S 6.90 Data backup and archiving of groupware and e-mails

Initiation responsibility: IT Security Officer

Implementation responsibility: User, Administrator

In groupware systems, data must be backed up regularly. One of the applications where controlled data backup is of particular importance is e-mail. The importance of e-mail for internal and external communications is increasing steadily. It is therefore important that the messages sent and received can also be available in the longer term. In addition, there are statutory provisions that require long-term audit-proof archiving of business-relevant e-mails.

Groupware systems consist of many components which must be included in data backups depending on the configuration. For this reason, a data backup policy must be drawn up for groupware and should be integrated into the existing data backup policy of the organisation (see also module S 1.4 Data backup policy). On the server side, the essential information and data of groupware systems is stored in databases. The security recommendations for data backups in general databases must be implemented for this (see S 6.49 Data backup in a database).

Whereas backing up of groupware servers is generally well organised, there are frequently major gaps in the rules concerning backing up and archiving e-mails.

Typically, e-mails are moved from a central groupware or e-mail server first of all to user PCs or user directories where they are processed and forwarded and/or saved. Whereas data on servers is generally backed up at regular intervals, the e-mails stored on clients are frequently not backed up or only inadequately. There should therefore be a defined procedure for this.

User- or task-specific e-mail addresses can be configured for the receipt of e-mails. A lot of e-mails that are sent to user-specific e-mail addresses are, however, intended to be accessible to a number of employees, e.g. in project groups. It is therefore important to save these in appropriate project directories on servers. When such e-mails are saved as official documents, it is frequently necessary to observe the minimum and maximum terms for which such documents can be saved (see module S 1.12 Archiving).

Rules should be defined as to how, when and where both sent and received e-mails are archived, for example whether this should be centrally or locally by the users.

Where encrypted e-mail is to be archived, there are certain points which must be observed (see also S 6.56 Data backup when using cryptographic methods):

• E-mails which are to be saved for an extended period of time can become unreadable if the cryptographic key used is no longer available.
• The archiving and reloading of encrypted e-mails must be carefully planned. One possibility, for example, is to save the messages in plaintext. If this is done, their confidentiality must be ensured by other means. If e-mails are saved in encrypted form, the access information must also be backed up so that it is available for restoring the data.

Review questions:

• Is there a procedure defined for the backup of sent and received e-mails on e-mail clients and e-mail servers?
• Are there rules regarding the minimum and maximum terms for which e-mails can be saved if e-mails have to be saved as official documents?
• Is there a documented procedure for archiving of encrypted e-mails?