RANSOMWARE TRACKING MAPS

Recent problems experienced with Ransomware are evident from infections, which have occurred in 99 countries including China and Russia. The organization that was worst hit by the attack was the National Health Service in England. It was reported that there was a WannaCry programme that demanded...

Cloud Email Migration? Beware Of Unintentional Data Spoliation!

Cloud Email Migration

In today’s litigious society, preserving your company’s data is a must if you (and your legal team) want to avoid hefty fines for data spoliation.

But what about when you move to the cloud?

Of course, you’ve probably thought of this already. You’ll have a migration strategy in place and you’ll carefully select migration vendors to help you get there. All that remains is following the plan, right?

Everything going well, your valuable data will be migrated without a hitch and will be at your fingertips just in case legal or compliance issues arise.

But what if it doesn’t? What if, when you go to pull-up company records, your data is corrupted or not there at all?

That’s when the headache starts. Your legal team starts knocking on your door, compliance officers look to point their fingers at one of your team, and you face a hefty fine for data spoliation.

Oops.

As much as I’d like to say I’m painting a dystopian picture that has very little foothold in reality… that’s just not the case.

Just ask UBS Warburg, West and Phillip Morris.

Now, I’m not an expert on all things data migration, but I do know a thing or two about the backbone of corporate communications: email.

Seemingly innocuous, email is the kind of thing many don’t tend to think much about. You send, receive, agonize over and trash thousands of emails a year. But it’s just email right? How difficult can it be to migrate it to a new cloud service?

The truth is, it’s pretty darn difficult.

Sure, there are lots of email migration vendors out there, waving their hands in the air and jumping up and down saying: “Pick me! Pick me!” (full disclosure: I work for Fookes Software and our product Aid4Mail is right there jumping and waving with the best of them). But how many of them can you really trust?

The fact is, converting email accurately is incredibly complex and we’ve seen very few vendors actually do it well.

Here are just some of the issues we’ve seen come up with poorly converted emails, all of which could result in data spoliation sanctions:

  • Entire folders of emails skipped because of a few special characters in the folder name
  • Unable to render special characters or character based languages (like Chinese, Arabic and Hebrew)
  • Lost attachments
  • Alteration of the SMTP header, this means:
    • Loss of original sent, received and stored dates
    • Loss of email addresses
    • Loss of status information (read, unread etc)
  • Emails being skipped as they’re too large

We even have an example for you:

figure_1

figure_2

And here’s another one:

figure_3

figure_4

So to put this into context, let’s say you produce consumer electronics. You’ve just launched a flagship device after a few years of planning and development. Everyone’s thrilled!

BUT there’s an issue with the battery. It overheats and catches fire in certain circumstances.

A few of your customers’ houses burnt down, a couple of cars caught on fire and around 20 people suffered from burns.

One of the burn victims has leaked some inside information, and now they want to sue you for negligence. The plaintiff is saying you knew about the battery issue and chose not to do anything about so as not to jeopardize the launch.

You’re not worried, you can prove that no one knew anything about it. So, you go back into your archives to pull up all the relevant communication between the project team and your Chinese battery supplier.

That’s when you see that all the emails between the China-based purchasing manager and the battery supplier are all question marks and blank spaces.

The sent date is showing as after the received date and all the emails look like they’re unread.

This, my friends, is data spoliation. Sure it’s not your fault, but you’ll still get sanctioned.

So, what’s the moral of this cautionary tale? Test, test and test again before you choose ANY migration application to move your email to the cloud.

Taking the time now to thoroughly test the application in all scenarios before you commit will pay off in the long run.

###

katie-cullen-montgomerieBy Katie Cullen Montgomerie

Katie is the marketing and communications manager for Fookes Software, the developers of email migration software Aid4Mail.

About CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in cloud connected technology information and services.

We embrace and instill thought leadership insights, relevant and timely news related stories, unbiased benchmark reporting as well as technology related infographics and comics.

SYNDICATED NEWS SOURCES

(ISC)2 and Cloud Security Alliance Host Cloud Security Summit to Help Cybersecurity Pros Securely Harness Cloud Technologies

By CloudBuzz | September 22, 2017

(ISC)2 and Cloud Security Alliance Host Cloud Security Summit Research cites strengthening of cloud security skills top priority over next three years CLEARWATER, Fla. ,Sept. 22, 2017 /PRNewswire-USNewswire/ — (ISC)² today announced it’s partnering with the Cloud Security Alliance (CSA) for the CSA…

Exclusive: T-Mobile, Sprint close to agreeing deal terms – Sources

By CloudBuzz | September 22, 2017

(Reuters) – T-Mobile US Inc (TMUS.O) is close to agreeing tentative terms on a deal to merge with peer Sprint Corp (S.N), people familiar with the matter said, a major breakthrough in efforts to merge the third and fourth largest…

Hack of U.S. securities regulator rattles investors, stirs doubts

By CloudBuzz | September 21, 2017

WASHINGTON/NEW YORK (Reuters) – Wall Street’s top regulator faced questions on Thursday about its defenses against cyber criminals after admitting hackers breached its electronic database of corporate announcements and may have used it for insider trading. The incursion at the…

Leaking Cloud Databases and Servers Expose Over 1 Billion Records

By CloudBuzz | September 21, 2017

Servers Expose Over 1 Billion Records As The Wall Street Journal recently pointed out, some clients of cloud service providers such as Amazon and Microsoft are accidentally leaving their cloud databases exposed due to misconfigurations of their services. Coupled with recent headline-making…

Thales Joins the Microsoft Enterprise Cloud Alliance

By CloudBuzz | September 21, 2017

SAN JOSE, Calif., Sept. 21, 2017 /PRNewswire/ — Thales, a leader in critical information systems, cybersecurity and data security, is now a member of the Microsoft Enterprise Cloud Alliance (ECA). Designed to foster innovation and promote awareness of partner solutions, the ECA membership…

Addressing the UK NCSC’s Cloud Security Principles

By CloudBuzz | September 20, 2017

As your organization adopts more cloud services, it’s essential to get a clear picture of how sensitive data will be protected. Many authorities, from government regulators, to industry standards bodies and consortia, have provided guidance on how to evaluate cloud…