Re: Eliminating PSTs

[Chris Green <cmgreen () UAB EDU>]

Looking at this conversation, I've really wondered what the driver was.  

One driver is managing PSTs for end users is error prone, klunky, and poorly supported (No PSTs on Network Shares, How 
do you back them up, etc.);   The quota suggestions are the path I push to resolve that and things like Exchange 2010 
are supposed to be able to balance always in use mail with archived (cheap storage).  We're hoping to advocate away 
from PSTs.

Another driver is discovery/compliance and we don't want to look for PSTs.  We want a global retention policy of X 
years or we want all mail to be on one system to keep discovery costs maintained.  If it's we need to keep the mail 
forever, you don't have to restrict PSTs;  If you need to delete, restricting PSTs seems usable.

Deleting email globally is never really popular.  My wife lived through a place that had "one year" as the retention 
policy and then it killed her 30 Draft Templates for customer situations.   I shudder to think of similar happening to 
a researcher.

-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of 
Chancellor, Beth C.
Sent: Thursday, January 27, 2011 3:02 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Eliminating PSTs

I'm actually looking for someone who's gone through the political and end-user perception issues.  The technology isn't 
the issue for us - just the pushback we anticipate getting. For those who have gone through this, was it a long process 
to convince faculty or did your institution simply make the change without much discussion with faculty (or with other 
users)?  I'm looking for trials and tribulations during the vetting process.

Beth

-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Hahues, 
Sven
Sent: Thursday, January 27, 2011 7:54 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Eliminating PSTs

Ms. Chancellor,

If you are trying to eliminate PSTs the best way to do so is to "simply" give users enough inbox space so they do not 
need the PSTs.  We are currently looking at doing this using some sort of email archiving, and stubbing the items in 
their inboxes.  While we do not have a formal plan yet, there are a number of solutions out there that will allow you 
to send email older than x days to low cost storage.

At the same time we are using our computer management software to see how many users have PSTs and what the average 
size of these files is.

For a lot of people this may or may not be a great idea, but it can also help out with records retention laws, since 
you are effectively relieving users of the responsibility to pick what they need to save to meet the retention 
requirements.  However, this potentially does make sifting through mail for public records requests or alike a lot more 
time consuming.

Hope that helps,

Sven

Sven Hahues
FGCU Network Services
Tel: (239) 590 1337
E-Mail: shahues () fgcu edu

Computing & Network Services will NEVER ask you for your password



-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of 
Chancellor, Beth C.
Sent: Wednesday, January 26, 2011 5:25 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Eliminating PSTs

This topic could fall into various discussion lists so I picked the Security list because it's as good as any.

 

I would like to identify a few institutions who have gone through the pain and suffering of eliminating PSTs.  There 
are an obvious list of pros and cons with the biggest con (in my opinion) being the firestorm of pushback that may come 
from end-users (loss of control, I want or need to keep everything forever, etc.).

 

Is there anyone out there who has already been through this and who is willing to share their strategy and experiences?

 

Thanks,

Beth

 

 

Beth Chancellor, MEd, CISSP

Associate CIO and Chief Information Security Officer

University of Missouri

(573)882-3503