You are here: Home / Archives for PST

Email Analysis & Conversion Services for Electronic Discovery

October 28, 2011 By Leave a Comment

Email data often provides the most crucial information in any legal action yet often it can be difficult to collect, analyze and review due to the widespread use of proprietary technology, the large number of email file formats and the variety of client software used to manage a custodian’s email account.

Global EDD Group utilizes advanced forensic tools that enable our technicians to collect, examine and export email data in a number of different formats, including:

◊ Microsoft Exchange 5.0, 5.5, 2000, 2003 SP1, 2007 (EDB)
◊ Lotus Notes 4.0, 5.0, 6.0, 7.0, 8.0
◊ Novell Group Wise
◊ Microsoft Outlook (PST)
◊ Microsoft Outlook Express (EML)
◊ E-mail Examiner (EMX)
◊ AOL
◊ The Bat! (3.x and higher)
◊ Thunderbird

 

Additionally, Global EDD Group offers high volume email conversion services that read and export a number of different formats, including the popular Lotus Notes (.nsf) and Microsoft Outlook (.pst) often found in corporate environments as well as the following:

◊  Outlook MSG files
◊  Outlook Express
◊  Windows Mail
◊  Webmail with IMAP access
◊  Mozilla Thunderbird
◊  SeaMonkey
◊  Netscape
◊  Apple Mail
◊  Qualcomm Eudora
◊  Entourage
◊  Evolution
◊  Berkeley mail
◊  EML message files
◊  MHT Web Archive
◊  Pegasus
◊  The Bat!
◊  PocoMail
◊  Barca
◊  FoxMail
◊  Opera
◊  Calypso
◊  Forte Agent
◊  Pine
◊  PMMail
◊  MSN Mail
◊  Mailbag Assistant
◊  E-mail Examiner

 

Export Formats:

◊  Outlook Personal Storage file (.pst)
◊  Outlook MSG files
◊  Generic files (mbox)
◊  EML message files (.eml)
◊  MHT Web Archive files (.mht) with HTML or spreadsheet index page
◊  Database (.mdb) via tabbed delimited file
◊  Adobe Acrobat Portable Document Format files (.pdf) with embedded attachments
◊  eZoom Clustered Search
Law Firms and Corporations interested in learning more about Email Analysis & Conversion Services from Global EDD Group should call +1.888.690.DATA (3282) or email info@globaledd.com for additional information. Global EDD Group also provides these services under subcontract to other industry vendors and service providers.
Filed Under: Global EDD Group Tagged With: , , , , , , , , ,

5 tips to catch an intellectual property thief – Security – News – ZDNet Australia

August 25, 2011 By Leave a Comment

Physical crimes leave behind a trail of evidence that forensic teams can analyse and bring to court, but what about cybercrime, such as the theft of intellectual property? Computer forensics expert and director of Klein & Co Nick Klein said that when companies conduct a digital forensic investigation themselves, there are five things they should do.

(Image by Mad House Photography, CC BY 2.0)

Speaking at the Security 2011 Exhibition and Conference event in Sydney yesterday, Klein said businesses that had suspected that a digital crime had been committed on their systems often took a “Bunnings” approach to forensic analysis, and suggested a four-step structure for undertaking an investigation.

Prepare the business:

Prior to a breach occurring, businesses could do some preparation, which would help them later on in an investigation, Klein said.

He said that typically, businesses had a lack of policies and procedures to secure data, with in-house legal counsel often not working together with a business’ IT department in developing policy. He said that policies, such as making a full backup of an ex-employee’s machine prior to their departure, are often overlooked, when they could provide critical information to assist a case months later.

He also said that despite most operating systems allowing businesses to enable logging on sensitive information, most businesses tended to only use minimal logging of access.

Another area that Klein suggested businesses look at was where backups and critical databases were stored, and whether policies should be implemented to require employees to store information on the company’s file server, where the business would have greater control over it.

“We have a lot of cases where people say, ‘We had an employee who deleted their email. The only copy of it was a PST archive [which contains Outlook emails] on their computer. Can you get it back?’ A simple policy change to force that person to store that PST on the network could have overcome that.”

Lastly, Klein said that businesses often didn’t do enough to protect themselves in their employment contracts.

“Does it talk about confidentiality of information? Does it talk about monitoring of their user activity? Does it include things like USB devices? Can you have something in your employment contracts that says, ‘When you leave, we may ask you for your USB devices’? — It’s something to think about.”

continued @ 5 tips to catch an intellectual property thief – Security – News – ZDNet Australia.

Filed Under: Tech Bytes Tagged With: , , , , , , , , ,

What is PST Regeneration? | Pinpoint Labs Blog

December 3, 2010 By Leave a Comment

PST Regeneration is used during electronic discovery processing or even during an ESI collection.  A Personal Folder File (PST) is a container file created by Microsoft Outlook which stores email messages and other data (i.e. contacts, calendar entries, tasks, to do list etc.)

How it’s done

Regenerating PSTs refers to the identification, isolation and often deduplication of electronic mail (email) messages that pertain to a specific legal matter in civil litigation cases. The filtered email messages are copied to a new “regenerated” PST file. The resulting PST can be considerably smaller than the original and results in the following benefits:

1)      Quicker attorney review

2)      Electronic Discovery processing and hosting cost reduction

3)      Significantly smaller ESI collection

Practical application

PST regeneration is commonly used when there are dozens of archive (backup) PST files that contain many duplicate messages. It is a common practice for companies to set up Microsoft Outlook or Exchange servers to create daily, weekly or monthly PST backups of employee email messages.

The result is potentially dozens of employee backup PST files which contain duplicate messages. Why? Each backup will contain many of the same messages as the last. Only new emails sent or received (that have not been deleted) since the last backup will be considered “unique” to each PST. Regenerating PSTs with only one copy of each email (deduplication) significantly reduces the number of messages and the size of the PST data to be processed or produced.

via What is PST Regeneration? | Pinpoint Labs Blog.

Filed Under: Tech Bytes Tagged With: , , , , , , , , ,

How to Go Native Without Going South | Law Technology News

May 26, 2010 By Leave a Comment

I could hear the frustration in her voice. “We keep going back and forth with the plaintiff’s lawyer. I don’t understand what he wants. Can you help us?”

Defense counsel was trying to satisfy an opponent bent on getting e-mail in “native file format.” With each disk produced, the plaintiff’s lawyer demanded, “Where’s the e-mail?” Now he was rattling the sanctions saber. Poring over copies of what she’d produced, defense counsel saw the e-mail. “Why can’t he see it?”

Reviewing the correspondence between the counsel, I spotted the problem. The e-mail was there, but in rich text format. Like many lawyers new to e-discovery, defense counsel regarded electronically stored information and native data as one and the same. They’re not.

The IT department had dutifully located responsive e-mail on the mail server and furnished the messages as RTF, a generic format offering easy access and electronic searchability. Any computer can read RTF, so it’s a reasonable choice. But it’s not the native format.

CONTAINER FILES

The native format for virtually all enterprise e-mail is a container file lumping together relevant, irrelevant, personal and privileged communications, along with calendar data, to-do lists, contact information and more. The precise native format depends upon the e-mail client and server.

The prevailing enterprise e-mail application, Microsoft Corp.’s Exchange Server, uses a container file with the file extension EDB. Lotus Notes stores its e-mail on a Lotus Domino server in a container file with the extension NFS.

These containers are the “native file format” for server-stored e-mail, but they hold not only all then-existing e-mail for a specific user, but also the e-mail and other data for all users. Furnishing these files is tantamount to letting the opposition rifle through every employee’s desk.

When enterprise e-mail is stored locally on a desktop or laptop system, it’s almost always in a container file, sometimes called a compound file. For users of Microsoft’s Outlook e-mail program (a “client application” in geek speak), the local container file is typically called “Outlook.PST” or “Outlook.OST.” There may also be a file holding older e-mail called “Archive.PST.” Collectively, these data are referred to as a user’s “local PST.”

Like their counterparts on e-mail servers, local container files weave together the user’s responsive and non-responsive items with privileged and personal messages; consequently, they’re more like self-contained communications databases than paper correspondence folders.

Because the native file format for enterprise e-mail is bound up with information beyond the scope of discovery, it’s the rare case where e-mail should be produced in its native format. Litigants must also be wary of producing native e-mail container formats because, until those containers are compacted by the client application, they hold information (like double-deleted files) invisible to users but potentially containing privileged and confidential material. It’s possible to “mine” local PSTs for hidden data, and metadata scrubber tools offer no protection.

How, then, do we realize the considerable benefits of native production for e-mail? The answer lies in distinguishing between production of the native container file and productionof responsive, non-privileged e-mail in electronically searchable formats that preserve the essential function of the native source, sometimes called quasi-native formats.

via How to Go Native Without Going South.

Related articles by Zemanta
Reblog this post [with Zemanta]
Filed Under: Tech Bytes Tagged With: , , , , , , , , ,

Microsoft Releases Dev Tools for .PST Files — Redmond Channel Partner

May 24, 2010 By Leave a Comment

Microsoft today released two new open source tools to help developers take advantage of the .PST file format that's used in the Outlook e-mail client app.

The tools, released on the Microsoft CodePlex open source portal, include the .PST Data Structure View Tool and the .PST File Format Software Development Kit. Both are available under the open source Apache 2.0 license.

The first tool is mostly for educational purposes, providing a graphical user interface that shows the internal data structure of .PST files, according to Daniel Ko, a Microsoft Outlook development manager, in a Microsoft-produced video. The second tool, File Format SDK, provides a library of source code and high-level APIs that developers can use to build their own applications.

The SDK can be used to support data migration scenarios to move .PST files from one platform to another, according to Ko. It can also help facilitate searches for particular content in the .PST files, such as might be used in e-discovery software for legal purposes. Ko also explained that developers could use the SDK to check outbound e-mail content, such as might be used in corporate compliance software. He also drew a whiteboard sketch showing how photos saved in the .PST file format could be extracted and used for a cloud-based photo album, or some other type of application.

The kit currently lets developers read the data in a .PST file. However, Microsoft is working on a capability in the kit that would enable writing to .PST files too, according to Ko.

In essence, the tools will better enable third-party software developers to build e-discovery and data migration solutions for use with Outlook, according to Sheri McLeish, an information and knowledge management analyst at Forrester Research.

“What they’re enabling is easier access to those [.PST] files to scan them for issues around e-discovery potentially, or to migrate or move them to other new hardware devices or locations,” McLeish said by phone. “So it’s really an enabler and a continuing effort on the part of Microsoft to make that [.PST file format] more portable and open.”

via Microsoft Releases Dev Tools for .PST Files — Redmond Channel Partner.

Filed Under: Tech Bytes Tagged With: , , , , , , , , ,

Microsoft to let third-party apps work with Outlook’s PST files | Applications – InfoWorld

October 26, 2009 By Leave a Comment

Microsoft Monday said it will provide patent- and license-free use rights to the format behind its Outlook Personal Folders (known as PST files), opening e-mail, calendar, contacts, and other information to a host of applications such as antimalware or cloud-based services.

Documenting and publishing the .pst format could open up entirely new feature sets for programs such as search tools for mining mailboxes for relevant corporate data, new security tools that scan .pst data for malicious software, or e-discovery tools for meeting compliance regulations, according to Microsoft officials.

via Microsoft to let third-party apps work with Outlook’s PST files | Applications – InfoWorld.

Filed Under: From The News Tagged With: , , , , , , , , ,