PSTs are offline files used by Outlook/Exchange Clients. They gained popularity at a time when storage space was extremely expensive, and therefore limited, so people needed to free up space in their mailbox. Even though mailbox quotas have expanded over the years, PST files continue to exist in many organizations.
Macintosh/Apple computers have a similar file format called OLM files. Many organizations with Macintosh deployments face similar problems with both file types.
PST files and GDPR
PST files can pose a significant risk to an organization’s compliance with GDPR. The PST file format is outdated and insecure, which means they’re susceptible to data leakage, poorly protected from hackers, wide open to malware, and easily corrupted. It’s extremely difficult to get visibility of PST usage, so it’s challenging to track how many exist across the organization.
PST problems by department
PST files are a business-wide problem. While the following issues are not necessarily exclusive to a particular area of the business, these roles are often directly impacted by the use of PSTs:
PST files can be located in many places within your IT infrastructure, e.g. local hard disk, removable storage (USB drive) – this makes them difficult to back up or restore.
PST files can be very difficult to identify and collect during e-Discovery – especially in a user-friendly manner.
PST files can easily become corrupted, locked, or lost leading to IT intervention – which is a difficult process, wasting time and resources.
There is no automated way to easily or effectively determine the owner of a PST file located on a shared network drive
PST files are not discoverable in an online system during e-Discovery. This means that they have to be collected every time, delaying or obstructing requests or procedures of this kind.
Sensitive or confidential data that may be stored in PSTs is extremely problematic. These files can be shared, deleted or moved from one network to another, with little to no visibility.
PST files are a significant risk to GDPR compliance effort, as the data is usually unmanaged, unaudited, and is not under retention policy control.
No one is ever confident that all of a user’s PST files have been found. There could always be more on the network, in an unknown location, or an area of the local PC/MAC not scanned.
As PST files cannot be managed or governed centrally, it is almost impossible to meet governance or compliance regulations – like GDPR.
These files are not visible, or easily discoverable on central IT systems. It is very difficult to find out how many PST files exist across the organization.
PSTs can be password protected, but it doesn’t mean they’re secure or encrypted. The file type is extremely vulnerable to hackers, malware, and ransomware. Remember the Sony hack in 2014? Yep, you guessed it – PSTs were the source.
They’re highly portable and can be copied without the owner (or IT) realizing, which presents a huge data leakage risk.
A number of high-profile data breaches or leaks can be attributed to PST files.Can your organization afford to continue ignoring PST files, especially with the new GDPR requirements surrounding data protection?
Organizations need to find all the PST files scattered across their environment, and deal with the data they contain. This involves identifying ownership, decrypting or repairing the PST files where required, and deciding whether to migrate or delete the content, and where the migrated data should go.
Our PST migration solution helps you upgrade your PST files and achieve GDPR compliance. The tool finds PST files throughout your environment, accurately reports where they are and who owns them, and securely moves their contents to Office 365 archives – so that your organizational retention and data management policies can be applied. As part of the upgrade process, you can even filter which data items are imported, to avoid moving unwanted junk content into your managed environment.
If you would like to find out more about the problems with PST files and the technical challenges involved in moving them to Office 365, the following blogs cover a range of helpful PST topics.