E-mail retention: Covering the corporate backside

Business regulations and e-mail archiving

Developments of the week in storage

This week, we continue our discussion of e-mail archiving, which as you will see has little to do with helping you retain your old e-mails and everything to do with covering the corporate backside.

Once, e-mail archiving was just a way to get older messages off production systems by transferring a large bulk of old data onto cheaper tape media. Times have changed. Today we live in a litigious age, where lawsuits are commonplace. Also, the increased emphasis on the part of both lawmakers and shareholders to make sure that corporate officers act both ethically and responsibility is having an effect. The individual business ethics of some corporate leaders not withstanding, properly managed archiving processes are clearly a useful tool in helping to maintain shareholder value in a publicly held company.

Every corporate officer in the northern hemisphere should love a good archiving system. After all, in many cases today's CEOs and other corporate honchos have lost the protection that working for an incorporated body once afforded. Now that they can be hauled off to the court room to face both the legal music and public humiliation, we should understand that the two-fold reason for archiving corporate e-mail these days is first to provide litigation support, and second to ensure that companies can prove regulatory compliance.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

This week, we continue our discussion of e-mail archiving, which as you will see has little to do with helping you retain your old e-mails and everything to do with covering the corporate backside.

Once, e-mail archiving was just a way to get older messages off production systems by transferring a large bulk of old data onto cheaper tape media. Times have changed. Today we live in a litigious age, where lawsuits are commonplace. Also, the increased emphasis on the part of both lawmakers and shareholders to make sure that corporate officers act both ethically and responsibility is having an effect. The individual business ethics of some corporate leaders not withstanding, properly managed archiving processes are clearly a useful tool in helping to maintain shareholder value in a publicly held company.

Every corporate officer in the northern hemisphere should love a good archiving system. After all, in many cases today's CEOs and other corporate honchos have lost the protection that working for an incorporated body once afforded. Now that they can be hauled off to the court room to face both the legal music and public humiliation, we should understand that the two-fold reason for archiving corporate e-mail these days is first to provide litigation support, and second to ensure that companies can prove regulatory compliance.

Support for litigation falls within two broad categories. The first - retention and disposition - refers to an e-mail system's ability to retain e-mail for as long as regulatory issues demand, and to dispose of unneeded messages in an efficient manner.

Retention is relatively straightforward: it is a system's ability to keep data available for as long as is necessary. Think of this as a two-part process: first, the system identifies the time a message was created; it them applies policies set by the administrator, (these will of course be dictated by whatever set of rules or regulations are embedded in the service-level agreement governing e-mail management, which of course will be driven by applicable rules or regulations).

Just how long messages need to be retained - and which messages must be kept - clearly will differ from industry to industry. By way of example however, companies affected by the Sarbanes-Oxley Act - generally, these are public companies and certified public accountants (CPA) - must save all business records, for "not less than five years." Public companies and CPAs must maintain audit-related documents for seven years. 

Disposition in this case refers to disposing of messages that no longer need to be kept in the system. Such messages fall into two categories, those that have been retained for the period prescribed by law, and those messages that should never be saved in the first place. What is this last group? It is that eminently purgeable aggregation of spam, viruses and other potentially dangerous content that never should have appeared in our messaging environments in the first place.

Next time, we will look at the other categories of protection in case of litigation: search, discovery and forensics.

Read more about data center in Network World's Data Center section.

Deni Connor is principal analyst for Storage Strategies NOW and host of both the Masters of Storage and Masters of Servers Solution Centers.