Ensure your email chain of custody against both outside and inside attacks

Maintaining a secure chain of custody of your email archives is an essential element of effective data governance. Chain of custody ensures that all archived data is handled properly at all times – that it’s strictly in the hands of those who are authorized to access it. If it falls into anyone else's hands, the chain of custody is broken, and cybercriminals can use it for all kinds of nightmare scenarios.

Nightmare #1: Held for Ransom

Last December, a chain of custody breach at the police department in Cockrell Hill, Texas, led to a costly ransomware attack. Because the files fell into unauthorized hands, it’s considered a break in the chain of custody.

According to local news reports, the attack occurred when someone in the department clicked on an email that appeared to be from a department-issued email address and carried a virus. All files on the server were corrupted. The town refused to pay the ransom and the department lost eight years of digital evidence.

Nightmare #2: Home Invasion

“Ransomware attacks weigh heavily on enterprise IT admins, and for good reason, but internal data theft deserves equal attention, if not more,” cautions Robert Douglas, president of PlanetMagpie IT Consulting in Fremont, Calif. He offers this scenario: An employee copies data from a company department’s archives takes it out of the office, then sells it to a competitor. This occurs much more often than people realize and costs businesses billions every year in lost intellectual property, costly recovery attempts and profits.

“Because the company didn't take the appropriate steps to protect its data, nobody knows this happened,” Douglas says. “The other entity could use the data for months or years without detection. You need appropriate data permissions and logging to safeguard against this threat.”

Nightmare #3: Being Exposed

HIPAA and HITECH set standards for data privacy and security provisions to safeguard medical records. Private information falling into unauthorized hands constitutes a breach in the chain of custody, and, for the violators, leads to stiff fines.

The U.S. Department of Health and Human Services maintains an online “Wall of Shame” that lists healthcare organizations that have experienced an unauthorized release of health information involving 500 or more individuals. According to the agency’s Office of Civil Rights, more than 113 million medical records were hacked in 2015. An October 2015 report from Accenture estimates that cyberattacks will cost healthcare systems $305 billion in revenue over the next five years.

Monitoring the chain of custody entails harnessing the right set of technologies to keep these cyber threats from keeping you up at night.

 

 

You may also like:

Don't Rush Legacy Archive Migration – Two Big Reasons Why

Why You Don’t Want to Rush the Migration…

Why You Don’t Want to Rush the Migration of Legacy Archive D… Read More >

Margot Carmichael Lester

by Margot Carmichael Lester

Mimecast Contributing Writer

Posted Oct 16, 2017

Archiving Today - Your Digital Memory

Get Ready to Think Differently About Arc…

Get Ready to Think Differently About Archiving What does th… Read More >

Peter Bauer

by Peter Bauer

CEO and co-founder

Posted Oct 10, 2017

Cloud Archiving: Perception vs. Reality

Perception vs. Reality: Get the facts ab…

Perception vs. Reality: Get the facts about cloud archiving … Read More >

Margot Carmichael Lester

by Margot Carmichael Lester

Mimecast Contributing Writer

Posted Oct 06, 2017