What are PST files and why do they matter?
PSTs: potentially storing up trouble
Microsoft Exchange Server has dominated the corporate email market for the best part of 20 years, and while commercial use of Office 365 is accelerating (Microsoft reported 60 million business users last November) on-premises Exchange remains deeply embedded in many organizations.
According to a Microsoft-commissioned study in 2013, Exchange still had more than 78 percent share of insourced email in businesses larger than 25 seats across the US, Canada, France, Germany and the UK. That means your organization is more likely to be running Exchange than not, in which case you could well be exposed to security threats, compliance shortfalls and legal ramifications around data leakage, control and retention.
Why? Because most Exchange environments harbor PST files.
PSTs are not just inefficient and an obstacle to modernization. They’re a direct threat to your business. In this brief post we’ll look at what PSTs are, how they became so entrenched, why you REALLY don’t need them, and why you should eradicate them without delay.
For a more detailed look at the subject – independently edited and with a foreword by Tony Redmond, senior contributing editor for WindowsITPro.com – download a copy of The Complete Guide to Eradicating PST Files at Amazon: amzn.to/23esDu0
About PST files
PST files (those with the extension .pst) are the default format for storing offline messages and other items within Microsoft Exchange Client, Windows Messaging and Outlook. Enterprises typically have many thousands of unmonitored PSTs created by users, scattered throughout the infrastructure – on desktops, laptops, removable disks and shared network drives. But most organizations have very little insight into where those PSTs are actually created and kept, or how much data is in those files.
A confidential employee salary listing could be stored in a PST file – but how would the organization determine whether the file exists, who owns it, where it is located, or who should have access to it? As we’ve previously highlighted, the 2014 Sony hack stole at least 179 ‘PST’ mailboxes, including those of an executive at Sony Pictures Canada and one of its IT audit supervisors, as well as many archive and backup PST files.
How did we get to this sorry state of affairs?
A short history of the PST
Originally known as ‘personal storage tables’ to differentiate them from the online storage tables introduced by the first version of Microsoft Exchange Server, launched in 1996, PSTs are also commonly referred to as personal storage files or personal folders. They differ from OST (offline storage tables) because they are standalone files and do not synchronize; the OST, by comparison, works by caching a local slave copy of the online folder.
PSTs were necessitated by the slow networks of the time and the relatively small size of online storage assigned to each user. Some IT departments went as far as halting employees’ email access once they exceeded an online threshold of, say, 30 MB, instructing them to delete files and attachments to free up space before they could use their email again. Alternatively, the employee could move the items to local, personal folders – PSTs – that could still be accessed through the Outlook desktop client.
Being able to store email locally meant that if the network went down users could still access their files (the same principle is still used today by the millions of users who, as individuals, use Outlook but never connect to an Exchange server). In practice, many corporate emails that had been moved offline were rarely accessed again and it would have arguably been more sensible to put them into a central archiving system. Instead, later releases of Outlook were able to automatically detect and move old online items to the local PST, and its ‘auto archive’ feature could create yet another local PST into which old items from the main PST were archived locally. PSTs could even be configured to receive new mail directly.
In these days of regulation and compliance it seems unthinkable that a mailbox format could become so widely used without central management, backup and control. Anyone with a rudimentary knowledge of their PC’s file structure can copy, duplicate, move and create additional PSTs at will. But at the time this approach was common practice across all major email products. It just so happens that Microsoft’s solution outlasted the competition – so much so that today PST use is still growing, at over 50 percent year-on-year in some enterprises.
No organization needs PST files today
Three main shifts have taken place that mean PSTs are no longer required by any enterprise. Firstly, reliable network connections and fast speeds mean today’s users are used to everything being ‘always on’ across all devices; with the exception of the synchronized cache there is no need to store local copies of mail in order to retain productivity.
Secondly, datacenter and online storage has become cheap and plentiful, with easy archiving and backup options. There is no requirement for the kind of local storage that was once needed.
Thirdly – and most critically – boards have woken up to the risks of having uncontrolled data at large. Whether trying to defend against (or even take) legal action, to protect the organization from reputational damage, or even to ensure simple business continuity, the humble PST poses a threat that cannot be ignored.
The only solution is to eliminate all PSTs.
5 key problems with PST files
Not centrally managed: There is no way of confirming how many PST files exist in the infrastructure, where they are, or whether they are corrupted.
Inefficient: Organizations attempting to centralize PSTs using NAS and/or file servers risk data loss, file corruption and Outlook speed reduction.
Inhibit business-aligned change: PSTs are a blocker to modern client architectures involving multiple devices, VDI and BYOD.
Major security risk: Portability of PSTs exposes organizations to data leakage. Susceptible to malware. Encrypted and password-protected files are easily circumvented by attackers.
Legal and compliance obstacle: Organizations cannot enforce retention policies, and legal departments struggle to ensure they have the right data to defend cases.
The business case for PST elimination is compelling. We’ll look at these problems in more depth in a future blog, along with examining the pros and cons of different eradication approaches. But if you want to know more now, here’s that link again: The Complete Guide to Eradicating PST Files.
Thanks to Tony Redmond, MVP @Thoughtsofanidlemind.com for his contribution to this blog. You can follow Tony @12Knocksinna