Email Compliance Software That Meets Any Standard
Email compliance requires email retention software that’s designed with compliance at its core. To achieve compliance, emails need to be preserved, sorted in line with regulations and data needs to be easily retrievable for restoration or deletion according to legal requests.
What’s Your Email Retention Policy?
There’s no shortage of regulations when it comes to communications and storage of data – from how long a business should keep emails to how long they should store employee information. Whichever industry you are in, chances are that you will have to deal with overlapping legislation about what you can and can’t keep, how you should keep it, and how long you should keep it for. Cryoserver email archiving solutions ensures your data is aligned with legislation accordingly.
How can Cryoserver help?
Cryoserver’s email archiving solution provides a secure, tamper-evident, encrypted and reliable back-up should you have any data loss issues or experience an unfortunate cyber-attack with your Office 365 or on-premise mail server.
Cryoserver archiving solutions keep all email and attachments secure, protecting and controlling access to data. Most importantly, if policies like GDPR require you to delete the PII (personal identifiable information) you hold on an individual, Cryoserver will enable you to find and remove all the data from your email and attachments with the help of detailed search results and to have the audited proof that you have met the requirement.
Recovery & Backup
Simplify your IT, ensure data protection and minimise downtime when you implement email archiving compliance software by Cryoserver. Whether your business relies on a hybrid environment, Microsoft Office 365™ or an onsite server, Cryoserver offer a cloud-based email compliance solution that leverages archive data to streamline recovery, decrease costs and boost business continuity.
Email Storage Solutions
With more and more emails being sent and received each day, businesses are struggling with the burden of storing email and other unstructured data on-premises. From the volumes to the cost, the impact of email’s accelerated growth is being felt. Simplify data management, meet the demand for email availability and reduce storage space with Cryoserver’s email compliance software.
For many businesses, moving to the cloud is a priority. Simplify your migration from your existing on-site mail server and ensure your Office 365 archiving is compliant with Cryoserver. Cryoserver email archiving is taken up by Office 365 users to supplement the service and really create a more powerful email solution for their business, overcoming a number of disadvantages of O365 archiving.
Privacy by Design
When we developed Cryoserver, key considerations were the privacy and rights of end users. This is our “Privacy by design” philosophy, which is at the core of the solution. It leads to enhanced privacy options for organisations and individual employees. It enables role-based access to archived emails, audit trails at all levels, and preservation of audit trails – all overseen by employees you assign to be your archive custodians or what we call “Data Guardians”. The unalterable nature of Cryoserver creates an evidential repository, which is admissible in court. Also, it’s GDPR-compliant, and it protects your employees’ human rights.
Download the Cryoserver Compliance Datasheet
The overview sheet is a brief summary of what compliance Cryoserver brings as an archive.
If you have any questions, get in touch by using the contact form below.
How is Cryoserver GDPR Compliant?
The EU General Data Protection Regulation changed the way that companies all over the world store and handle Personally Identifiable Information (PII). At Cryoserver, we have made some enhancements to our solution to make sure that it complies fully with this legislation, which also ensures the compliance of our customers when it comes to their email data.
The Right to be Forgotten
GDPR states that if a subject wishes to be ‘forgotten’ by an organisation, it is their right that the organisation delete all data held on them. Cryoserver’s super fast search and Audited Delete functionalities ensure that data can be found quickly, and a record of its deletion is kept to prove to the subject that their request was carried out.
SAR and FOI
Data subjects have always been able to request a copy of all the data held on them by an organisation via a Subject Access Request, or Freedom of Information request in the public sector. GDPR has made it easier for subjects to do this, and Cryoserver has been helping both public and private companies fulfil these requests for over 15 years.
Frequently Asked Questions
Does filtering spam prior to Cryoserver affect compliance?
Yes. If you use a system that filters email and either prevents or diverts the passage of emails it considers spam/virus, then it becomes difficult for a company facing litigation to prove that it has a full, forensic record. The purest most ‘forensic’ approach is to set up Cryoserver to capture raw SMTP as it enters the premises BEFORE it gets to you mail server. However, most customers weigh up the balance between absolute forensic compliance and spam avalanches and decide to filter spam/viruses before they get to the mail server and Cryoserver.
If an organisation has outsourced all email, does this affect compliance?
No, but it depends on the standards of your outsourcer. They need to be able to demonstrate to a regulator or a court that they have appropriate data policies that they apply to customer’s data. It is also worth pointing out that the company is still fully liable for any errors or omissions by the outsourcer; the responsibility is on the company to ensure that the outsourcer is managing data compliantly.
Does keeping data for longer than mandated retention periods have legal implications or any other exposure?
Mandated retention periods are almost invariably ‘minimum recommended retention periods’ and therefore a ‘deletion point’ is not defined – you can keep it as long as you want. Exceptions are the Data Protection Act 1998, in which ‘Principle 5’ says personal data may not be kept ‘longer than necessary’, but does not define what this time might be. Companies are therefore required to decide for themselves as part of a formal procedure what their retention period for various types of personal data should be.
How do you prove an email’s integrity?
Cryoserver is configured to ensure that each and every email sent or received by a company (including internal email) is captured. As each message arrives at Cryoserver a digital fingerprint of the entire message is taken which is recorded with the message in an encrypted and compressed format. If a message is retrieved from Cryoserver its digital fingerprint is recalculated (after it has been uncompressed and decrypted) and this is compared with the digital fingerprint recorded when the message was received. It is therefore possible to prove the content of a message has not been tampered with in any way since it was received.
What Compliance does Cryoserver have?
Cryoserver’s complete focus on email archiving provides you with a uniquely flexible solution that saves time on eDiscovery, gives compliance officers peace of mind and makes the help desk’s life easier.