When the lawyers come knocking on the CIO's office door, will you be ready?
Any IT pro responsible for archiving email must be able to answer that question these days. And chances are, if you work in a large enterprise, you've already answered it. Still, it's worth reexamining your strategy in light of new products, services, and news stories.
Consider the frequency of email hitting the headlines. In the latest example, WikiLeaks reportedly intends to publish hacked emails between Syria's government and various international suppliers. (At the time of this writing, the other shoe had yet to drop, but it was expected to do so shortly.)
Email has been at the heart of WikiLeaks' continuing controversies. Last October, the US government succeeded in forcing Google and ISP Sonic to relinquish information regarding email associated with WikiLeaks volunteer Jacob Appelbaum -- a controversial figure in his own right (see video below).
In that case, Sonic's struggle to resist the government's order to give up user data drew into focus the fact that the laws don't necessarily protect digital information from search and seizure. Indeed, the government issues thousands of requests for user information annually to ISPs, to Google, and to social networks like Twitter.
In a report, the Electronic Frontier Foundation has issued various grades to companies that can be relied on to fight back against these requests. Twitter, Google, and Sonic ranked highest. In contrast, Foursquare and Verizon basically "flunked."
All of this should encourage enterprise IT professionals to review their approach to email archiving. For instance, the extra storage and e-discovery features offered by cloud services such as LiveOffice has made them popular with enterprise customers. But what assurances does a firm have that its data is as secure as possible, that its information will be backed up in case of network failure, and that management will be alerted when the government calls?
Providers like LiveOffice do have answers ready. But it's up to the individual IT professional to ensure that the answers are satisfactory and thorough.
Despite some speculation about the demise of email, today's headlines prove its disappearance is not imminent. Instead, IT pros must ensure their approach to email archiving is more organized than ever.
Haha, slfisher, indeed: Some analytics experts do say the more data you feed in, the more information you get out. Does that necessarily apply to regular internal corporate email? Maybe only for certain departments and LOBs. The kind of unstructured data these folk are analyzing is customer data, information about transactions, etc.
I've heard of the government coming after email in gmail, say, but not against that of a private company in the cloud, though I suppose it's just a matter of time.
As far as archiving, many experts agree with Kim and say delete as much as possible. Then we've got the big data guys who do increasingly sophisticated analysis, who want more data. It will be interesting to see who wins.
I've had some experience with document retention policies at large corporations.
As suggested above, they need to be responsive to regulatory requirements, business functionality, and legal requirements. The policies should obviously cover electronic communications.
In my own opinion, the basis from which you start is that if you don't need to keep it, get rid of it -- and that means really get rid of it. You never want to have to go back over massive archives which nobody ever filtered or winnowed properly.
I wonder if some spam email may at some future time be used as "evidence" in a lawsuit. Just imagne a prosecutor or plaintiff attorney arguing that some unsolicited email to your account is proof of some wrongdoing on your part.
With spam still a good portion of email traffic, it wouldn't be hard to image some attorney putting a case together on such premises.
Financial and healthcare records must be kept for specified time periods...
That's an excellent example of how there's no single best solution -- because it depends on various government requirements. As you noted, Financial and healthcare records must be kept for specific time periods, but presumably that requirement doesn't extend to every business. So smaller companies that aren't legally required to keep records may choose to reduce their IT budgets by minimizing email servers and data archiving.
All these issues make me wonder how much spam is being archived because an IT dept is legally required to maintain all records and spam can't be deleted b/c there's a risk that legit emails will also be removed....
Mary - I am sure that the factoring of loss is something that companies large and small take into consideration, in email and other communications. I would imagine that it is difficult if not impossible to place a pricetag on it. Sometimes the cost is small, sometimes high - sometimes the cleanup is manageable, other times, it is a real mess.
It is no easy task, and I don't pretend it is for any company - again, large or small.
For better or worse, lots of companies are regulated in terms of how long they keep email. It depends on the industry you're in. Financial and healthcare records must be kept for specified time periods, I think.
Sad but true that we may learn the hard way about email's vulnerabilities, SteveGNYC. When you mention that the danger is part of the price paid for convenience, it seems like a no-brainer that companies would start factoring in potential losses when tallying the cost and ROI of archived email services and products.
The ThinkerNet does not reflect the views of TechWeb. The ThinkerNet is an informal means of communication to members and visitors of the Internet Evolution site. Individual authors are chosen by Internet Evolution to blog. Neither Internet Evolution nor TechWeb assume responsibility for comments, claims, or opinions made by authors and ThinkerNet bloggers. They are no substitute for your own research and should not be relied upon for trading or any other purpose.
Enterprises are discovering that using social networking within the secure setting of a SaaS provider's network gives them an unusual opportunity to freely collaborate with partners, suppliers, and even competitors.
All the recent hoopla about cloud security overlooks an important point, which is that it's not strictly a cloud problem. The linkage of online services into cooperative chains creates the risk, and only biometrics and federation of providers can save us.
What can users today do to protect their online privacy? The simplest and most obvious option is to not use the Internet – at all. However, once all digital information is consolidated over the Internet, trying to protect digital identity by simply unplugging from the Internet becomes impossible – a fact that has manifest implications for civil liberties, Saunders says.
By 2011 the number of Internet-connected sensors will exceed 1 trillion, making your chances of doing anything or going anywhere unnoticed pretty much zero. Saunders talks about how the 'sensortization' of the Internet is eliminating the traditional divide between online and offline populations.
The 20th Century Internet was characterized by the ability to interact with other people and information on the Internet largely without anyone knowing who you were. The Internet of this century, conversely, will be defined by identity. Saunders explains how Internet users are unwittingly contributing to the demise of the anonymous Internet.
The Amazon smartphone rumor and the Apple mini-iPad rumor show that the mobile device giants think they have to be in all the device spaces to win. Why? Because the cloud can create an ecosystem where every device can cooperate to support the user, and if you don't supply all the devices you miss out on the total value.
A combination of an announcement by DT and a Pew survey is showing us what the next-gen Internet may look like, and why. The demand for flexible services, created by rewired, iPhoned, social brains, combines with cloud and optical technology to create something totally new!
The whole Amazon.reader debate is a double-stupid. It's stupid to think that there's any e-book buyer who doesn't know Amazon's URL, and it was stupider to let ICANN launch the whole free-form TLD initiative to start with.
Enterprises would like to move to cloud computing but are hesitant because they are concerned about providers’ ability to secure company data. Here are some tips that help to ensure that if breaches occur, the business is not left holding the bag.
Edmunds separates customers into segments based on the info it collects on its site and from partners, and uses that to push out custom content, said Brian Baron, director of business analytics for Edmunds.com, at Predictive Analytics Innovation Summit.
The automotive website uses propensity modeling to target ads and customer registration forms, said Brian Baron, director of business analytics for Edmunds.com, at Predictive Analytics Innovation Summit.
Expert Integrated Systems: Changing the Experience & Economics of IT In this e-book, we take an in-depth look at these expert integrated systems -- what they are, how they work, and how they have the potential to help CIOs achieve dramatic savings while restoring IT's role as business innovator. READ THIS eBOOK
your weekly update of news, analysis, and
opinion from Internet Evolution - FREE! REGISTER HERE
Wanted! Site Moderators Internet Evolution is looking for a handful of readers to help moderate the message boards on our site as well as engaging in high-IQ conversation with the industry mavens on our thinkerNet blogosphere. The job comes with various perks, bags of kudos, and GIANT bragging rights. Interested?