will offer a special archiving service as an “add-on” to your account but even “that” might have a limited time window attached.

(See How Do I Pick A Great Hosted Exchange E-Mail Service Provider? for some great tips on this)

Scenario #3 : Using GoogleApps for Business for E-Mail

Google is a bit unique in the way they offer email in that even if you delete an email you can often times still search for it in your email program and it will often show up and that’s due to the way that emails are stored in the Google Cloud … and if you can’t find it using a regular search in your email client then often logging into your Google Apps web interface will allow you to search for it there and find it.

————————————————
ACTION ITEM : I can’t possibly cover every single scenario here but it basically comes down to this! Ask your IT Management team this one question …

“Is this organizations email set up in such a way that we can easily recover an email or emails if someone should accidentally delete something?”

If this is important to you and they cannot answer this question definitively then changes need to be made to your setup so you can have the “Peace Of Mind” knowing that you’re covered!
————————————————

Virus, Spam and Content Filtering

If your email services are hosted on an email server at your office there are numerous ways you can handle this onsite at your office .. here’s a few possibilities

Router/Firewall Based Solution : Many of todays’ enterprise class firewalls and routers have security services you can subscribe to from the manufacturer to screen for Viruses and Malware right as soon as it hits your site and before the email is allowed to touch your email server

(See How Do I Pick The Best Security Firewall and Associated Security Devices For My Business? for some great tips)

Dedicated E-Mail Security Device : This is a dedicated piece of hardware where all incoming and outgoing email is sent to for “screening and cleaning” before it is allowed either “inbound” or “outbound” from your organization … This might be a great solution for a company that is committed to their current router/firewall hardware but still desires enterprise class protection… these devices can fit into pretty much any office network scenario

Software Plug-In for Existing E-Mail Server Vendor : The software vendor for your current e-mail server software may themselves have a software “add-on” or plugin available that fits nicely with your existing server setup …

If you are using a Cloud E-Mail Provider you will need to check directly with them inquire as what kind of email security processes they have in place.

————————————————
ACTION ITEM : Have the discussion with your current IT Management Team and ask them this question …

“What steps have been taken in this organization to protect our incoming and outgoing email from all the different types of virus and malware activity?”

This is an incredibly critical piece of your network and it is an absolutely essential to have this covered. The current solution of just having Desktop Anti-Virus may not be 100% effective … Ask lots of question and if you don’t have a peace about it then you need your IT team to make the necessary changes so you can know beyond the shadow of a doubt that you’re taken care of!’re covered!
————————————————

Forensic Archiving and Storage

Whether you are bound by certain laws that require you to keep email history for a certain time frame, or you desire to have a record of all email coming either in our out of your organization there are solutions available that can give this capability to you …

Hosting Your Own Mail Server?

#1 : Check with your email server software vendor and see if they have a solution ?

#2 : Similar to the “Dedicated E-Mail Security Device” scenario mentioned above, you can have all inbound and outbound emails directed to a “device” or “server” where it is first archived before being delivered.

Hosting E-Mails In The Cloud?

#1 : Check with the vendor to see if they have this kind of capability built into their systems to give this to you …

This can be tremendously useful if you need to find an email during an audit situation? during legal proceedings???

Having a solution like this takes the “guess work” out of things as it allows you to literally search for “anything” coming in or out of the organization during however long you are set to keep email for?

SUMMARY :

This is a pretty deep topic and I’ve tried to cover as many of the scenarios as possible … in the end it all comes down to having regular discussion with your IT team about issues like E-Mail Security and Protection …

I’d encourage you to leave comments below and let’s have a conversation …