Compliance Archive Archives | ExchangeDefender Blog

ExchangeDefender
ExchangeDefender: Keep your email, and company data safe and secure.
ExchangeDefender PRO Multi-layered email security suite protects against SPAM, viruses, phishing attacks and more.

Corporate Encryption Send and receive encrypted messages by email, url, or sms.

Compliance Archive Assures full archiving of all inbound, outbound, and internal email for regulatory compliance.

Web File Server Unlimited document sharing and secure file storage.

Business Continuity Enables organizations access to email during unexpected service outages.

Password Vault Securely store, manage and share passwords with a centralized management system.
GET STARTED NOW

Enable secure communication of sensitive information.
Schedule a demo Get a quote See it live
Looking for ExchangeDefender for home/hobby/small team?
Solutions
Solutions: Solve IT problems with our email & cloud expertise.
Exchange Hosting Microsoft Exchange mailbox for secure business communication.

SMS Proxy Virtual number that forwards text messages to email, web, Slack & Teams.

Exchange Essentials Our Microsoft Exchange mailbox service for home and small offices.

Web Hosting Custom web site and web application hosting services.

Cloud Service Management Management & support of Amazon AWS & Microsoft Azure cloud services.

Wrkoo Service and support portal solution that helps manage business & clients.
5 reasons why MSPs use our support software Wrkoo In our fast-pace world full of technology, customers want you to deliver impeccable customer service online…
Can't find what you're looking for? Contact our customer service at (877) 546-0316
Partners
Partners: Make better profits, join our industry-leading partner program today!
Marketing Marketing collateral and sales documentation to help you close deals.

Support Need help? We offer an industry leading SLA with 24/7 support here.

Managed Services for Legal Services

Support Portal

Managed Healthcare

Webinar Library

ExchangeDefender Threat Protection

Contact us

More

More
Become a partner Add our email and cloud expertise to your portfolio and profit from it.
See why MSPs love working with us
Company
Company: Learn more about our company, get the latest news, or contact us.
About Us Learn more about ExchangeDefender and our 20+ year journey in email.

Contact Us All the ways you can get in touch with us.

Blog The latest news, releases, and service updates from our team.

Regulatory Compliance ExchangeDefender compliance audits and security collateral.

NOC Network Operations Center advisories and current network events.

3rd Party Support Technical support for our platform if you're not a client.
5 reasons why MSPs use our support software Wrkoo In our fast-pace world full of technology, customers want you to deliver impeccable customer service online…
Can't find what you're looking for? Contact our customer service at (877) 546-0316
Docs
Login
ExchangeDefender Admin

Compliance Archive

ExchangeDefender Support

Encryption

Web File Sharing

Live Archive
Premium Support
US: +1(877)546-0316 INT: +1(407)465-6800 UK: 0800 8620149 AU: +61 0390010641

Compliance Archive Tag

May 16, 2018

Top 5 Mistakes Companies Make With Compliance

ExchangeDefender Compliance Archive was designed as a blend of services and products to help organizations achieve regulatory compliance. This complex process is always evolving with new regulatory requirements, changes in organization structure, and unique reporting requirements.

At ExchangeDefender we specialize in helping organizations with their eDiscovery needs. Here are the biggest fallacies we hear all the time:

“We have a backup”

Email backups are not sufficient for nearly any modern regulatory compliance requirements for email retention. Not only can the messages be deleted before backups run, but running reports across the entire organization is next to impossible, not to mention excessively expensive. We recently assisted a partner managing a small 15 employee office in their backup and restore process to locate a message from 5 years ago, costing the organization over $18,000 in IT labor alone.

“We have a product/compliance service”

Having a product or a service subscription is different from being in compliance with regulatory requirements. The difference between having a product and being in compliance is similar to “We have a CPA” and “We have filed our tax returns on time” – mistaking the two can be costly and dangerous.

“We are never going to need that”

Most organizations downplay the importance of long term email archiving and eDiscovery. An overwhelming majority of subscribers to our eDiscovery service don’t have a specific regulatory requirement at all, they do it to effectively defend themselves from legal threats that are all too common these days. With email being the gateway for all corporate communication, it is the first place record retentions, legal holds, and subpoenas are issued for electronic records and there needs to be a system in place to effectively deliver that information.

“What we have is enough”

Regulatory compliance goes far beyond poorly interpreted recommendations and laws. It is a process of producing reports, identifying problems, and assuring that corporate communications policies are being followed, or at least addressed, in case there is an issue. If the organization does not have people in charge of managing the compliance on a monthly basis or there are no current reports searching for dangerous or sensitive content or there is no ongoing maintenance or an established incident record – the organization is likely out of compliance even if they purchased the right software or signed up for the right service at one point.

“We have a someone managing that”

Someone is not a good person to rely on when you get a subpoena and they are even more difficult to get into a courtroom. Plus, how much would you trust them to demonstrate expertise and defend the implementation of the compliance archiving and eDiscovery solution? Many organizations make a mistake of thinking that just signing up for a service or purchasing a product is sufficient for compliance but it’s really just a starting point. You need the personnel, product, service, and reporting to fully achieve regulatory compliance.

ExchangeDefender Compliance Archiving and eDiscovery are a part of a professional service that helps get your organization and its means of communication on path to achieving regulatory compliance. Whenever someone is fully confident that they have their compliance in order we simply ask them to “show me your last Compliance Officer Report” and almost everyone struggles to produce the report or even name the Compliance Officer, the processes being used for archiving, the type of data protection, or the way in which the entire process is tested and audited. With ExchangeDefender Compliance Archiving, you not only get a service, you get a partner that will work with you every step of the way in achieving your regulatory and organizational needs for proper record keeping.

May 9, 2018

Archiving Business Continuity Compliance ExchangeDefender General Industry News PRO TIPS

Achieving eDiscovery and Compliance Archiving requirements in 5 steps

Signing up for the Compliance Archiving service is the first step in reaching regulatory compliance when it comes to email retention and eDiscovery. The following five steps will put you on the right path of achieving and maintaining that compliance:

1.Understand what you need to keep and for how long.

Your regulatory/oversight body will provide details about how long you are required to hold on to your email. In our experience with Compliance Archiving, you also need to pay attention to the Statue of Limitations that your business may be liable for. Very often the discovery process for lawsuits includes legal hold requests and record requests that are longer than regulatory requirement.

2. Get the right product and implement it correctly.

Your compliance has to be all encompassing – all email must be archived. With ExchangeDefender Compliance Archiving all of your inbound, outbound, and interoffice email is collected, archived and protected in the cloud. You can search for any document at any time and be certain that it has not been tampered with and that no emails have been deleted – something that sets our eDiscovery/archiving apart from backup solutions.

3. Keep an eye on it to make sure it works

Just setting up a compliance archiving solution is not sufficient enough. there is no protection for technical negligence in regulations. You are expected to keep your mail server and everything connected to it secure. Penalties for data loss, compromised credentials, and data leakage are severe and are not a valid excuse for not having compliance.

4. Create Compliance Officer reports frequently.

Compliance Officer within your organization must create reports on a monthly basis to assure no confidential information is allowed to leave the organization. Some industries have an even more specific and severe restriction on the type of communication that can take place over email and what sort of information can be sent – compliance officers run eDiscovery reports to assure nothing confidential is being shared and address problems and exceptions routinely

5. Routinely audit the entire system to maintain compliance.

Organizations grow and change over time and remaining compliant with new regulations is key. ExchangeDefender Compliance Archiving service often sends out advisories, best practices, tips and suggestions to adjust your process because you are always expected to be in full compliance with the latest requirements. Every time you add a new employee or change your mail server configuration or new lines of business – compliance must extend to cover these new records that may be of interest to someone down the road.

“One of the biggest mistakes organizations make with regulatory compliance is thinking that it’s a service, product or a one-time effort: quite the opposite!”

Achieving regulatory compliance means implementing the right product, conducting routine audits, complying with changes in regulations and having full control of the environment where messages are stored as employees come and go.

In the event of an audit, you will be asked to produce record and you will be judged on your ability to provide specific records that are requested, not the best effort you made in trying to achieve compliance. Considering the fines and legal complications, it makes sense to revisit the five steps outlined here annually and make adjustments as necessary.

March 27, 2014

Compliance General

Compliance Archive – Improved Searching!

Over the last month we have been in the process of improving the architecture behind Compliance Archive. Your information has already been migrated into this new compliance standard and we were able to do this with very little noticeable downtime. The main reason for this improvement was to help enhance database performance and finally be able to offer advance searching and audit reports.

To give you an idea, on the old architecture an advanced report would take roughly 20-30 minutes and would typically time out due to (multiple refreshes) or a user’s browser becoming unresponsive. So before we built the GUI to allow for these searches, we had to get this under control.

Now with the new system not only do searches come back typically within 3-4 minutes, they are scheduled jobs. So you type in your search, submit your criteria and either wait or check back once they have finished. The best part is, you can REPEAT your searches once they’ve finished! So let’s say you’re required to perform the same mundane search once a month, now you can with only a few clicks!

GET STARTED NOW

Premium Support