Compliance Archive · The EFA family

EFAarchive

Tamper-proof email archive built for legal and financial compliance. Legal hold, eDiscovery search, immutable storage, and retention policies that satisfy FINRA, SEC 17a-4, HIPAA, and GDPR.

EFAarchive

Backup and archive are not the same thing

Email backup answers "I need to recover this." Email archive answers "I need to prove this — and I need to prove it years from now, in a form a regulator or a court will accept."

EFAarchive is built for the second job. Every message is captured at the gateway and written into immutable, tamper-evident storage with a cryptographic chain of custody. Retention runs on policy, not on user intent. Legal hold is a switch, not a project. eDiscovery search runs across years of email in seconds, with reviewer roles, redactions, and exportable case files.

It pairs naturally with OpenEFA: as messages flow through email security, copies are written to the archive automatically. Most customers run them together.

Archive integrity and legal-hold alerts travel over Secure Conduit Technology, keeping the compliance audit trail on one hardened, monitored channel.

What EFAarchive does

Immutable, tamper-evident storage

Write-once storage with cryptographic per-message hashing. Any modification is detectable; deletion outside policy is impossible.

Legal hold

Apply a hold by user, date range, or custodian. Held messages are exempt from retention expiry until the hold is released, with a full audit trail.

eDiscovery search

Full-text search across years of email in seconds. Boolean operators, attachments, metadata, custodian filtering. Saved cases with reviewer assignments.

Policy-driven retention

Set retention by group, sensitivity, or message class. Auto-expire on schedule. Full audit trail of every retention action.

Defensible export

Export case sets in MBOX, PST, or EDRM-friendly formats with hash manifests. Reviewer-ready, court-ready.

Role-based access

Separate roles for compliance officers, legal reviewers, and IT administrators. Every action is logged, signed, and reviewable.

FINRA-aligned SEC 17a-4(f)-aligned HIPAA-aligned GDPR-aligned WORM-style storage US data residency

Common questions

Backup is for recovery; archive is for proof. A regulator or opposing counsel doesn't accept "we restored it from backup" — they want a tamper-evident chain of custody, retention policy, and search. EFAlifeline handles backup; EFAarchive handles archive. Most regulated customers need both.

EFAarchive's storage model and audit trail are designed to align with SEC 17a-4(f) requirements for non-rewritable, non-erasable storage and FINRA's communications retention rules. We can provide attestation documentation as part of a sales conversation; your designated compliance officer should review the specifics for your jurisdiction.

Retention is policy-driven. Common configurations are 7 years (financial), 10 years (healthcare), or unlimited (legal hold). Multiple policies can run concurrently, scoped by user group or message classification.

Yes. Bulk import from PST, MBOX, or live mail systems is supported during onboarding. Imported messages get the same hash and chain-of-custody treatment as live captures.

OpenEFA is the gateway; EFAarchive is the journal. As messages pass through OpenEFA's filtering, qualifying messages are journaled to EFAarchive automatically. Most customers buy them together; pricing reflects that.

Per-mailbox monthly pricing with bundle discounts when paired with OpenEFA or other EFA family products. Storage is included up to typical retention levels; high-volume retentions are quoted separately. Contact us.

Make every email a defensible record.

Tell us your jurisdiction and retention requirements — we'll size and quote.

Request a quote
Powered by EFAintelligence

Every EFA product makes every other one smarter

EFA Security is collaborative by design. Every product connects through Secure Conduit Technology — one hardened, monitored channel — so when one attacker is caught on any product anywhere in the community, the threat is neutralized locally and its tradecraft becomes intelligence that protects everyone else. Seen once, known everywhere.

1

Detect & sanitize

A bad actor hits any EFA product line — EFAgateway, EFAcanary, OpenEFA, and the rest. The threat is stopped and sanitized right where it lands, before it can do harm.

2

Strip your identity

The threat signal is extracted and every piece of customer-identifying information is removed. What's kept is the attacker's behavior — never who they targeted.

3

Record & share

The anonymized intelligence is recorded and distributed across the EFA community over Secure Conduit Technology — the same hardened channel the products already trust.

4

Protect everyone

Every other EFA deployment now recognizes that attacker on sight. A threat one customer sees becomes a threat the whole community is already defended against.

Your data stays yours. EFAintelligence shares what the threat was — never who was targeted. Customer identity, message content, and identifying metadata are stripped before anything ever leaves your environment. You contribute to the community's defense without exposing your business.