With GDPR regulations becoming a reality this month, many organisations are attempting to remediate their PST security threat.
What’s the problem with PST files?
GDPR requires organisations to identify all personal identifiable information (PII), but how do you do this for PST files? Furthermore, if you don’t know where all your PST files are how can you discover the data?
Another GDPR requirement is that organisations are required to retain PII data only for as long as required. This means that for data within a PST file you will need a method for setting a retention time.
GDPR requires that PII data is secure but PST files can easily be corrupted due to either hardware issues or software issues. As a result, the data in the files can become inaccessible and data is lost. The fact that these types of files are portable also counts against them when we need to limit access to the data contained in them.
Part of becoming compliant with GDPR is to be able to discover PII, once files are in a secure container they can be easily discovered and classified*
What is the solution?
These files will need to be incorporated into existing containers like Exchange on premise, Office 365 or archiving solutions like Enterprise Vault. Enterprise Vault itself has a set of built-in tools for PST migration which are robust and recommended for a small number of files or data. When you have a larger PST environment that you wish to eliminate totally then you need to consider more powerful tools.