Are you Prepared for Disaster? Business Continuity Planning for Email Outages

Published: April 5th, 2013

It happens to everyone who uses any provider — suddenly your email is no longer working.  If it’s just for a few minutes or some scheduled time at night, it’s usually no big deal.  However, if it’s in the middle of your work day and you rely on email, you may have a problem.

What do you do if your email stays offline for 5 minutes … 10 minutes … an hour … and you don’t know when it is coming back?

But that won’t happen!

True, there is no guarantee that such an issue won’t happen, but it certainly can and it happens all the time to companies large and small with in-house and outsourced services of all kinds.

There is a lot that can be done to prevent predictable problems like hardware failure — e.g. redundancy, load balancing, etc.  However, there is little that can be done to prevent human error.  Yes, policies can be put in place, staff can be trained, etc.  But it only takes one accidental misstep at the wrong time to initiate downtime immediately … or which creates a time bomb that surfaces sometime in the future.

Additionally, external factors could affect your ability to use email.  E.g.

  • Network or ISP failure causing temporary connectivity problems
  • DNS or Registry failure causing inbound email to not be delivered or you to not be able to reach your email provider’s web site
  • Denial of Service attacks on your email provider, your DNS, their DNS, your ISP, some network in between, etc.
  • Malicious staff with administrative permissions shutting down accounts or deleting things
  • External email filtering services having issues and causing email delivery problems

So, the possibility of down time exists no matter what. The questions are:

  1. How will the different kinds of downtime impact your business?
  2. How likely do you think that each kind of downtime will occur?
  3. What can you do now so that should any of these issues arise, you can still run your business until the issue is resolved?
  4. Can this be done in a cost effective manner?

Below we present a series of options for addressing many of these possible issues.  There may be other solutions, as well as other issues that could arise; however, we wll try to address some of the most important and cost effective solutions.

1. External Email Archival

Email archival solutions save copies of all inbound and outbound email:

  • To an externally hosted service (not in your office or at your email provider)
  • Where the email cannot be deleted or edited or lost
  • Where the email is kept for a period of time (e.g. 10 years)
  • Where you and/or your users can login and search for and download copies of email messages sent and received any time that you need it.

There are a few key points to be aware of:

  1. The Archival system and access to it should not be at your office or your email service provider’s data center — so that if either are down, you can still access your email archives.
  2. Email should not be deletable or editable so that you have reliable copies, e.g. for legal reasons
  3. Both you and your individual users should be able to login to view their email — so that it is not left to just 1 administrator to access email for everyone during a time of crisis.  If everyone can login and view their own archived email, they are self sufficient and wok can get done.

LuxSci’s Premium Email Archival service, provided through our partner McAfee, meets all of these criteria.

In the case of disaster, Archival provides emergency access to all old email messages.  This kind of system is required by HIPAA and other regulations.

2. Email Message Continuity Service

When you have an advanced inbound email filtering service (as most business do these days), your inbound email passes through the email filtering servers before being forwarded on to the servers where your email is actually stored.

With a Message Continuity service:

  1. These inbound email servers are located in a different data center from your email service provider
  2. They can audo-detect that your provider is offline or down (e.g. they can’t deliver new email to it)
  3. In a case where your email provider is down, “Message Continuity” is automatically enabled (you can also enable it manually on demand).
  4. While Message Continuity is enabled:
    1. All inbound messages are queued/saved on the filtering servers, instead of being delivered
    2. Your users can login to a Message Continuity web portal to read these new messages and reply to them/send new email messages while their email provider is down.
  5. Once the issue is over, Message Continuity is disabled and:
    1. All the queued email messages are then delivered to your email provider’s servers
    2. Copies of your send email messages are also delivered there for your records.

Message Continuity services provide emergency access to new email messages and allow for sending of messages and replies in the case of a disaster.

LuxSci’s Premium Email Filtering service, through our partner McAfee, includes Message Continuity as an upgrade option and includes all of these features.

3. Backup Email Account

A backup email account is an account either at a different email provider or on a different server on your current email provider.  Depending on the situation you could:

  1. Duplicate Email Account: Have copies of all inbound email messages go to both accounts, so you can switch to the backup account at any time.  This works as long as the servers receiving your email and forwarding copies to the backup account are still online and as long as at least on one of the two accounts are online.  See Spilt domain routing for a detailed description.  Many of our customers, including LuxSci support itself, use this as a simple, inexpensive backup mechanism that protects against single server failure.
  2. DNS MX Record Change: You could have a “hot standby” account with another provider.  In the case of emergency, you can change your DNS MX records to that provider and quickly get your new email there.  The down sides of this are:
    1. You do not have copies of old email there and you have to manually make the switch.
    2. Messages ending up at the new provider may be hard to move back to the old provider after the situation is resolved.However, having this option available  in conjunction with the “Duplicate Email Account” option, you are covered for scenarios of various severity.

4. Reliable DNS

We see many cases every week of people’s email not working due to DNS issues (read more about DNS).  These are caused by:

  • Slow DNS servers
  • Attacks on DNS servers taking them offline
  • Shoddy DNS service

Choosing a good DNS provider helps ensure that your email can be delivered even after the fact of denial of service attacks on DNS, and that the service will work as advertised.  We highly recommend our DNS service, which we provide through our partner EasyDNS who uses Anycast for denial of service protection.  EasyDNS is about as different from “Godaddy DNS” as you can get.

5. Data Backups

You must be sure that your email provider makes backups of your email data so that mail can be restored on accidental deletion and so servers can be restored completely from backup in the case of a catastrophic server failure.

Additionally, backups should exist in 2 separate locations — on site and off site.  On site backups provide fast recovery for recent data.  Off site backups provide slower recovery for older data and protect in the case of a catastrophic issue with the main live infrastructure that affects both your mail servers and their on site backups.

LuxSci provides daily on site backups for all accounts, as well as weekly off site backups for Premium Environment accounts.  On demand restores of deleted emil from backup is free for Premium accounts and is a small charge for Basic accounts.  Read more.

There are many other considerations that should be addressed when developing a full disaster recovery plan, such as a communication plan for staff, what to do when your office is offline, as well as testing and reviewing your plan periodically.

 

Leave a Comment


You must be connected or logged in to post a comment. This is to reduce spam comments.

If you have not previously commented, you can connect using existing social media account, or register with a new username and password.