What is a PST File?
In computing, a personal storage table (PST) is a proprietary file format built by Microsoft to store copies of messages, calendar events, and other items within their software platforms, including Microsoft Exchange Client, Windows Messaging, and Microsoft Outlook.
The file format is sometimes referred to as a “Personal Folder”. When functioning in its capacity as a cache for Outlook’s cached exchange mode feature, it may be called an “Offline Storage Table” or an “Offline Folder”. In Microsoft Exchange Server, the messages, the calendar, and other data items are delivered to and stored on the server. Microsoft Outlook stores these items on the local computer. Most commonly, the .pst files are used to store archived items while the OST files maintain offline availability.
PST Security and Data Integrity
The major advantage of PST files is that they are easily portable; they can be transferred from one Outlook client to another without any IT expertise. While having mobility advantages, PSTs also introduce a number of security issues when used:
- PST files weren’t designed to function as multi-gigabyte email archives. Because of this, PST corruption and subsequent data loss can be a frequent occurrence.
- Power outages, PC crashes or inadvertently closing a PST disconnects it from the Outlook profile. It’s then usually overlooked or lost, creating an uncoupled or orphaned PST which is invisible to IT but can still contain valuable information that needs to be preserved.
- When a business is under review for a legal hold request, and needs to swiftly identify relevant information relating to an issue, including messages, any emails that are contained in PST files won’t be identified because their contents are only available to the source of the message.
- PST files often contain emails which were never properly archived. Because of conflicts like restriction access or misplacement, they are not always placed into proper retention, deletion or classification systems, which can become a legal issue if emails are required as evidence.
- They can be password protected, although a simple search on the internet will find any number of programs that can crack these passwords. This puts end user data and intellectual property data at high risk.
- PST files are an important attack vector as they typically hold not only all archived email for a user, but deleted email as well. The most effective way of securing a PST file is through encryption, though native PST encryption by itself is unlikely to be sufficient for enterprise usage.