[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 510
  • Last Modified:

foolproof retention... you can delete undeletable messages if you are clever!

Looking for 100% message retention forever technique, or until technology provides a practical answer to regulatory storage requirments.

I am aware of setting retention limits.  I am aware of tombstoning those messages the user 'permanantly' deleted.  I am only awaware of dumpsteralwayson and using OWA to reveal the retained messages, (which sound like weak methods.)

can you advise a way to force them to stay in deleted items forever?
can you advise a workaround to the fact that revealing retained deleted messages in OLK and OWA both offer a way to purge them forever, which I don't want to have happen.

Am I better off leaving it to a third party utility.  GFI ME includes a log all messages (and not include attachements if desired) to a SQL server, have put this online experimentally in a lab setting and I like it.  Unfortunately I prefer to keep retained messages in exchange and viewable with complete header stamps and stuff.
0
carl_legere
Asked:
carl_legere
  • 3
  • 3
  • 2
  • +2
1 Solution
 
dstoker509Commented:
HP makes a powerful solution for this purpose called RISS.  It is a complete solution including all necessary hardware and it scales really well so you can add to it over time if needed.  Every email is digitally signed and archived before the user can even touch it.  I believe that the users can delete items from their mailbox, but the archival database maintains everything for easy retreval if necessary.  We used it in the medical industry for HIPPA requirements and configured it for a 7 year retention.  It is 100% retention; users cannot work around it.

HP RISS Solution: http://h18006.www1.hp.com/products/storageworks/riss/index.html
0
 
f_umarCommented:
i think u should use GFI mail archive to archive emails

u can set deleted items retention time between 0 to 24,855 days which is more than 68 years. becareful about storage
0
 
dstoker509Commented:
HP's RISS Solution will cost more (sort of), but it also includes the storage and is easily scalable.  Depending upon the size and "true" retention needs, you will most likely need a scalable solution.  I would really detail your requirements before purchasing any solution to ensure that you do not have to repurchase a different solution down the road.

I would start a spreadsheet to list requirements and nice-to-haves including storage scalability and DR.  I would also look into the process and time requires to recover archived messages.

I don't think that you will find that native tools will meet your needs.  Besides, keep all of your email for an extended period of time will significantly hurt your Exchange server's performance.  Some companies even force a 90-day limit on email in the mailbox and then use the RISS solution to archive all emails.  Keeps the users ontop of their mailboxes, but restoring archived email to the mailbox takes only a matter of minutes.
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
SembeeCommented:
If this is for compliance, then the messages HAVE to come out of the Exchange server. No other method will stand up in court.

Exchange is designed to allow the user to do what they like with their mailbox - delete or modify the messages as they see fit. That is why it is impossible to stop a user from deleting anything. You cannot change permissions or settings which will stop a user from removing or modifying content.

From a compliance point of view, you need to take a copy of the message as it passes through the transport area of Exchange and write it to another database so that in the event of a disclosure request you can prove when the content was written to the database and that it hasn't been tampered with.  

That will require an journaling product.

What I think of as archiving products is tools that will remove items from the user's mailboxes when they are over a certain age.

The GFI Mail Archiver product I don't consider to be a true archiver, it is a journaling application and is perfect for compliance issues as it stops the user from being able to interfere with the email message.

Simon.
0
 
dstoker509Commented:
Yes, the HP product is also a journaling product designed for corporate retention.  Sorry for the "archiving" terminology confusion.  
0
 
ECNSSMTCommented:
Hi carl_legere,

Exchange 2003 has journal capabilities and it was created to meet regulatory specifications of specific industries.  The below URL will provide a lot more info

http://www.microsoft.com/technet/prodtechnol/exchange/2003/library/journaling.mspx.

Short side of it, depending on how many users you intend to journal, it appears that a separate server may be warrented due to the added workload.

Oh, in the financial sector (in the US), I believe minimum legal forever is 3 years, but the banks I worked for kept tape data as far back as 7 years.

Ensure that your HR notifies everyone that this journaling is taking place as part of the company's regulatory obligations.  I am rather foggy about the legal guidelines on this, so you may want to talk to your legal advisors.
Regulatory guidelines will take precedence over personal privacy, but I am uncertain how this is legally addressed.  And this will vary by state and country.

Regards,
0
 
SembeeCommented:
dstoker509 - don't worry about the terminology - they seem to be inter-mixed at the moment. Causing some confusion though, when clients ask for archiving you have to ask them what they actually mean - big difference in the price as well.

Simon.
0
 
carl_legereAuthor Commented:
thanks for the great responses everyone!

Simon,  I have to admit I'm confused by your first line to me-
"If this is for compliance, then the messages HAVE to come out of the Exchange server. No other method will stand up in court. "

this could mean that in order for them to stand up in court they should come from exchange server

or

it could mean what I beleive you are telling me is to have them stored in something other than exchange.
0
 
SembeeCommented:
The messages have to come out of the server, as in removed, to be stored elsewhere. Ambiguous wording on my part.

Get them in to SQL and any changes can be traced.

Simon.
0
 
carl_legereAuthor Commented:
I suspect the true hot setup is to outsource it.

thank you
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

  • 3
  • 3
  • 2
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now