Upload
hanxue-lee
View
2.487
Download
1
Tags:
Embed Size (px)
DESCRIPTION
The dangers of using PSTs and how to properly eliminate them.
Citation preview
POWER PROTECT PROMOTE
INF
OR
MA
TIO
N M
AN
AG
EM
EN
T
The Know-IT-All’s Guide to
PST File Elimination
Martin Tuip
Twitter: @mtuip
POWER PROTECT PROMOTE
Introduction
• Today’s speaker Martin Tuip
• Sr. Technical Product Marketing Manager
• Autonomy
• 10 time Microsoft Exchange MVP
• Nearly a decade archiving experience
POWER PROTECT PROMOTE
Agenda
• How did we get to the PST problem?
• Identify the challenges around managing PST files
• Tips on how bringing the PST files back under control
POWER PROTECT PROMOTE
The PST Conundrum
• Ideal World
– Executives Set Policy
– IT Implements Policy
– End Users Do As They Are Told
• Real World
– Can’t Train Users
– Think It’s Their Data
– PST’s Are A Shell Game
POWER PROTECT PROMOTE
How Did We Get Here?
POWER PROTECT PROMOTE
Where’s My Data?
Exchange Databases
• Exchange Database (EDB) File(s)
• Streaming Content File (STM, pre 2007)
• Transaction Logs
• Mailboxes
• Folders
Active Directory
• Organizational
• Names
• Email Addresses
• Distribution Lists
Outlook
• Online (No Local Copies)
• Personal Store (PST)
• Offline Store (OST), Synchronized
• OST Cache-Mode, Replicated In Background
• Mobile- PDA’s, Phones
POWER PROTECT PROMOTE
Typical Outlook Configuration
• Using Cache Mode (OST File)
– Synchronization Happens In The Background
– Better Perceived Performance On Desktops
– Notebook Replication Seamless / Outlook
Anywhere
• Old Email Stored In PST Files
– User Based Extra Email Storage
– Either Locally Or On Network Shares
– Personal Copies (Just In Case)
– What Storage Limitations?
– What Retention Policy?
POWER PROTECT PROMOTE
A Bit of History: PSTs
• PST History
– Microsoft Outlook Personal Store Files
– User managed via Outlook
– Two versions
• Why did PSTs become so popular?
– Easy to use
– Mobile access
– Storage management
POWER PROTECT PROMOTE
History and industry issues
• Enforcement of quotas is old school
– Limited mailbox quotas are counterproductive
• Forces users to create PSTs or pushes users to
do “underground archiving”
– End users will create other repositories in
hotmail/Gmail
• Stubbing can create significant performance
issues
– Store performance is not related to size, but
mailbox items
– Microsoft recommends not using stubbing
POWER PROTECT PROMOTE
PST problems
• No centralized management
– Users control the creation and location of
PSTs
– PST growth is unchecked
• How did PSTs become such a problem?
– Data loss, corruption, infrastructure costs,
more…
– Weak elimination strategies
– User productivity
– No Exchange storage control
POWER PROTECT PROMOTE
PST Legal and Compliance Problems
• PST Legal Problems
– No centralized management
– Manual search
– No retention and disposition / compliance
– No risk analysis
POWER PROTECT PROMOTE
PST Legal and Compliance Problems
• How did lawyers learn to target PSTs?
– Sometimes they are the only record of information
– Enormous risk to organization
– Easily transported
– Smoking Gun…
POWER PROTECT PROMOTE
Most requested information
Source: American College of Trial Lawyers, Interim Report on the Joint Project of The American College of Trial Lawyers Task Force
on Discovery and the Institute for the Advancement of the American Legal System, August 1, 2008.
Source: ESG Research Report, E-Discovery Requirements Escalate, November 2007
POWER PROTECT PROMOTE
Most requested information
Source: American College of Trial Lawyers, Interim Report on the Joint Project of The American College of Trial Lawyers Task Force
on Discovery and the Institute for the Advancement of the American Legal System, August 1, 2008.
Source: ESG Research Report, E-Discovery Requirements Escalate, November 2007
POWER PROTECT PROMOTE
How to preserve information
• Leverage an archive properly
– A backup is not an archive
– Ensure you capture all the data you need
– Set retention and keep privacy rules in mind
– Use an archiving solution to help out with
storage management of Exchange
– Don't forget PST files
POWER PROTECT PROMOTE
There are No Good Reasons to have PST files
• To make it clear once and for all, here is a list of
reasons why there are no good reason to have PST
files in a corporate environment anymore
– You cannot apply retention or legal hold to PST files
– eDiscovery request are nearly impossible to
accomplish as they require searching, discovery and
manually opening and searching all the content in
them.
– PST files are quite often used when employees leave
organizations to take their mail data with them to a
competitor. They can store them on an MP3 player
and walk out of the door which is a huge security risk
for data leakage.
POWER PROTECT PROMOTE
There are No Good Reasons to have PST files
- They are difficult to find except if you use appropriate PST
crawlers.
- They’re fragile, especially as they get big. They get
corrupted too easily. Users aren’t the best at ensuring that
their systems are properly shut down.
- Your users don’t back them up. Presumably you do back
up the server.
- Your users don’t compact them. They just get bigger and
bigger.
- Your users forget their PST passwords. Even though there
are unsupported tools to crack them, it can take a
significant amount of time to do so.
POWER PROTECT PROMOTE
There are No Good Reasons to have PST files
- You lose single instance store (SIS) as messages take up
more space in a PST than in an Exchange store.
- It’s simply crazy to store PSTs on a network drive. They
just end up taking up more space. Is disk space on your
file server cheaper than disk space on your Exchange
server? (besides that Microsoft doesn’t support PST files
on a File Share)
- For road warriors, OSTs is a superior storage technique.
They allow untethered computing at a higher level than
with PSTs, plus with the added security of a backed-up
information store on the server.
POWER PROTECT PROMOTE
There are No Good Reasons to have PST files
- A PST can be opened by only one machine at a time. This
precludes a manager and assistant from working from the
same PST simultaneously, and precludes team access.
- You cannot use Outlook Web Access to read your
downloaded messages.
- PST files are not secure. Anyone with access to the PST
file can open it using the right tools.
- You cannot clean up PST files after virus infestations.
POWER PROTECT PROMOTE
And now on to the good part
- Now that we know what is bad
- How do you get rid of PST files?
- Out of the box tools are limited
POWER PROTECT PROMOTE
PST Elimination Strategies
1Write a project plan
– What to do about data from employees that have left
the company?
– What about password protection?
– Write out all the risks and actions as it will save time
POWER PROTECT PROMOTE
2Prevent further growth of the problem
– Download the Office 2007 Administrative Templates
(ADM files) from
http://go.microsoft.com/fwlink/?LinkId=78161
– There is a specific ADM file for Outlook that contains
group policy settings that can be configured especially
for Managing PST files.
PST Elimination Strategies
POWER PROTECT PROMOTE
3Discover all existing PSTs
– Find all the PST files in the network
– If you run scripts to do this, ensure you don’t do an all
out search as it will saturate your network
– Located on servers, tapes, laptops, and workstations
– How to deal with remote users?
PST Elimination Strategies
POWER PROTECT PROMOTE
PST Elimination Strategies
4Store PST data in an archive
– Bring the data under centralized management
– Reason for not bringing it into Exchange is that most
likely you won’t have the storage available for it
– Allows for setting proper retention, eDiscovery, risk
management and early case assessment
POWER PROTECT PROMOTE
5Access for end users
– Give end users access to the archived data
– End users need access to their data for productivity
reasons
PST Elimination Strategies
POWER PROTECT PROMOTE
6Avoid creating stub files
– Stub files are shortcuts in the mailbox pointing to the
archived item
– Can create major problems on Exchange with
whitespace, fragmentation, and major I/O overhead
PST Elimination Strategies
POWER PROTECT PROMOTE
7Disable PST creation
- Well, what good is it to bring everything in and not
stop the end users from creating them again?
- Leverage Microsoft system management (GPO)
policies to restrict users from creating PST files which
can be downloaded from
http://go.microsoft.com/fwlink/?LinkID=78161
PST Elimination Strategies
POWER PROTECT PROMOTE
So What To Do About PST’s
• Set Retention and Usage Policies
• Identify, Quantify
• Lock-down 1: No New PST’s
– Via Group Policy
• Consolidate
– Organizations May Require More Than
Exchange 2010 Archiving Can Provide
– Enterprise Need For Business Level Archive
– Process And Auto-Tools To Find And Import PST’s
• Lock-down 2: No PST’s Allowed
– Again Via Group Policy
• Finally, Own The Life Cycle
POWER PROTECT PROMOTE
Is it that simple?
• PST discovery challenges
• Archive storage challenges
• End user access challenges
POWER PROTECT PROMOTE
PST discovery challenges
• First problem is that you are unaware of the size of
the problem
• There are no adequate native tools available
• Blunt force crawlers might cause problems by
overloading the network with searches
POWER PROTECT PROMOTE
Archive storage challenges
• Without knowing the size of the problem sizing the
archive can be a challenge
• Ensure that the archive and indexes can grow to the
size you expect
• The bigger the indexes, the slower the response times
could be
• Distinguish between a business record and private data
can be difficult
POWER PROTECT PROMOTE
End user access challenges
• End users have saved the data for a reason
• Restricting access can reduce productivity and
effectiveness
• End users want access to data transparently even when
they work remotely or disconnected from the network
POWER PROTECT PROMOTE
Important “Take Aways”
1. PSTs are too risky for any organization
2. Plan PST elimination strategy carefully
3. Avoid “stub” files that will negatively impact
Outlook performance
4. User productivity can be improved
5. Take back control of Exchange storage using the
archive
6. Block PST file creation
POWER PROTECT PROMOTE
Suggested resources
http://www.autonomy.com/
http://www.microsoft.com/exchange
http://www.thesedonaconference.org