- August 11, 2020
What Is Exchange Journaling & What Are Best Practices?
- Archive360 Team|
- July 29, 2019
What is Exchange Journaling, why do we need it and what are the alternatives?
Exchange Journaling has been the backbone of corporate compliance for decades. You probably already use if for eDiscovery or to aid internal investigations and audits by your security and HR teams and know how crucial it is in enabling your business to comply with a wide range of regulations.
If your organization is currently or planning to Journal in Office 365, check out our email Journaling in Office 365 guide.
Want to learn more about Exchange Journaling in Azure? Talk to one of our experts.
You’ll also be well aware that Exchange Journaling operates on-premises and stores a ghost copy of every email sent and received by all or selected users within your organization. The process means an exact copy of an email can be retrieved at a later date if required and, in many cases, creates a second copy of every email that passes in or out of your office walls, building up over whatever retention period is set by the policies or regulations you adhere to.
If you think about how many emails are sent and received by your business every day, then how many were sent in the last year, your thoughts will likely go straight to storage. Yes, journaling is a huge burden in an on-premises scenario but it’s one that many compliance and legal teams rely on to ensure the business fulfils its policy obligations and meets requirements. Despite many technology advances in recent years, this somewhat dated process is in widespread use and shows no signs of being replaced any time soon. But are there options that could enhance your journaling solution in the cloud-era? Could you benefit from doing away with your on-premises Exchange Server as part of a business-wide migration? And what alternatives to traditional Exchange Journaling exist?
The birth of journaling
Journaling was born in the on-premises era, a time of increasing email usage and huge desktop-based PCs (not to mention the huge shoulder pads, hair and glasses) during which businesses were still getting to grips with digital files and data retention. Microsoft, in response to a new SEC requirement, launched the “Journal Mailbox” for Exchange in order to help some of its biggest customers demonstrate their compliance by holding on to “golden copies” of their emails in case of an investigation. Today, with GDPR and many other regulations for businesses to follow, the retention and accessibility of data, including emails, is arguably even more important.
Exchange Journaling in the modern world
Journaling has many benefits to a business, especially those in the finance sector. The fact that your business uses Exchange Journaling means that, even if you’re not required to comply with specific regulations at present, you’re prepared to should the need arise. This might include accessing emails from an individual or the entire business between specific dates, in the case of a legal request, or demonstrating compliance to a regulator. We’ve listed some of the more common regulations below that may impact your business at some stage if they don’t already.
Exchange Journaling helps organization comply with:
- Sarbanes-Oxley Act of 2002 (SOX)
- Security Exchange Commission Rule 17a-4 (SEC Rule 17 A-4)
- Health Insurance Portability and Accountability Act of 1996 (HIPAA)
- Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001 (Patriot Act)
- European Union Data Protection Directive (EUDPD)
- Japan's Personal Information Protection Act
- National Association of Securities Dealers 3010 & 3110 (NASD 3010 & 3110)
- Gramm-Leach-Bliley Act (Financial Modernization Act)
- Financial Institution Privacy Protection Act of 2001
- Financial Institution Privacy Protection Act of 2003
Beyond regulation, Exchange Journaling can also be useful in a number of areas across your business. It enables teams to conduct audits of emails, reviewing their content to ensure communication with customers meets quality standards and complies with policies. That’s why, even with alternative solutions available, an on-premises solution from the 90s is still very much alive and well today. The problem is, the cost of doing it is going up as more and more organizations do away with physical servers for the flexibility of the cloud.
Isn’t mailbox archiving the same as Exchange Journaling?
In a word, no. The two do share similarities but are very different beasts. While archiving and journaling are effectively doing the same thing – storing data for access later – the way in which they do it is what defines their differences. Whereas archiving is also the act of moving email from one place (the live mailbox) to another, journaling does it more immediately and creates an irrefutable record that archiving does not.
At a basic level, only journaling guarantees the capture of an email in its original form, a cornerstone of compliance. Journaling grabs an email the moment it is sent or received and copies it there and then, removing the ability for anyone (unwittingly or intentionally) to delete, alter or in any way manipulate the original. It’s this feature that makes it different to archiving. While, of course, archives are still searchable and can be very useful for eDiscovery purposes, there’s not always a definition as to whether or not the email is the original. Like any backup or disaster recovery solution, a mailbox archive runs on a schedule, not at the point where an email arrives or is sent. This allows for emails to be deleted, edited and overwritten and could create holes in any regulations your business might adhere to.
Exchange Journaling, then, is a necessity for many businesses. So why would you consider archiving instead? The fact is, you probably don’t see it as an alternative. If you journal, you journal and that’s it. However, in a cloud-centric world, it’s highly likely you’ll be looking to move away from on-premises in other areas of your business, even if you do retain servers for Exchange. Simply put, the argument here isn’t whether to journal or to archive, but how best to journal while making use of cloud-based archiving. And there are benefits on both sides.
- It’s so easy. If set up correctly, journaling can be something you set and forget with the peace of mind that’s it’s just working in the background.
- It ticks the boxes for regulators. Many governments and regulatory bodies require journaling as a measure of compliance.
- It’s what you’ve always done. If it ain’t broken since the 90s, why fix it?
- People want to find their stuff. Archives are far more end-user centric and easy to search.
- It provides access to the cloud. Archiving in the cloud offers greater value, flexibility and more powerful tools than on-premises servers.
- It gives existing storage a boost. Archiving data away from the servers you use for Exchange mean performance can be increased and costs reduced.
Things to think about when using Exchange Journaling
Given that it’s been around for so long, Microsoft has developed a powerful tool in Exchange Journaling with a wide range of features to make the process as simple and seamless as possible. One such tool is the Journaling Agent, which processes emails as they arrive and travel to mailbox servers. It works alongside another element of Exchange Server called the transport pipeline, a collection of services, connections, components and queues that routes both internal and external emails sent and received by your organization. By manipulating this pipeline, you can define exactly how emails are handled and the way in which they are journaled.
Journaling can be configured in Active Directory and enables you to set specific rules that determine the routing that takes place. Envelope journaling (the only journaling method Exchange uses) is also important to understand. This technique creates a journal report when a message is journaled which includes the original, unaltered message as an attachment, and a summary of the email, including who it came from, who it was sent to and the subject. However, it’s worth knowing that, should you opt to use a third-party archiving solution (which we’ll come to later), encryption issues may come into play with journal reports when Information Rights Managed emails are sent or received. Most won’t be able to decrypt such messages which means your ability to search journals will be limited. This is definitely something to think about when planning what to do with your existing journaling solution.
Understanding Exchange Journaling rules
Exchange Journaling is, on the surface, a fairly simple process. An email comes in or is sent and its contents are journaled. However, you do have the flexibility to determine what is captured by setting rules. These include the following:
Effectively, this is the person or people whose emails you want to journal. Once you have selected a journal recipient, messages sent or received by them will be journaled based on the additional rules you set for the mailbox. While it might be useful to journal a single user or a handful of them (C-level executives, for example), you also have the option to set a journal rule for groups or your entire organization. The rules you set here will determine how much storage is required, where, of course, a single account will require far less space than an entire organization.
Journal rule scope
Here you can specify exactly which type of emails you want to journal for the user or users you chose above. This can include all messages, meaning more storage but a broader record, or can be limited to only internal or external messages. It’s worth noting that, according to Microsoft, journaling all messages may lead to duplication of journaled messages that had already been journaled using the internal or external only scopes.
A crucial part of the journaling process. Where do you want all these journaled emails to go? You can specify a single journaling mailbox for all journal rules or chose individual mailboxes for each rule if required. Crucially, wherever you choose to store your journaling, it has to be secured given the amount of sensitive information it may contain. This, in addition to storage cost, raises further questions about next steps. Do you continue to store journaled email on-premises or look to a third-party solution? It’s quite possible that a cloud-based storage option might better meet your security and cost requirements than sticking to an office-based Exchange Server.
What are your options for Exchange Journaling when moving to the cloud?
Of course, everything discussed so far is in relation to on-premises storage. As mentioned previously, you might be considering a move away from your traditional set up and see the cloud in one form or another as an ideal option. While this is true, it’s important to understand that the process of moving a journal to the cloud isn’t something to be taken lightly. For example, during migration, it’s important to ensure all of your journaled data is transferred, or you could end up out of compliance. With that in mind, there are a number of options open to you beyond just sticking with an on-premises Exchange Server.
Your options for Exchange Journaling in the cloud
Keep an on-premises Exchange Server for Exchange Journaling
It’s possible to keep your Exchange Server on-premises while conducting other business activities in the cloud. However, this still means you have to handle the cost and ongoing maintenance of on-premises storage.
Have a third-party SaaS solution handle your journaling repository
Microsoft recommends keeping an on-premises Exchange server as the journaling repository but also suggests that a third-party cloud provider could help. This is an option to fully consider before committing as there are limitations and significant complexity that can come from it. For example, you might be locked in to the standards of the provider, not your company when it comes to security, data location and access. Third-parties also tend to “explode” legacy journals and migrate their vast content to the cloud which is not an ideal on option from a cost perspective.
READ MORE: Journal Explosion and Regulatory Compliance - A Volatile Combination?
Use Exchange Online
By moving from Exchange Server to Exchange Online you can carry out journaling in the cloud as well as defining a cloud-based storage location for your journals. This also removes the need to back up your servers as disaster recovery will be handled by Microsoft.
Use Office 365 for your email and use a third-party
Of course, shifting your email to Office 365 is one of the most effective ways to move your corporate communications to the cloud, but it comes with a catch. Office 365 doesn’t allow for journaling mailboxes. This is why, as above, Microsoft recommends retaining an on-premises server for journaling or working with a third-party.
Move legacy Exchange Journaling and live journaling to your own cloud
There is, however, another option when it comes to journaling in the cloud. Rather than continue to deal with the cost and inefficiency of on-premises or the restrictions of a third-party vendor, consider a solution that makes things easy and keeps everything in your own cloud.
Why take Exchange Journaling to your own cloud?
Let’s think about that last option for a moment. We can agree that journaling is essential to your organization, but the cost and inflexibility is something you could do without. So, as part of a company-wide migration to the cloud (something you’re likely thinking about if not already undergoing) why should journaling take a back seat? The truth is, it doesn’t have to. It’s perfectly possible to migrate your legacy Exchange Journaling data and combine it with live journaling streams in the cloud while ensuring you retain complete control over security and compliance.
The low cost and unlimited scalability of public clouds like Microsoft Azure are the best option for many areas of a business, from analyzing employee sentiment to conducting audits and responding to eDiscovery requests, so why wouldn’t you want all of your data based there?
READ MORE: eDiscovery For Office 365
The dream archiving solution for journaling
Using your company’s own low-cost cloud infrastructure, you could mitigate several issues that arise from your current situation and the alternatives we’ve already highlighted. From ensuring that you are in control of every aspect of your infrastructure to accessing the latest and greatest tools as they are released, the cloud offers a flexibility and power not possible with on-premises deployments. With journaling handled in your own cloud, there’s no need to rely on a third-party or be beholden to their decisions on security or data access. You control the policies, the tools you use and where your data is located, and you can access your own encryption keys.
The challenges of Exchange Journaling in a cloud-based world
- Exploding legacy journals through a third-party so you can migrate the individual emails into custodian mailboxes is not supported by Microsoft and, for financial services companies, may put you at risk for SEC 17 non-compliance.
- Utilizing shared mailboxes for journal data is no longer possible in Office 365 due to the reduced storage limit of 50 GB.
- Keeping your on-premises Exchange server active is costly.
- Using a proprietary third-party cloud can be expensive and risks the issue of vendor lock-in.
The benefits of moving Exchange Journaling to your own cloud
- Legally defensible onboarding migration
- Complete control over your data
- Flexible and global data insight
- Legal chain of custody with full audit trails
In a world where every business is either considering a move to the cloud or is already in it, the idea of paying mounting costs for on-premises storage is becoming unpalatable. In the cloud, you have the choice to store legacy archives in a different but no less secure or accessible way to so it can cost you far less. Additionally, your live journal stream can be stored directly in the cloud, further mitigating the need for on-premises equipment. This is especially important for businesses that are growing either through hiring or acquisition. Suddenly adding hundreds or thousands of employees would mean a significant spend on servers in the on-premises world, whereas the cloud offers scalability that can expand with your business. It also enables you to access your data faster, speeding up eDiscovery searches and providing access to the powerful tools your compliance and legal teams need to do their jobs effectively.
Archive360 and Exchange Journaling Best Practices
Of course, as archiving experts, Archive360 well understands the relevance of journaling and ensures that those businesses looking to move to the cloud can ensure no interruption to their compliance activities as they migrate.
Archive360’s Archive2Azure platform enables you to onboard your legacy journal data and stream live journal data while keeping the journal contents completely intact, with zero metadata loss or data conversion. This means that your sensitive legacy and live journal data always stays in your Microsoft Cloud under your direct control and isn’t wrapped or converted as is the case with many third-party vendors. Archive2Azure provides full data migration and cloud management of your journal data, all in one solution, enabling you to take advantage of your Azure tenancy to store and manage your legacy journal data as well as receive live journal data. With this solution, you no longer need to worry about being locked into a contract with a third-party vendor, manage additional issues with shared O365 mailboxes, or put up with the extra expense of keeping an on-premises Exchange server active.
Only Archive2Azure and your Azure tenancy can successfully address the above issues while keeping you in complete control of your sensitive data. It also unlocks additional benefits, including the ability to search video and audio content, something third-parties struggle with, through access to files in their native format.
If this sounds like your ideal option, why not reach out and discuss Archive2Azure with one of our representatives and see how easily you can achieve compliance using your legacy Exchange Journaling in your own cloud.
Archive 360 is trusted by companies like 3M, Netflix, McKesson, Samsung to migrate Veritas / Symantic Enterprise Vault and other major archiving platforms.
If you’re journaling today, the stakes are high.
Your legal, compliance and security teams rely on having an immutable copy of all of your emails. Office 365 archiving does not support journaling. So what should we do?
This eBook provides actionable tips to empower IT to solve the problem.