Ignoring PST data is a risk companies shouldn’t take

Thèmes :
Version imprimable, PDF et e-mail

Ignore the riskWho is responsible for PST Files is a question we’re often asked.   The IT department is usually the first to highlight the need to manage PST files for IT operational reasons such as reduced helpdesk calls, reduced network storage etc.   They often struggle to get buy in from management to fund PST projects perhaps because they fail to explain the corporate risks associated with these volatile files.

Other organizations believe that PST files are simply a ‘user problem’ – the user created them, they’re stored on the user’s devices therefore it’s up to the user to manage them.  Any business making this assumption is taking the biggest risk of all.

Microsoft’s Auto-Archive was a PST factory

Users often didn’t know they were creating PST files when they clicked “yes” to Microsoft’s auto-archive prompt – the feature was enabled in most Exchange implementations until Exchange 2010.  And it was not an issue for the user – until their PST file corrupted, or was inadvertently closed and lost, in which case they were quickly on the phone to the IT department for support.  Typically 10-15% of an IT department’s daily helpdesk calls can be taken up looking after these files.

PST files are like energy vampires

As well as creating headaches for the IT helpdesk, these files place additional pressure on backup and restore resources.   Each time Outlook connects to a PST, it’s marked as requiring backup (even if nothing has changed).  The average PST is 1.3gb (around 100,000+ emails). Multiply that by the number of users using or storing PSTs and you’ll understand the massive drain on backup windows and restore times.

Orphaned PST files which is a PST not associated to any particular owner, exacerbate this problem.  PSTs can easily be disconnected by users from their Outlook profile or they may be left behind when an employee has left the company.  Without an owner, nobody knows what’s in them, so no one can reasonably make a decision to delete them.

Companies may find they have vast quantities of PST files living on their corporate servers, with a significant portion being orphaned … all becoming energy vampires:  invisible consumers of capacity and resources.

Security and Compliance are compromised

PST files are highly portable; they can be disconnected from Outlook and copied or moved to another Outlook client with ease.   They can be seen as a great way of moving email data between people and/or organizations.  Whilst they can be password protected, a simple internet search will find any number of programs that can crack these passwords all of which puts end user data and intellectual property data at high risk.

If PSTs located on desktops or laptops fall outside the corporate backup strategy, they’re neither backed up nor protected.   The PST itself is merely a container file and does not fall under compliance requirements but the emails and attachments that are hidden within it do and therefore should be subject to the usual retention or deletion policies.  If an IT department is not centrally managing PST files, best practice is jeopardized.

Ignorance is no excuse

Just ask Ventura Corporation about the risks of ignoring certain email data:  A long-running EEOC (employment discrimination) case resulted in a $340K fine in April, when the company performed an email migration and decommissioned a server – effectively deleting email data which was later presumed to be relevant.

Courts don’t allow much leeway when it comes to data formats; PST files are just another form of email data.   They are considered discoverable and frequently contain relevant data:  as the saying goes, if it exists, it’s discoverable.  The company was deemed to have destroyed relevant information; that they were performing a migration did not excuse them from negligence.

Attorneys routinely seek email data from the opposing side, sometimes going so far as to specifically include email data which has been archived or “retained” in PST files.  Attorneys themselves regularly use PST files as a transport medium for discovery and document review.

legal holdLegal hold orders do not discriminate – ALL custodian data is impacted

Many seasoned companies and attorneys run into issues when a legal hold is triggered as to how they ought to preserve relevant data.  Hold means exactly what the word says – hold, or preserve, until further notice.  A legal hold is broader than the information eventually collected and produced for use in litigation; the intention is to ensure that nothing of potential value is destroyed.

A court will look at email data in PSTs as falling under the same guidelines as email in a mailbox:  if it meets the criteria, it is “on hold.”  If a company ignores PST data during litigation, it runs a very real risk of sanctions.  A company could be found negligent and face additional legal costs (i.e., sanctions) whether they win or lose.

Since most legal discovery occurs sometime after the alleged incident, it’s important not to ignore PST files when conducting email migrations.  The data contained within PST files should be discovered and managed according to the company’s email retention policies, rather than simply deleted.

Bottom-line – the business itself is responsible for PST data

The responsibility of PST data comes down to the business as a whole.  Organizations need to be aware of the risks associated with these files, make intelligent decisions on the business value of the data held within them and work with IT to centralize and regain control of all email and PST data.  This will ensure the organization and its users are protected.

No company should ignore PST data.  It needs to be managed like any other company data, otherwise it will consume resources, and create unnecessary risks – and costs.

Remonter en haut de page