- Steve Jobs is a man of a few words
- Internet routing blasts into space
- 15 free downloads to pep up your old PC
- IBM smartphone software translates 11 languages
- New attack fells Internet Explorer
Unified messaging and communications analysis by consultant Michael Osterman.
One of our clients, a leading provider of hosted messaging archiving services, raised an interesting point in the context of helping us to frame issues for an upcoming white paper we will be publishing shortly on DLP issues (Data Loss Prevention or Data Leak Protection, whichever you prefer - Compare Data Leak Protection products). The paper will focus on the impact of DLP systems' modification of e-mails and other messaging content in the context of how that content is archived.
For example, if a company has deployed a DLP system and a user sends an e-mail to someone outside of his or her company that contains sensitive content – an employee’s medical condition, a credit card number, a list of server passwords, etc. – the DLP system is supposed to intercept that content before it leaves the organization and then do something with it. These actions might include simply blocking the message, sending a warning back to the user, routing the e-mail to a supervisor or compliance officer, etc.
The question our client raised, however, is what happens to that message in the context of archiving it for potential e-discovery, regulatory compliance or knowledge management purposes? If the message is simply blocked and the DLP system does not allow it be sent, will that message ever make it into the archive? Better yet, should that message make it into the archive?
Let’s say a senior manager sends an e-mail to outside counsel that discusses the reasons for an employee’s termination – content that might be discoverable in a wrongful termination lawsuit – and the DLP system simply blocks it and does not allow it to be sent. Should that content be archived because it constitutes a business record, or should it be discarded because it never made it outside the organization? Both the terminated employee’s counsel and the company’s counsel would find this content highly valuable.
We will be exploring this issue and would like to hear from you on this topic. Please send me an e-mail with your thoughts.
Michael Osterman is principal analyst of Osterman Research.
Rss FeedRss Feed
The Leader in Network Knowledge
Comments (2)
DLP's impact on archivingBy Anonymous on August 28, 2008, 2:41 pmIf the email is blocked, no communication has occurred and so there is no need for it to be discoverable. I would place this in the same category as a written letter...
Reply | Read entire comment
DLP's impact on archivingBy DT on August 29, 2008, 3:04 pmAccording to the Merriam-Webster Dictionary, an e-mail is a message sent AND received through an e-mail system. Therefore, this non-exchange of information cannot...
Reply | Read entire comment
View all comments