Why Migrate PST Files to Office 365?
Quadrotech clients voice a consistent message regarding PST files: they want them eliminated from their ecosystem. The common themes are they represent compliance and discovery issues that can result in significant fines; they impose restrictions on how users can access their historical email; and they create drag on IT expense due to help desk calls, storage costs, and backup maintenance.
Typically, clients want to migrate PST to Office 365 to take advantage of huge data storage and for enabling eDiscovery. Once in the cloud, users have instantaneous access to their messages via their device of choice, and storage costs are eliminated, while messages no longer required for eDiscovery can be removed from the environment via strict retention policies.
While there are a few methods for deleting PSTs, the overwhelming preference relayed to us is a technology solution capable of discovering the files throughout the enterprise, determining ownership, repairing PST corruption, removing passwords, and quickly and efficiently migrating the files to Office 365 while being cognizant of network disconnects, bandwidth capacity, and business process.
Risky Business: The Dangers of PST Files
In February 2015, at least 170,000 hacked individual Sony emails were published by Wikileaks and Sony reputedly had to set aside $15m to deal with the fallout. The hacked emails were sourced from standalone files that included at least 179 PSTs including those of an executive at Sony Pictures Canada and one of its IT audit supervisors, as well as many archive and backup PST files.
By their very nature, corporate emails contain a wealth of sensitive data. They’re often the book of record, which is why regulators insist they are auditable and retrievable. With their lack of options to protect and track, any organization using PSTs is at risk.
Consider the Federal Rules of Civil Procedure, Rule 37E change from “good faith effort to protect information” to “taking reasonable action to prevent deletion”. As a result, the potential for companies to receive significant fines for failing to act to preserve materials is a real risk.
In addition to the above-mentioned legal and financial risks, the following points should be considered when analyzing the negative impact on your organization:
Top 10 issues with PSTs
- PSTs are not frequently backed up: Most admins do not routinely backup hard drives workstations, which is where PSTs are likely to be stored. This could lead to costly data loss and can potentially violate Rule 37E.
- Compliance conflicts: Every enterprise organization will have sensitive information they cannot afford to be leaked, and keeping PSTs on workstations and network shares dramatically increases the risk of sensitive data going missing. PSTs are also invisible to Legal, causing data to be omitted from eDiscovery if needed for litigation.
- PSTs are easily corruptible: In some projects, up to 40% of the PSTs Quadrotech’s PST Flight Deck discovers are corrupt or password protected. This corruption further increases issues with eDiscovery and migration. (Note that PST Flight Deck automatically repairs PST corruption post-discovery.) Additionally, you should keep in mind that password protected PSTs are not encrypted. This means lost PSTs – regardless of whether they’re password protected or not – should be treated as a data loss event.
- eDiscovery becomes problematic: PST files are external to the Exchange data store. As such, this information is not interrogated when native Exchange Server eDiscovery tools are used increasing risk for non-compliance.
- No support for network-connected PSTs: The storage of active PSTs on network shares is not supported by Microsoft. And according to Microsoft, placing them on network shares increases the likelihood of corruption.
- PSTs are local to devices: Nowadays, users expect emails to be available on any device – PC, tablet, phone – anywhere. Cloud-based email systems like Office 365 are there to provide easy accessibility, centralized control, and security. Having to use a specific device to access the PST is in direct conflict with the access anywhere/anytime paradigm.
- PST files are restricted to Outlook: As a result, mobile devices which connect to Exchange mail via ActiveSync cannot access PSTs. Similarly, OWA does not support PSTs. Further, an ‘orphaned’ PST (not connected to Outlook) is invisible to IT but can still contain valuable information that needs to be preserved or discovered.
- PSTs can be accessed to get around message lifecycle management policies: Many organizations enact retention policies to regulate message lifecycles. In addition to reducing storage costs, this practice reduces risk to the organization since once messages are old enough for the organization to no longer be required to keep a copy by law, the outdated message can be deleted, drastically simplifying document management lifecycle. If users store old messages in PST files, they are effectively circumventing your retention policy. This practice may put your organization at risk in the event of messages being subpoenaed.
- Shared PST files are troublesome: The sharing of PSTs by multiple users greatly increases the likelihood they’ll get corrupted resulting in the above-mentioned issues with corrupt PSTs.Only one user can open a PST at a time, creating a difficult user experience and much wasted time.
- PSTs raise the cost of business: PST files tend to increase administrative load. Admins might be tasked to find PST files throughout the organization, or users might ask administrators to attempt to repair corrupt PSTs. Either way, this additional administrative effort incurs cost. On a similar note, there may be costs related to improper data exposure, file storage, backup maintenance, and data loss.
The Ponemon Institute/IBM Security analysis conducted in 2018 reveals the average cost of data breaches is $3.86M. The study also found that breaches are getting larger with the average size of breaches, based on the companies surveyed, increased by 2.2 percent year after year. When broken down by country, the US is leading in the most data breaches, equaling out to an average of $7.91M.
To state the obvious, whatever costs you may absorb to eliminate PSTs could arguably be considered a rounding error as compared to the potentially catastrophic financial loss as a result of a PST-enabled security breach.
We encourage enterprise organizations to look at technology solutions for eliminating PSTs in their ecosystem and removing this ticking financial time bomb.