First off, you're going to need to take an inventory of where your email is used and stored (Outlook, the web,...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
personal phones, etc.). Next you need to determine your legal obligations related to email security and retention. How do the federal privacy and security regulations such as HIPAA affect your business? What about state breach notification laws?
You also need to decide how critical any/all of the emails are to your business - not only for future internal reference but also e-discovery. Deciding which emails are important will help to classify the different types of email. If that's too much of a challenge, at least consider separating out the emails that have attachments, since that's where a lot of sensitive information tends to be, and specific users or groups of users. This ensures that their email is handled and stored properly. As for instant messaging and social media messaging, if they're key to the business, you may want to consider bringing them into the scope as well.
This exercise is going to require the input from a lot of different people. You should never assume anything and don't just download someone else's data backup and retention policy and procedures off the Internet and believe that's going to be enough. At the very least, get your lawyer involved as he/she is going to be making a lot of key decisions related to this.
Related Q&A from Kevin Beaver
When replacing an email security gateway, should a Web security gateway be used or another email gateway? Expert Kevin Beaver explains.continue reading
Expert Kevin Beaver explains how organizations should address end-of-software development dates, and what they ultimately mean to enterprise security.continue reading
Are read-only domain controllers a more secure option for setting up domain services in a DMZ than using a separate domain? Expert Kevin Beaver ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.