For high standards of data integrity, there should be no discrimination about which emails and are archived. Great care should also be taken over how and when data is deleted. Failure to address these issues risks leaving 'holes' in the data record and undermines its forensic value.
Non-discriminatory email archiving
Most email archiving systems offer functionality for controlling what data gets recorded and when. -"Archive all messages for the sales and legal departments, don't archive mails for the Chief Executive if they contain confidential markings, store messages for the finance department for 90 days on-line and 7 years off-line, permit selected users on-the-fly to chose how long to archive and retain messages for."
Such 'policy based archiving' sounds good in principle as its keeps retained data and storage requirements to a minimum. However, from an forensic evidential point of view it is weak, as it introduces doubt over the completeness of the email archive in a court of law.
Cryoserver has been designed as an audit email archiving system, making no policy decisions about what is captured. This is essential for organizations looking to demonstrate high standards of email compliance through building a trusted record of their messaging communications.
Audited delete process
Closely allied to starting with a full record, is keeping a full record. Frequently overlooked is just how easy it is to delete individual messages from email and email archiving systems - usually without trace. Arbitrary or selective deletion by users undermines an email archive's integrity and in extreme cases, such as upon discovering child pornography or destruction of documents during litigation proceedings, can lead to criminal penalties. Cryoserver's audited delete process helps organizations move deletion to an arms length activity, requiring that appropriate internal authorizations are first obtained.
Top of page
Digital fingerprints
Cryoserver makes a 'digital fingerprint' (using MD5) of each message as it enters the archive. When a message is retrieved from Cryoserver, a new fingerprint is computed and compared to the saved one. This allows the system to detect whether a message has been tampered with after it was originally saved.
Top of page
Encryption
Cryoserver encrypts messages and their attachments before archival in order to prevent disclosure of confidential information within the email archive.
Top of page
Expansion of distribution lists and blind copies
Cryoserver explicitly records the names of recipients on distribution lists at the time messages are sent. As the composition of distribution lists can change over time, this is valuable forensic data. Similarly, blind copy recipients are also shown on messages that are retrieved as part of a Privileged User search.
Top of page
Preservation of mail format
Cryoserver retains as much as possible of the original format of messages, attachments and any header information. The intact format contains 'metadata' information vital for establishing the authenticity of a message should it ever be called into question.
Top of page
Independence from the email system
Unlike most email archiving systems, Cryoserver does not try to form part of an organization's email system. Cryoserver sits separately to the mail server and operates independently as a trusted audit system. Forensic & Compliance Systems’s customers are free to change/upgrade their email system or deploy multiple different email systems in the knowledge that the forensic credentials of their data will be preserved with Cryoserver
Top of page
Basic Users
Cryoserver Basic Users are granted access to perform powerful search and retrieval operations concerning any messages they have sent or received. Basic Users are not permitted any access to messages to which they are not a party.
Top of page
Privileged Users
Privileged users are able to search all emails stored in Cryoserver. This level of access is intended for a few trusted individuals (such as an HR Manager or Compliance Officer) within an organization and should be considered in co-ordination with privacy regulations, both corporate and legislative. Privileged users are required to state their reasons for searching. All searches performed are logged and session transcripts are automatically stored in encrypted format in Cryoserver itself as well as being sent by email to nominated Data Guardians.
Top of page
Data Guardians
Data Guardians are other trusted nominated individuals in an organization that have the responsibility for checking that searches are in accordance with the stated reason, corporate policy and regulatory requirements.
Top of page
Realtime replication
In order to provide high availability and resilience to a site disaster, the Cryoserver Realtime Replication Module provides organizations with a trusted mechanism for creating an on-going duplicate copy of their email archive at a separate physical location.
Top of page
Forensic hardware procedures
Cryoserver is normally supplied as a sealed appliance. This way we and our customers know that Cryoserver is correctly configured and operational right from the start. In the event of a hardware failure or the requirement to add further storage, Cryoserver offers on-site services for validating correct replacement procedures are undertaken and refitting tamper-evident seals that are likely to have been removed in the process.
Top of page
Legacy import and Migration services
Cryoserver offers the facility to import all of your legacy data as a one-time process. This permits instant searching of any old email alongside new data. Importantly, the old data is tagged forensically; it cannot be relied upon as having been collected to the same standard post-Cryoserver.
Top of page