31 Jul 10 Ways MailStore Server Can Help With GDPR Compliance
With 205 million messages being sent every day, email still remains one of the most popular ways to communicate, which means the mailboxes of many businesses today contain all manner of information concerning both customers and staff.
Whether it’s bank details, employment contracts, IP addresses or altogether more sensitive information, the introduction of the Global Data Protection Regulation (GDPR) in May next year will force companies to take the responsibility of managing this data seriously.
In summary, GDPR encompasses the right of individuals to:
- Access their personal data
- Have their personal data forgotten
- Obtain a copy of their data in a ‘portable format’
- Have personal data updated and maintained
- Provide consent – ‘opt in’ rather than this be assumed
- Restrict where their data is used
- Be notified when there’s a major breach involving their data
For full details concerning the requirements of GDPR, I recommend the Information Commissioner’s Office website as a good starting point.
Unlike with the Data Protection Act of 1998 that it replaces, the penalty for sticking your head in the sand is severe.
If your business is in the EU, or you trade with anyone in the EU, infringement can lead to fines of up to 4% of your turnover or 20m EUR, whichever is the greatest.
GDPR is a broad topic that you’ll need to research, but in this post, I’ll cover how MailStore can help you with one aspect of compliance – your email communications.
10 ways MailStore can help
Archiving your Exchange, Office 365 or MDaemon account with MailStore provides fast access to a secure and centralised repository of all email messages which helps meet GDPR requirements in a number of ways.
1) A complete record of email communications
Search for personal data in confidence that what you’re seeing is a complete record of all email for the business. MailStore archives new mail as it comes and goes from your accounts, historical messages direct from mailboxes and Outlook PST archives.
2) Fast, powerful searching across all company email
Ensure a timely response to a request for data. Produce a list of all email communications from your business to an individual with only a single search. Use a wide range of criteria including keywords, numeric strings and partial domains.
3) Searching within email attachments
When you search the archive for personal data, MailStore is also looking in common attachment types such as Word, Excel and PDF.
4) Bulk export of selected email to PST, MSG or EML
Comply with the portability requirements of GDPR by providing individuals with your exported search results in a number of well-recognised file types.
5) Bulk deletion
Help comply with an individual’s ‘right to be forgotten’.
Multi-select search results and bulk delete from the archive provided you have the right level of authority.
6) Protection against manipulation and deletion
Archived email is protected from modification by default, giving you the confidence over the integrity of the data you’re providing and helping avoid potential breaches.
7) Encrypted archive data (256-bit AES)
Limit the damage of a potential breach. MailStore encrypts messages, the archives’ underlying databases and the integrated audit trail. This means that metadata info like subject lines, senders and recipients are all encrypted, as well as the underlying folder structure of the archived mailbox.
8) Secures your archive against unauthorised viewing
Even a MailStore administrator cannot access or view the users’ archives by default, again limiting the potential for a data breach. This can be modified but all changes are recorded in the audit log.
9) Keeps limited data on laptops and remote PC’s
Minimise the risk of email data breaches by limiting the amount of email residing in email clients. MailStore automatically purges mailboxes ensuring that only minimal email in the clients and making revoking archive access easy.
10) Provides an audit trail of access
Last but not least, MailStore includes restricted read-only access for auditors and a detailed audit log to help you identify breaches and have confidence in the integrity of your data.
Free 30-day trial of MailStore
If you’re interested in testing the functionality discussed in this post, you can download and install the free 30-day trial of MailStore without any impact to your live server.
The countdown to GDPR has well and truly begun – make sure you’re fully up to speed by the May 2018 deadline.