Archiving Email Locally – For Stability and Security
Email is a vital business communications tool whether we like it or not and your email should be accessible across devices. Of course, your primary office computer catches your emails, but for most of us our phones, laptops, and tablets also need to access our emails on the go. There are two main protocols for how email is stored and accessed: POP3 and IMAP. For the purposes of this article, here is a brief description of each:
POP3 is designed for your computer to download and save your email offline then remove it from the server.
IMAP is designed to keep mail on the server and allow your computer to view that email anytime.
Both get to the same end: you can read email. What’s the big difference? Where that email is stored.
IMAP: Server-side storage
In an IMAP email configuration all of your mail is kept on your account on the server, not locally. This is handy when you want an identical view of your email from any device anywhere. You can setup your account on a new phone or tablet and see the mail that is stored on the server. That same function lends itself to a big security concern: All of your email is stored on the Internet in a server. Email is not usually encrypted so if someone gains access to your email account they can probably see anything you can see. Eeek! The easiest way this happens is when you use an insecure Wi-Fi connection and Joe-Hacker grabs your login information as it passes through the network. Let’s say you are on the road, for example, and you connect to the hotel “free Wi-Fi” when you get checked in. Your laptop connects, logs into your email, and shows you your messages. You disconnect, go grab dinner, and go to bed. While you sleep, Joe-Hacker is sorting through your emails looking for juicy bits all the while burning your account up sending spammy ads for Russian Brides and other things that make you blush. Sounds like the start to a rough trip doesn’t it?
Let’s look at another side of the client-side storage. If there is only the copy stored on the server and something happens to that copy you could lose important emails. Have a local copy of those in your email software gives you the ability to backup those emails up just like you would other important business documents.
POP3: Client Side Storage
In a POP3 email setup your computer would connect to the mail server and download your emails saving them locally and removing them from the server. That solves some of the problems from above, but presents a new problem in our multi-device world. If the emails are only on your computer how can you see them from your phone? Good question! One of the things you can set in a POP3 configuration is a “Leave on server” timeout. This allows you to leave those messages on the server for X days then they will be removed. You setup the POP3 account on several devices with tell each to leave the mail on the server for 7 days. The all devices have a chance to download that mail then after it is 7 days old it is removed. You can see the message everywhere and permanently archive it on your main office computer.
Now, think about the same issue at the hotel with Joe-Hacker. Apologies to any Joe’s out there. You connect to the hotel Wi-Fi and download your mail, go to dinner, turn in for the night. While you sleep, Joe-Hacker downloads the last 7 days of email and burns up your account sending spam for free dating websites and super cheap pharmaceuticals. Your risk of something getting into the wrong hands is far, far, far less. You still have a spam problem, but that can be fixed.
Taking the Leap
If you have an IMAP setup you can keep using that all you like. POP3 is just an option and works great for a number of reasons. If you wanted to change it is not a terribly simple task. You essentially create a new account in your email software as the POP3 type them disable or delete the older IMAP account. It is a little tedious, but might be worth the change for your security and stability.