Connection security, Archive storage security, Journal archiving security – Google Message Archiving Administration Guide User Manual
Page 32

Introduction
33
The account password for a user who has authorization to search the archive
must meet the same strict requirements as those for administrators’ passwords. If
a user’s password does not meet these requirements, your message security
service automatically prompts the user to change his or her password before
logging in to Message Archiving. For more information about administrator
password requirements, refer to the
Access to the Personal Archive
Users access the Personal Archive in Message Center. Each user’s account in
Message Center is password protected and accessible only to that user.
Connection Security
Both Message Archiving and the Administration Console use SSL to encrypt user
name and password information. In addition, all pages in Message Archiving and
the Administration Console are 128-bit encrypted and HTTPS secured.
Archive Storage Security
Message Archiving processes your company’s electronic messages in
geographically-distributed primary and secondary (backup) data centers. Each
data center is located in a physically secured facility with SAS-70 certification, is
serviced by a Tier-1 or better network provider, and contains multiple layers of
redundancy for network connectivity and power.
During the processing of a message, indexing servers create an index for the
message, and then store the index on multiple devices. When the message
processing has finished, the message is then written to at least two separate
geographical locations.
Journal Archiving Security
If you use the journal archiving option, Message Archiving generates a private
email address for your corporate archive. In addition, when setting up Message
Archiving for journaling, you must specify an access control list (ACL) that tells
Message Archiving the IP addresses of email servers from which it can accept
incoming journaled messages. The combination of access control and private
archive address prevents malicious senders from sending messages to your
archive.
To further enhance security for journal archiving, you can use TLS (Transport-
Layer Security) encryption. If the email server that forwards journaled messages
to your archive uses TLS encryption, Message Archiving automatically accepts
the encrypted messages. It then decrypts the messages before storing them in
the archive.