Top Five Reasons to Eliminate PST Files in Your Organization


The use of PST files — archive or personal storage files that are created automatically or manually in the Microsoft Outlook client to organize and store email messages, calendar events and other items — has been standard practice for years. Users love PSTs because by simply copying or moving data from their main mailbox into their PST folders, they can keep it available for future use while complying with corporate size limits on their primary mailboxes. And the organization reaps some benefits as well: With less data on the server, backups complete faster and require less storage.

Unfortunately, however, the complete PST story is not quite so rosy. PST files can actually cause serious security, productivity and compliance challenges for the organization, including the following:

  1. Risk of data loss
  2. Reduced desktop performance and user access
  3. Difficult e-discovery
  4. Heightened compliance concerns
  5. Increased IT costs and burden

This e-book explores each of these challenges in detail to uncover the true risks and costs of PST files. With that information, you can better assess your organization's current policies and practices, and take steps to improve data security, enhance user productivity, mitigate risk and reduce costs by eliminating PSTs for good.

Why PSTs are so popular

People love PST files. By creating PSTs in their Outlook clients, they can easily keep all the email they want, as long as they want, without worrying about the pesky corporate storage quotas and retention policies that apply to mailboxes on the server. These archives of email data provide a useful reference for employees across the enterprise.

For example, managers might create a PST file for each of their direct reports with a hierarchy of subfolders that store everything from assignment records and progress reports to emails about vacation and sick days — all handy information to have at their fingertips when performance evaluations roll around or it's time to consider candidates for a new position. Similarly, salespeople might create a PST for each client to help them keep track of the details of each sale and ideas about future opportunities, as well as the names of all the key personnel at the client organization and notes about their families and hobbies.

In fact, users may have dozens of PST files, some old and fairly static, and others that actively grow larger every week. PSTs often exceed the recommended size limits — tens or even hundreds of gigabytes per PST file is not uncommon. But with today's enormous hard drives and powerful indexing and search capabilities, there seems to be no legitimate reason for users to spend time on the tedious work of weeding out old and duplicate email instead of simply saving everything.

Or is there?

Why PSTs are actually dangerous

At first blush, allowing users to create PST files in their Outlook clients seems like a win-win. As we've seen, users love PSTs because they can easily keep all the email they want, as long as they want. IT is happy not to have to battle users over email policies, and since there's less data in mailboxes on the server, the organization spends less time and money on email backups.

What's not to love?

Well, for starters, PST files enable violation of email retention regulations and make effective e-discovery nearly impossible, putting the organization at risk of compliance failures that can result in fines and other penalties. And because PSTs are not included in IT data protection processes, the organization is at increased risk of loss of potentially business-critical data. In addition, as we'll see, PST files can actually hurt, rather than help, both user and IT productivity.

Should You Be Concerned About PSTs In Your Organization?

Most enterprises are already aware of at least some of these risks.

A survey of more than 200 technology professionals performed by Dimensional Research and sponsored by Quest found that 96 percent of organizations have concerns about the use of PST files.

Should you be concerned, too? Ask yourself these key questions:

  • Is using PSTs an acceptable or common practice in your organization?
  • Do you know which users are using PSTs?
  • Are you aware of how much data is in those PST files and whether it is affecting desktop performance?
  • Do you have an internal email retention policy that you are responsible for enforcing?
  • Is your organization subject to any regulatory compliance requirements around email retention?
  • Are you asked to help recover missing or corrupt PST data that was on a user workstation?
  • Are you certain that all confidential and sensitive data is securely archived or deleted?
  • Do you have to fulfill e-discovery requests in the event of a legal matter?

The Top Five Reasons to Eliminate PST Files in Your Organization

If you answered yes to any of these questions, this e-book is for you. It will help you understand the true risks and costs of PST files by exploring in detail all of the top five reasons to eliminate them from your organization:

  1. Risk of data loss
  2. Reduced performance and access
  3. Unsupported e-discovery
  4. Heightened compliance concerns
  5. Increased IT costs and burden

Reason 1: Risk of data loss

PST Files Put Critical and Sensitive Data at Risk

Take a moment and think about the email messages you received in just the last day or two. Did any of them include business-critical or sensitive data, such as employee information, customer contacts or strategic plans? Were there any attachments with performance reviews, architecture designs or financial reports?

Email has become the most critical communication tool of the enterprise, so even if you're not sending important information through email, you can be certain that virtually all of your users are. When they move those messages to PST files, the critical data they contain is at increased risk of being lost for three reasons:

  • PST files are rarely backed up — PST files typically reside on workstations or on removable storage devices, which are rarely included in routine IT backup processes. Moreover, PST files are locked when in use, so it's often impossible to back them up even if you do include them in your enterprise backup scope. And of course, most users are unlikely to back up the data themselves even once, let alone regularly.
  • PST files are prone to corruption — The original PST file format had a maximum size of 2GB, and corruption would occur if the file grew beyond that limit. Modern PST files have higher size limits, but oversize PSTs are still prone to corruption. Other factors can also lead to corruption: For example, a power failure or other abnormal shutdown of Outlook while a user is accessing PST files can leave the files damaged, and some viruses can damage PSTs as well.
  • Shared PSTs are particularly problematic — The chances of a PST file becoming corrupt is increased when it is shared among multiple users, especially if two users attempt to open the same PST file simultaneously.

The risks are real: 96 percent of IT organizations are asked for help with missing or corrupt PST files.

The Best Strategy Is to Prevent the Problem by Eliminating PSTs

Don't make the mistake of thinking these risks are merely theoretical: The Dimensional Research study found that 96 percent of IT organizations are asked for help with missing or corrupt PST files.

Ask yourself what you would do if one of your users:

  • Accidentally deletes PST file data that hasn't been backed up?
  • Finds that one of their PST files has been corrupted?

Recovering such PST data could require a great deal of effort from your already overburdened IT team. Or the data could simply be lost altogether — and the cost could be substantial, especially if the data is business critical or required for litigation. The only sure way to prevent PST data loss is to eliminate PST files altogether.

Reason 2: Reduced performance and access

Users often defend their use of PST files by citing productivity benefits. However, PST files can actually hurt employee productivity by dragging down machine performance and limiting users' access to critical information.

Large PST Files Can Degrade Outlook and Device Performance

Do your users ever complain that their desktop is sluggish or that it takes far too long for Outlook to load?

PST files might well be the culprit. As noted earlier, users often create PST files to get around storage quotas, and those PSTs can quickly become very large. If a user has multiple PST files, each tens or even hundreds of gigabytes in size, is it any wonder that Outlook is slow to start, and desktop or device performance is degraded?

Limited Access to PSTs Can Hurt User Productivity

PST files can further interfere with user productivity because of their limited availability. There are three key issues:

  • PST files are local to a specific device — Users today like to access their mailbox data from a variety of devices. But, unlike data in a mailbox on the server, PSTs cannot be shared between multiple devices; data stored by Outlook in a PST file is accessible only from that copy of Outlook on that specific device. When important data is inaccessible, productivity suffers and business losses become more likely.
  • PST files work only with Outlook — Mobile devices that attach to Exchange mailboxes using ActiveSync cannot open PSTs, and Outlook Web App does not support PST files. Therefore, mobile users may find themselves unable to access critical information that would have been available if they had simply left it on the server.
  • Network-connected PSTs are not supported — Microsoft does not support storing active PST files on network shares. Placing an active PST file on a network share increases the odds that the file will become corrupted, further increasing the risk of data loss we just discussed.

By keeping their email on the server, users can avoid all of these issues and be more productive.

Unlike data in a mailbox on the server, PSTs cannot be shared between multiple devices — so users may not be able to access the data they need to do their jobs.

Reason 3: Difficult e-discovery

Are you asked to fulfill e-discovery requests as part of legal or regulatory investigations? If so, you have an additional reason to eliminate PST files from your organization: Satisfying discovery requests is extremely difficult if email is stored in PST files.

PST Files Are Hard to Locate and Cannot Be Searched, Which Complicates The E-Discovery Process

Email archives and server mailboxes are primary targets of e-discovery requests. These data stores can be searched extensively. The same is not true for PSTs because the data resides locally. In fact, the hardest part of an e-discovery project is often locating, centralizing and processing hundreds of thousands of PSTs across the enterprise. Even if you manage to find all the PSTs across your enterprise, there is no way to search across all PSTs on all machines when you use the native Exchange Server e-discovery tools.

Failure to satisfy e-discovery requests puts the organization at risk of substantial fines and other litigation losses — risks that could be avoided if PST files were eliminated.

The hardest part of an e-discovery project is often locating, centralizing and processing hundreds of thousands of PSTs across the enterprise.

Reason 4: Heightened compliance concerns

Using PST files also puts your organization at risk of compliance failures. In particular, your organization may not be properly protecting sensitive and confidential data, and users may be saving email data for either a shorter or a longer time than required by compliance mandates.

PST Files Put Sensitive Data at Risk

Every organization has sensitive and confidential data, such as HR records, customer information and financial reports. Both compliance regulations and internal policies often require organizations to ensure the security of such information. Failure to comply with those policies puts the organization at risk of compliance failures, as well as loss of public trust and remediation costs.

As noted earlier, users can and do transmit sensitive data through email, and move or copy that email into PST files. Because PST files are stored on the user's desktop, laptop or mobile device, they are far less secure than email stored on a server — making it far too easy for sensitive and confidential data to be made public or get into the wrong hands. Here are just three likely scenarios:

  • The device is lost or stolen, enabling an outsider to access and misuse the data in the PST files stored on it.
  • The desktop is left unattended and the data is accessed by an unauthorized employee.
  • The device is infected with malware and the data is lost to hackers.

PST Files Can Be Used to Circumvent Message Lifecycle Management Policies

Many compliance regulations require that email be kept for a specified length of time. If you fail to retain it long enough, you could be subject to penalties. And if you store it too long, you put the organization at risk by potentially being required to provide evidence that you could have legally deleted.

In part to avoid these twin problems, many organizations establish policies to regulate the message lifecycle. In particular, they automatically purge messages of a certain age to keep them from being subpoenaed in the event of litigation. And of course, they protect the messages they are required to keep through data protection practices, such as backups and replication.

By storing email in PST files, users circumvent your message lifecycle management policies. They may delete messages that the organization was required to keep, and they may retain messages far longer than required by regulations, putting the organization at risk of compliance failures and associated penalties.

Storing sensitive data in PST files puts your organization at risk of compliance failures, penalties and loss of public trust.

Reason 5: Increased IT costs and burden

For IT, PST files are like SharePoint sprawl or other shadow IT — there's business-critical data out there, but you don't know how much or exactly where, but you are ultimately responsible for protecting it and recovering it when problems arise.

PST Files Can Increase the Cost of Doing Business for IT Organizations

Each of the preceding four reasons for eliminating PST files from your organization gives rise to IT challenges. Specifically, PST files put additional burden on IT administrators by complicating tasks, such as:

  • Attempting to recover business-critical data that is lost or corrupted
  • Maintaining desktop performance and access to data
  • Fulfilling e-discovery requests in a timely manner
  • Ensuring both internal and external compliance

In short, allowing users to retain valuable business email outside of standard IT data protection processes wastes valuable IT time and increases costs.

Allowing users to retain email outside of standard IT data protection processes wastes valuable IT time and increases costs.


Taking control of your PST problem can save you time and money in the long run. By eliminating PSTs from your organization for good, you can improve data security, enhance user productivity, enable effective e-discovery, mitigate compliance risks, and reduce IT workload and costs.

Migration Manager for PSTs enables you to take control of PSTs once and for all. This ZeroIMPACT solution automates the identification, migration and elimination of PSTs. You can quickly and reliably migrate PST data to better targets, such as Exchange, Office 365, third-party archive solutions and hybrid configurations. Plus, you'll enjoy comprehensive project management capabilities, along with world-class services and support.

Migration Manager for PSTs enables you to take control of PSTs once and for all.

About Quest

Quest helps our customers reduce tedious administration tasks so they can focus on the innovation necessary for their businesses to grow. Quest solutions are scalable, affordable and simple-to-use, and they deliver unmatched efficiency and productivity. Combined with Quest's invitation to the global community to be a part of its innovation, as well as our firm commitment to ensuring customer satisfaction, Quest will continue to accelerate the delivery of the most comprehensive solutions for Azure cloud management, SaaS, security, workforce mobility and data-driven insight.