Aspects of this disclosure relate to protecting email data. For example, email protection rules can instruct an email server to route an email to an email protection module. The one or more email rules can identify a group of one or more email addresses. The email protection module can receive an email from the email server that has an email address of the group as an intended receipt. The email protection module can route the email to secondary storage and store the email in secondary storage to create a secondary copy of the email. The secondary copy can be stored inline to persistent memory of secondary storage, according to certain embodiments. Access to the backup copy of the email stored to the persistent memory can be controlled, for example, based on whether a user had permission to access to the email when the email was sent.