Compliance

MailStore Server has been audited according to the German IDW Auditing Standard 880, Issue and Use of Software Attestation Reports (IDW AuS 880). The IDW (Institut der Wirtschaftsprüfer in Deutschland e.V.) is a Member of the International Federation of Accountants. The Standard IDW AuS 880 corresponds to the requirements of Sarbanes-Oxley Audits (SOX) which reviews controls, policies and procedures during a Section 404 audit.

The audit along IDW AuS 880 considered aspects like integrity, accuracy and auditability of software products.

Technical Features

Completeness
With MailStore Server, emails can be archived immediately upon sending and receiving. Businesses with Microsoft Exchange Server can do so by archiving the Journal mailbox; businesses without Microsoft Exchange Server can use the MailStore Proxy server which is available to all MailStore Server customers free of charge. Additional information about archiving all incoming and outgoing emails automatically is available in the MailStore Server manual.

Accordance with the Original
All emails and file attachments are archived without any loss of data; they are MIME compatible and can be restored at any time.

Ensuring Long-term Access to the Archive
MailStore Server does not tie to a proprietary file format. All archived emails can be exported in one easy step and at any time in standard format according to RFC822, which has been in existence for over 25 years. The exported files can be opened and processed by most email applications. In addition, MailStore offers a wide range of export and recovery functions.

Implementation of Retention Periods
Emails can be stored in the archive in blocks sorted by year or month, for example. More recent blocks (e.g. less than ten years old) can be write-protected, while older ones can be completely detached from the archive.

Data Confidentiality
An integrated system of privileges ensures that only authorized users are able to access each archived email.

Preventing Users from Deleting Emails Intentionally or Unintentionally
Through the MailStore user management, users can be entirely prevented from deleting any emails.

Preventing the Manipulation of Email Contents
MailStore uses different procedures and technologies to prevent the manipulation of email contents:

• Creation of SHA1 hash values using email contents
• Internal AES256 encryption of email body and file attachments
• No direct access to the archived data using MailStore Client software
• Modification of email contents is neither provided for in the graphical user interface nor internally within the program
• Automatically archiving all emails immediately upon sending and receiving prevents them from being manipulated before being stored in the archive
• MailStore Server directly supports the additional backup of data to WORM media; this can also be done by applications of other manufacturers, if needed

Beyond that, IT administration must ensure that only authorized persons receive direct access to the MailStore Server system and the underlying archive data.

Access to the Archive for Auditors
MailStore Server provides for the setup of user accounts with read-only access to the entire archive or parts thereof. Using the full-text search feature of such an account, auditors can browse and view the archived emails and, if needed, export individual or all emails in various formats for further use.

Direct contact and consultation
Phone: +49 (0)2162 - 5029912
Email:

Download now
Free 30-day trial version