The email data, which is archived is stored on the AWS cloud storage by the Vaultastic system. Vaultastic guarantees data security. The data is secured as explained below
Stage 1: Deposit of the email into the Archive store on Vaultastic.
Mail from your primary mail platform (which could be in premise or on the cloud) is pushed into the Vaultastic cloud using the journaling feature of your mail platform. These mail travel over a secure network since all paths leading into Vaultastic are secured with SSL (256 bit). This means that there is no possibility of wire tapping or sniffing.
Stage 2: Storing the mail on the hierarchical cloud store on AWS
The mail received by Vaultastic in Stage 1 are delivered into the user’s Vaultastic archive mailbox on the hierarchical store and locked to the user’s credentials. This storage cannot be accessed and read by any of the server operators, maintenance staff or any other means. These mail can only be loaded via the end user’s credentials, when he accesses the self service portal to view the archived mail. There is no other way to view those mail.
Stage 3: Safety, Durability, Privacy of the Cloud Store on AWS
The mail data is stored in a hierarchical storage on the cloud spanning a hot store, warm store and a cold store (by age of the data). The data is encrypted and stored for additional security. This data can only be decrypted by the particular instance of the Vaultastic setup, which accesses the store.
Amazon cloud storage uses one of the strongest block ciphers available – 256-bit Advanced Encryption Standard (AES-256).
AWS participates in the EU-US Privacy Shield framework. Click here to learn more. Also have a look at this link.
AWS’s alignment with ISO 27018 has been validated by an independent third party assessor. ISO 27018 is the first International code of practice that focuses on protection of personal data in the cloud. It is based on ISO information security standard 27002 and provides implementation guidance on ISO 27002 controls applicable to Personally Identifiable Information (PII) processed by public cloud service providers. This demonstrates to customers that AWS has a system of controls in place that specifically address the privacy protection of their content. For more information, please visit the AWS ISO 27018 FAQ.
Stage 4: Accessing the archived email from Vaultastic
The end user or the administrator can login to the self service portal and access the archived mail of the user ONLY from the secured web portal. There is no other way or protocol to access the archived mail content. The system does not support IMAP or POP for accessing the archive account. The web portal is accessed over SSL (256 bit) and is protected by a password, which is controlled by strict password policies (complexity, length, history, lockout, and age). In addition, even tighter controls can be established to secure the region of access (e.g. archive accounts can only be accessed from the office network and only from a fixed IP or IP range).
No deletion is permitted by any user or administrator on the Archive accounts in Vaultastic. This makes it tamper proof.
Stage 5: Download mail from the Archive account of a user on Vaultastic
The end user or the administrator can login to the self service portal and download the archived mail of the user ONLY from the web portal. This can come in a PST file or a set of EML files. These are downloaded over SSL.
All the above means that the email is stored in a READ ONLY storage to prevent tampering, is ENCRYPTED to ensure that it is visible only to the user, is AUTHORISED for access only by the end user or administrator with the credentials and is NOT READABLE by the maintenance staff.
It is also possible for you to download email data from Vaultastic in Bulk.