how it works
Decrypt email before archiving
There are various legal rules requiring emails to be archived for a number of years (for example HIPAA and SEC). If encryption happens on the desktop, those emails will automatically be archived in encrypted form.
Storing email in encrypted form might be problematic when emails have to be retrieved from the archive. To read the contents of the email, the correct private key is required to decrypt it. To make sure that every email can be read from the archive, all private keys must be backed up.
For small organizations this might be doable. For larger organizations however, making copies of all private keys might be more problematic. Even if the company manages to back up all private keys, there might still be problems adhering to eDiscovery rules. Searching the archive for specific content is not possible unless the archiving solution has access to all private keys.
Instead of archiving encrypted email, a better solution is to use the CipherMail Gateway to decrypt all email before archiving. This way, you do not need to keep a backup of all encryption keys.