• No results found

ANSWERS TO FREQUENTLY ASKED QUESTIONS

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "ANSWERS TO FREQUENTLY ASKED QUESTIONS"

Copied!
8
0
0

Loading.... (view fulltext now)

Download now ( 8 Page )

Full text

(1)

ANSWERS TO FREQUENTLY ASKED QUESTIONS

Infrastructure & Security Q&A:

How is the solution hosted?

Intermedia's solution is 100% Web based. There is no hardware or software to install and address compliance and archiving. The Intermedia solution will be accessed utilizing a secure, web interface.

What is the maximum number of users the solution can handle?

Infinite. Intermedia utilizes Amazon S3 cloud infrastructure, which allows the unique ability to scale and grow on-demand with no impact on our customers. Should the customer need more computing or storage, Intermedia can intelligently access more of these resources without any changes to customer’s service, network or pricing.

Provide statistics on what to expect for bandwidth consumption.

Intermedia assumes 5.5 - 6 megabytes of data traffic per user per month.

How is customer data stored?

Data stored in the Intermedia archive is redundantly stored in multiple physical locations as part of normal operation of the services and at no additional charge. Intermedia ensures object durability by storing objects multiple times across multiple datacenters on the initial write and then actively doing further replication in the event of device unavailability or detected bit-rot. This is all supported by default in the Amazon Web Services cloud infrastructure. Customer data is encrypted with AES-256bit encryption using a private key assigned to the account, then we batch them together into a 1GB Encrypted package and store it on Amazon's redundant global storage. All messages and attachments are date and time stamped, serialized and written to tamper-proof, dedicated customer WORM storage.

How long is data stored for?

Intermedia offers unlimited storage and retention at a fixed price.

Is there a limit or maximum archive size?

Intermedia offers unlimited storage and retention at a fixed price.

What file format are the archives stored in?

Data is compressed, encrypted and stored in the RFC 822 industry format (EML).

Does the solution support WORM storage? Is the data forensically compliant?

Intermedia has designed and implemented a proprietary software lock so that in the archive each customer is on WORM-like storage (similar to netapps snaplock & permabit) Satisfies FSA type requirements.

Are messaged digitally finger printed for authenticity?

Yes. Because all messages are stored in our secured WORM format it is impossible for the messages to be edited once archived. When data is exported from the system we provide MD5 hash to ensure data is not edited in transit.

(2)

Does Intermedia’s solution allow for efficient archives by storing just one copy of a file or message (Single-Instance-

Storage),regardless of the number of times it occurs or where it is stored?

Intermedia provides a fully redundant, unlimited storage model for the archive. The system has a series of proprietary compression technologies that are used to reduce our storage needs. But the customer is never charged for the storage usage.

Does the solution allow for the encryption of data during data transport?

Yes. TLS and SSL encryption methods are used during transport.

Describe the standards you use for password: (Construction (strength), history retention, length, expiration)

 Passwords must be at least eight (8) positions in length.

 Passwords must contain a mix of alphabetic and non-alphabetic characters (numbers, punctuation or special characters) or a mix of at least two types of non-alphabetic characters.

 Passwords must not contain the userid as part of the password.  Passwords must be changed at least once every 90 days.  Passwords may not be reused for at least 2 years.

 Passwords must be set to an expired state when issued or reset unless system generated.  Maximum of 5 unsuccessful attempts before lockout.

Describe your policy on data mining of customer data?

All data is encrypted using AES 256 bit encryption. Intermedia has no direct access to customer data unless customer explicitly asked and is given login credentials.

How does Intermedia ensure data destruction?

Intermedia uses encrypted disk volumes to protect customer data privacy. If a volume should become dismounted before it is destroyed, the encryption is the safeguard to prevent another non-Intermedia entity from accessing the information stored on the volume. Encryption keys are maintained in an encrypted keystore and only accessible by the software. No data is cached or stored in temporary un-encrypted storage. Data destruction is accomplished by invoking the cloud compute infrastructure API delete functions AND encryption. The combination of the delete function and tossing the encryption key ensures data that needs to disappear is not recoverable.

What functions are auditable? What information is recorded? Where is the information stored? Is the persistence of an audit record synchronous or asynchronous to the action being audited? What are the options available for configuring what gets audited?

All login, search access, message interaction and administrative functions are recorded and audited. The information included is the originating IP, user name, date/time and activity. These audit logs are tamper proof and locked down from the customer site. There are no special configuration options available at this time.

How are resiliency and reliability plus COB accomplished for your SMTP submission solution?

For continuity and failover, the Intermedia’s SMTP ingestion service runs in multiple regional availability zones located in Eastern US, Western US, Ireland, Singapore and Japan. Intermedia’s SMTP ingestion service is directly integrated with the Amazon Web Services S3 taking advantage of its built in geographical diversity. In case of a catastrophic event, Intermedia SMTP service nodes can be dropped within minutes into non-impacted availability zones for continuity of service.

During a COB / Disaster Recovery / Network Outage event, how do you resynchronize your storage and metadata (indexes, configurations, databases) to be consistent? How long does this take?

Outage event has not previously occurred due to clustering. Underlying storage is based on “eleven 9s” of durability. In the event of a data loss re indexing speed can exceed 1 billion documents per day.

(3)

How does the solution capture mail (e.g. log shipping, journaling, MAPI)? What capture methods are available?

Intermedia utilizes journaling to stage emails for archiving. Archiving collections happen by IMAP pulls or SMTP pushes. 1. Push – Customer would configure mail server journaling to push email via a secure SMTP stream to a unique

SMTP address that Intermedia provides for our customers.

2. Pull – Customer would allow Intermedia to connect to their Exchange server via IMAP over SSL (port 143, 993 or others) on a scheduled basis daily.

Does the solution capture all emails before they reach the recipient’s mailbox?

No, journaling stages the emails for archiving followed by a push (SMTP) or pull (IMAP) of journaled emails into the archive.

How are users provisioned within the Intermedia archive service?

Intermedia administrators have the ability to either manually add users or they can leverage LDAP integration. LDAP integration gives you the ability to leverage your directory information to provision and manage archive users and related attributes. LDAP integration is designed to help you streamline user provisioning, management, and authentication.

What Operating systems are supported?

The Intermedia solution is OS / platform agnostic.

Can the solution handle multiple email domains?

Intermedia can simultaneously support an unlimited number of domains and environments.

Does the solution allow for role-based administration?

Yes. There are 4 basic levels built in to the solution.

1. Search Admin: does global searching, access to ALL email.

2. Search admin plus: within admin interface, settings reports and policies are also accessible (that are normally in the admin only). Look but not touch.

3. Search User: only sees results of a search the admin executes. Can export from the set they are looking at. 4. End user: individual who can see & search own archive only. Can export own email.

Does the solution allow end users seamless access to messages in the mail client? If so, does this require stubbing? Please describe.

Yes, Outlook uses folders accessing the end user web interface. This provides archive access with no plugins or software required. Stubbing is not required.

Can Intermedia selectively archive users?

Yes. Intermedia has the ability to selectively journal users based on storage groups / databases and through premium journaling rules.

Does the solution capture all content types (e.g. messages, attachments, tasks, calendar entries, contacts)?

Intermedia captures all emails and email attachments (mail enabled items). Intermedia captures all envelope and email header data such as received date, To, CC, BCC and various other x-header information associated with the email message.

How does Intermedia perform reconciliation of each SMTP message submitted from the mail server so that each transmitted message is correlated to message ingestion within your archive?

Supported. Intermedia has developed a separate database service that runs outside of the archiving service. Its sole purpose is to analyze, audit and report on potential data integrity gaps within the archive. Customer data entering the Intermedia archive service is immediately written to highly redundant storage in the form of an encrypted archive

(4)

Does the solution support contemporaneous indexing of email and all attachments?

Yes, all collections are indexed and submitted to the archive at the same time.

Describe how your solution associates objects with user names and records for employees and if it uses well-known methods such as Active Directory and Human Resource Databases.

Intermedia integrates with Active Director and other LDAP enabled services for access control and to associate object classification, disposition and access. (99.99999% data durability)

Does the solution have the ability to monitor system health and report problems via e-mail, or other mechanism, to support staff?

Yes. Intermedia constantly monitors the entire service (infrastructure & application) for compliance, service health, and data integrity. Systems and Network Engineers monitor the status of the archive service on a daily basis using automated tools allowing them to review reports and respond to hardware / software alerts quickly & efficiently.

Discovery & Retention Q&A:

Describe how the service offering could enable eDiscovery, such as forensic analysis, audit ability, and other similar governance requirements.

Intermedia offers the ability to request, locate and acquire electronically stored data. The archive service supports full stemming, wild card, boolean logic, proximity logic, fuzzy logic, character replacement and quoted “phrase” searches. Searches can be done by sender, recipient, subject, date range, or by message only, or by attachment only, and by message header properties. Search results can then be assigned to outside counsel for review. Legal holds can be placed on specific data to supersede retention polices. A complete audit trail is kept on all actions performed.

Does the solution allow retention policies to be set to any length (i.e. 15 days, 1 month, 2 years, 10 years etc.)?

All emails will be retained on the system for an infinite period of time until an administrator enables the retention policy. At which time emails older than the retention (not on a legal hold) will be purged. Retention time frames can be set to any time frame.

Does the solution provide an audit trail?

Yes. Once a user logs in an audit trail tracks every move. Access, viewing emails, adding categories, every single action. All user types. Access to see: search admins (for searches). Account admins for everything.

Does the solution provide a way to categorize messages and or search results?

Yes. Searches can be categorized by default tags or buckets (Save, Reviewed, Starred, Attention) or custom tags can be created. Messages can be flagged for attention, or with custom tags that can be created and then messages categorized by those specific tags.

Can the solution capture mail only for groups or end users who are in a policy?

This is dependent on mail server journaling capabilities.

Does the solution allow for the capture of mail for both individuals and entire data stores?

This is dependent on mail server journaling capabilities.

Does the solution allow retention policies to be applied to individual users, teams, departments and/or entire organizations?

Currently, the archive service allows for a single retention policy for the entire organization. Roadmap plans to provide this feature are going to be included in a future release, ETA Q1 2013.

Can data archived be imported into other products? What would an exit strategy look like?

Intermedia would export the data to the RFC822 format and either ship the data back or make the data available for download.

(5)

What format can search results be exported to?

Search results can be exported to .pst, .eml, .txt, .html, .pdf as well as .nsf.

Does the solution have the ability for authorities or outside counsel to search the entire enterprise archive including message body, text, subject, sender, recipient, dates, attachments, keywords and metadata for targeted information?

Yes. The Intermedia solution provides role-based permissions. One of these roles is called the Search Administrator. The Search admin has the ability to search the entire global archive and create searches based including but not limited to message body text, subject, sender, recipient, dates, attachments, keywords and meta data.

What type of searches can be performed on the email archive and does the solution support queries using Boolean logic?

Yes Boolean logic, proximity and fuzzy logic is used. The archive service supports full stemming, wild card, and character replacement and quoted “phrase” searches. Searches can be done by sender, recipient, subject, date range, or by message only, or by attachment only, and by message header properties.

Does the solution have the ability to produce hard and soft copies of reports including detailed and summarized information regarding the size, age and composition of the archived data?

Yes. Intermedia provides a dashboard view, which provides information on number of messages in archive, size of archive, last collection data and size of last collection. This information can be exported to a pdf file.

Does the solution have ability to merge legacy email from the corporate email system into the archive and to flag the merged content so that users can identify messages for which chain of custody cannot be completely determined?

Yes. Intermedia can add a customer x-header to the messages which can be searched on later, or create a search for all emails once import has completed and then tag all emails with custom tag denoting an undetermined chain of custody.

Does the solution associate imported emails with the correct mailbox and distribution lists?

Yes. Intermedia supports the ability for users to link their accounts to any aliases they send via, additionally for the administrator to import users with their aliases during account creation.

Does the solution provide a mechanism for collecting locally and network stored .pst files and move them into the archive?

We can provide access to an industry standard utility in order to locate and pull in this data.

Does the solution prevent individuals from permanently deleting messages from the e-mail archive?

Yes. The Intermedia solution provides a single global retention policy custom to the customers needs. This is the only way data can be removed from the archive.

Legal Hold Q&A:

Does your solution have the ability to place a legal hold on data?

Yes. Legal holds can be placed on individual messages and search results.

Can records under legal hold be identified?

Yes. The Intermedia archive service has the ability to identify records under legal hold

Does the solution provide for the automatic designation of mailboxes and distribution lists for legal hold?

(6)

Does the solution provide for the automatic flagging of messages for legal hold?

Not supported at this time, we plan on bringing features in a future release that will support a similar method of automated tagging/legal hold.

Data Import Q&A:

Describe your data conversion approach and the availability of any standard conversion utilities. (how do you import legacy data into the archive?)

Intermedia can successfully import a variety of mail file formats, therefore we have adopted a standard of preparation that is replicated for all file formats, whether PST, MBX or NSF amongst others.

For your archive ingestion, describe how do you handle de-duplication of the same message that may be ingested more than once and if this is reflected on your transmitted/received reconciliation report.

Intermedia currently does not de-duplicate messages at the ingestion and storage level. Based on the requirements of the customer, a user can choose to de-duplicate at the application layer

Describe your real time ingestion solution’s ability to be insulated and segregated from workloads that happen in batch and data at rest incorporation activities that occur in ad hoc fashion.

The Intermedia solution has been designed from the ground up to segregate and insulate the ongoing ingestion and processing work from the ongoing application activities and batch processes. We accomplish this by utilizing Amazon Web Services S3 for encrypted storage and separating archiving/indexing functions from website and backend work.

Describe your batch solution’s ability to alert on a successful, failed, and partially ingested batch process

Supported. The Intermedia archive service provides a nightly report via email to the designated person which details all collection / ingestion processes.

Describe your solution’s ability to support batch ingestion and segregate / not impact performance of real-time ingestion, incorporation, and electronic discovery tasks

The Intermedia solution has been designed from the ground up to segregate and insulate the ongoing ingestion and processing work from the ongoing application activities and batch processes. We accomplish this by utilizing Amazon Web Services S3 for encrypted storage and EC2 (Elastic Compute dispersed in availability zones) for separating archiving/indexing functions from website and backend work. We are not constrained by those found in a highly utilized shared database and file system.

Describe your data rate of ingestion of batch sources (e.g. how fast can you ingest a PST of a specific size, etc) and how are you able to scale this activity without impacting real time sources?

The rate of ingestion by PST file varies greatly by the number of items per folder within the PST. With that said, Intermedia can process over 300 GB’s of PST’s per day on average once they are staged on our S3 cloud storage platform. The process of ingesting PST’s is not confined by access to a shared file systems. Intermedia can add a high volume of EC2 (Elastic Compute) instances whose sole purpose is to ingest, archive and index PST files. The work is distributed via an AMQP service, which manages all the sub-tasks on various queues, that the compute PST processing instances draw work off based on available worker threads.

Describe cost factors of your solution to purchase to scale real time ingestion (i.e. Licenses, Servers, Bandwidth, etc) per each real time growth step.

The cost factors for data ingestion are based on the amount of data being ingested. It is priced per GB and discounts are considered based on the volume of data.

Does your solution support preservation of internationalized character formats such as European Complex Language character sets, Asian Double Byte Character Sets, and Middle Eastern Characters?

Intermedia supports the preservation of these internationalized character formats in the archive and the index. Our solution supports preservation of all data in its native format--including internationalized character set formats.

(7)

Each supported message object is indexed using a defined, hierarchical indexing schema.

How are orphaned messages in the archive managed? And reported? And reclaimed?

Intermedia archives all messages including malformed email messages that maybe missing the necessary headers for proper archiving and indexing. These messages are reported monthly to the customer (upon request) and reprocessed into the archive after any needed technical enhancements to the indexing service.

Describe how your solution maintains identities for departed employees that may have left the firm or been divested.

Intermedia will continue to maintain the archive data for departed employees with their last known group memberships. A customer can classify departed employees into a designated “former employees” group for a final identification of their associated data within the archive.

Describe how additional metadata be associated with messages and how this can be used in your solution.

Intermedia records metadata associated to messages from the time of capture, as well as, through the lifetime of the message in the archive. This metadata can be used to differentiate search access based on various classifications found in the metadata. (user folder synchronization, marked reviewed, exported, viewed, forwarded (to whom), legal hold, etc).

Describe in detail your solution’s indexing technology and database technologies used.

Intermedia has built a proprietary cloud based search solution based on Lucene that provides high availability, scalability and performance in a cloud environment

Describe in detail your solution’s ability to index in real time or near-real time, objects coming into the archive.

Intermedia can support the highest rate of document indexing in excess of 100 million documents per day, with the ability to scale horizontally beyond this.

Does the solution have the ability to monitor system health and report problems via e-mail, or other mechanism, to support staff?

Yes. Intermedia constantly monitors the entire service (infrastructure & application) for compliance, service health, and data integrity. Systems and Network Engineers monitor the status of the archive service on a daily basis using automated tools allowing them to review reports and respond to hardware / software alerts quickly & efficiently.

Describe your data conversion approach and the availability of any standard conversion utilities.

Intermedia can successfully import a variety of mail file formats, therefore we have adopted a standard of preparation that is replicated for all file formats, whether PST, MBX or NSF amongst others. The following section for PST Import Guidance explores the popular PST formal, commonly used by Microsoft Outlook, but is not limited only to PST file formats. You will need to provide each PST file as a separate file, which must not be secured with any password protection. Simply name the PST file and copy it onto the hard drive you will be shipping.

PST files may be generated either: > directly by your users OR > via an automated application such as exmerge, which extracts messages from your Exchange Server into a collection of pst files.

Note that the PST file format can hold information other than just messages. For example, tasks, notes and contacts. The information is actually stored as a message and can, if required, be imported into the archive. However there will be no differentiation between these various information types. Imported data is search able by email and or attachment. The import process requires that all the messages subject to import must be transferred to our Data Centre’s prior to processing. The data can be sent to the archive in two ways. SFTP upload or hard disk shipment. If the data needs to be retained on a legal hold – it must be extracted and made available to Intermedia for import in the way it is held.

(8)

import and then immediately create searches that will define those emails to be placed under legal hold. As the data import team completes the data import we will report back to the customer and update them on the status of the data that was imported. When the entire data import has been completed we will report back the amount of the data that was imported to the system.

References

Download now ( PDF - 8 Page - 571.48 KB )

Related documents

HiPath 3000 V6.0. High-Performance Modular Communications Platform for Small and Medium-Sized Enterprises

Corporate communication networks can be implemented using permanently connect- ed digital trunks between several HiPath systems with the CorNet NQ protocol and between HiPath

Grammar Learning Strategies Applied to ESP Teaching

First of all, teachers should be aware and emphasize that they could provide strategies-based instruction of grammar to ESP learners and find what kinds of strategies are useful

Bioaktive Inhaltsstoffe der Gattung Curcuma L.

Zwar konnten die beiden Individuen aufgrund fehlender Infloreszenzen nicht eindeutig bestimmt werden, dennoch ist es trotz der geringen Menge an vorkommenden

Insolvency

However, if the SEC finds that the debtor is insolvent and can no longer be rehabilitated, the SEC can order the dissolution of the debtor and the distribution of

White Paper. SmartStart : Outsourcing 2.0 in Action

outsourcing success is likely based on both client and service provider sharing focus across key areas of the engagement, but approaching each area of focus from their own

EUCIP Software Developer

− Appreciate UML Dynamic Modelling techniques (e.g. STDs, Sequence and Collaboration diagrams). − Appreciate UML Design and Architecture Modelling. − Evaluate OO lifecycles,

BUSINESS & START-UP & DEVELOPMENT STUDY GUIDE FOR MODULE ONE

The business plan should set out clearly and honestly what the activities of the business will be in order to achieve its objectives; particulars, such as the skills, knowledge

Answers to Commonly Asked Questions

After you conclude your meeting with BPPR, take the information gathered in Steps 1 through 3 and visit the Department of Environmental Health (DEH) counter, which is also located