Journaling has always been an essential legal component to managing email. For readers who may be unaware, journaling is the process of redirecting all incoming and outgoing messages to a specific datastore to satisfy any legal inquiries that may require a company to provide a complete record of all messages. Generally, this is accomplished by pushing all messages through a separate server as emails come in and out of your email environment.
Regardless of whether email is hosted in the cloud or in an on-prem environment, journaling is still prevalent today. We see some email solutions beginning to include this practice as a standard or add-on feature, one being Office 365 E3 licenses and above and another with Google Vault.
The problem with the inclusion of journaling tools in cloud environments has led many admins to believe journaling can serve as a backup solution, which is a dangerous mistake to make.
Journaling Ignores Backup Best Practices in Office 365 and G Suite
- No secure, independent copy is made
- Unintuitive design makes for a slow recovery process
- “Live restores” are often unavailable; emails need to be exported first in order to access
The first point of contention: journaling simply ignores many of the core tenants of a good backup tool. For example built-in journaling tools like Microsoft’s legal hold feature doesn’t store data in a separate, independent location, which means a record of emails is vulnerable to any disaster that affects production.
The second point of contention: a reliable backup tool needs to be dead simple to use in in order to recover data quickly in the face of a disaster. Journaling solutions are designed to run complex searches and provide complete records for legal purposes, not for quickly searching through user accounts to find content that has been lost or deleted.
In addition to being complicated to use, the majority of these tools don’t allow for a direct restore back into your live environment. Instead admins need to export and re-import data into their mail platform - a tedious process that often results in a complete loss of metadata.
Journaling Does Not Protect All Business-Critical Data
- Business-critical files are ignored by email journaling tools
- Email folder structure is not maintained, making restores incomplete
- Tools are unable to recover clean copies of data in the face of malicious attacks
Although journaling tools ignore these basic backup best practices, there are other reasons these tools can put data at risk. Journaling solutions tend to ignore huge portions of your dataset. Many of these tools focus exclusively on maintaining email, but what about other business critical data you have in Office 365 or G Suite? Business-critical files and content contained in cloud services like OneDrive and Google Drive are often outside of a journaling tools capabilities, leaving your data unprotected.
If email is the only component a company wants to maintain for recovery, journaling tools generally don’t maintain folder structure and other associated data. This means that if a user’s email account is destroyed or an inbox is lost, a journaling tool might be able to provide the emails, but all organizational hierarchy is lost. If maintaining business operations is key in recovery, consider that this lack of folder structure means your user is left with a mess of data to reorganize. A good backup solution should be able to recover your entire data set in the state it existed before deletion, which most journaling tools simply cannot do.
Finally, journaling solutions often don’t help in a variety of situations, particularly those that are malicious in nature. Ransomware is a common problem in today’s IT landscape and needs appropriate preventative measures. Many built-in solutions available store the data in the same location as the emails themselves, or don’t even store an actual copy, but just a link to the data itself (Vault, in particular, works this way). This means that if the data becomes corrupted or encrypted by a malicious actor, the data is irretrievable. Numerous customers in Google have been hit with ransomware and attempted to recover their data only to find that Vault’s link to the data just returns them to the encrypted data set, leaving their only option to pay the ransom.
Journaling is not backup for many reasons: it eschews all backup best practices, it leaves a large portion of your dataset vulnerable to permanent deletion, and isn’t able to support recovery in a wide variety of circumstances. Journaling tools are important to today’s businesses, and that will not change anytime soon. However, mistaking journaling for a true backup puts company data at a significant risk. For this reason, most technologically savvy businesses today leverage both and journaling solution and a proper backup tool in both cloud and on-premise environments.