Unstructured business content is increasingly considered one of the most valuable assets in the enterprise. In fact, in December 2006, the Federal Rules of Civil Procedure replaced the term "data compilation" with the phrase "computer stored information"--a broader term which includes records, such as voice mail, that are stored in computers but not necessarily generated by them. Parties are now required very early on in the discovery process to disclose their computer systems data, including email, that relate to the litigation.

At the same time, however, organizations must balance two seemingly conflicting objectives regarding this content. They must meet their fiduciary responsibility by protecting content from unauthorized access and use through encryption and rights management. They must also preserve content for future search and disclosure through archiving.

Until now, this has been an impossible challenge. Organizations had to choose one or the other.

Today, however, organizations are adopting new secure archiving and retrieval tools that support encryption as well as enterprise rights management (ERM). Encryption enables companies to control who can see content such as email and documents, particularly when it is in transit. ERM enables organizations to control what can be done with that content, and by whom, on a granular basis. With these tools, organizations can keep their unstructured content secure, archived, and searchable.

Encryption and ERM

While the messages of only a small percentage of corporate users in the typical enterprise actually need encryption, those users often are generating the corporation's most valuable information. Email encryption solutions are aimed at enabling companies and employees to control who can see content when it is on the move — for example, when it is being sent between companies.

Public Key Infrastructure (PKI) provides a framework for establishing a secure way of exchanging data through digital certificates that authenticate the identity of individuals. Organizations can implement PKI in-house to authenticate employees accessing the network, or the PKI can authenticate the identity of individuals and organizations over a public system, including the Internet. Encryption and key technologies include Secure Multipurpose Internet Mail Extensions (S/MIME), Pretty Good Privacy (PGP), and Secure Sockets Layer (SSL). Typical encryption technologies provide a PKI and key management infrastructure and a data encryption protocol that plugs into client email applications such as Microsoft Outlook and Lotus Notes.

ERM, which is also known as enterprise digital rights management, or eDRM, allows companies and employees to control what can be done with content such as email and documents. For example, ERM technology allows enterprise employees to determine whether a specific email can be forwarded, printed, saved, and more. With ERM, an individual can also specify by whom a given email can be forwarded, printed, saved, and so forth. Typically, this is achieved by applying a publishing license to the content, and the content is then encrypted to protect the application of the publishing license. ERM technologies traditionally work with specific document types, from email to Adobe PDF files and Microsoft Office documents.

Today, encryption and ERM are increasingly being adopted to solve problems of content control and content compliance. Financial services, manufacturing, and healthcare companies in particular are leveraging these technologies to control what information can be sent out and, in turn, prevent intellectual property from being forwarded to competitors. Many of these same companies are using these technologies with email archiving solutions to ensure secure yet searchable archiving.

Encryption, ERM, and a Flexible Archiving Framework

E-mail archiving tools are designed to deliver long-term, archival storage of multiple types of data. Information and data lifecycles are managed and relevant content can be found on demand. A complete archiving solution is one that does not disrupt the user, thereby avoiding the need to change business processes and retrain staff.

E-mail archiving tools also facilitate the practical management of policies for both online and offline email. For online e-mail, they can enforce mailbox quotes but still provide access to archive e-mail through shortcuts. For offline e-mail, they can find user .PST files on the network or individual machines and move them into a central archive, thereby ensuring that all email remains protected and in compliance with corporate policies.

When built on a flexible framework, e-mail archiving provides secure, scalable information retention to meet current and future needs and exploit advances in storage, server, and other technologies, including encryption and ERM.

The combination of ERM, encryption, and flexible archiving provide a powerful tool for enabling companies to meet their fiduciary requirements for secure messaging and storage. ERM encrypts documents and only allows users access to content if those users are authenticated and have the appropriate rights; it also prevents users from performing actions they do not have rights to perform. Encryption and secure messaging encrypts content passing between two or more users and allows access only if the users are authenticated by means of the private key they hold.

Consequently, a number of archiving systems are beginning to enable both ERM-protected content and encrypted content to be archived and retrieved by users who are authorized to have access to the content. A number of systems also offer the option of indexing and searching ERM-protected and encrypted items and content, as well as determining whether the archived content is stored as it was originally protected by the ERM system, by some different administrative encryption, or not at all.

Further, by providing custom filter APIs, these email archiving systems provide for the identification of protected content, the decryption of such content, and the indexing and storage of content in plain text.

Secure Yet Searchable

E-mail will likely remain a critical application, and for most organizations, its importance will grow. As a result, managing email systems and the data they contain has become a top priority for companies around the globe. At the same time, these organizations must satisfy a range of requirements for secure messaging and storage and meet a number of regulatory demands for data retention and legal discovery.

By leveraging encryption technologies together with ERM integrated into a flexible email archiving framework, organizations can communicate sensitive or regulated information over e-mail and be able to retain and seamlessly discover electronic communication records from a secure yet flexible archive.