E-mail management: compliance, control, consolidation.E-mail is mission-critical. It is more important than many other IT applications and systems, taking a leading role in both internal and external business communications. It is used more frequently than telephone, fax, or physical correspondence. According to according to prep. 1. As stated or indicated by; on the authority of: according to historians. 2. In keeping with: according to instructions. 3. industry analysts, 60% of business-critical information is in e-mail. With e-mail's predominance in the enterprise, the onslaught of regulations and security requirements, and the growth of e-mail as a primary source for legal discovery, organizations are seeking tools to help them gain custody of and better organize e-mail. The baseline requirement is to retain e-mail in its original state, without alteration. Yet a recent survey by Cohasset Associates indicates that 59% of organizations do not have any formal e-mail retention policy in place. Storing e-mail on the corporate messaging system Software that provides an electronic mail delivery system. It is made up of the following functional components, which may be packaged together or independently. Mail User Agent and backup tapes is no longer sufficient. Some organizations have spent millions of dollars to recover individual e-mails for legal discovery from backup tapes and production e-mail servers. To protect the organization and ensure compliance, a robust solution is needed that treats e-mails as corporate records and controls and manages them according to an organization's policies and procedures Policies and Procedures are a set of documents that describe an organization's policies for operation and the procedures necessary to fulfill the policies. They are often initiated because of some external requirement, such as environmental compliance or other governmental for record retention, access and disposition. [FIGURE 1 OMITTED] This demand is reflected in a recent study by IT market research and advisory firm IDC that states that the demand for e-mail management applications was expected to generate revenue topping $180 million worldwide in 2004, up from just $33 million two years ago, and to continue to grow at a compound annual growth rate of over 50% through 2008. Regulatory Compliance and Records Management Corporate scandals and legal cases that involve electronic information (and e-mail in particular) are now a staple in daily news reports. With governments and regulatory bodies working to establish laws and regulations that enforce or guide the proper use, storage, access, and disposition of information, records and e-mail management have become crucial to corporate governance Corporate Governance The relationship between all the stakeholders in a company. This includes the shareholders, directors, and management of a company, as defined by the corporate charter, bylaws, formal policy, and rule of law. and risk management. Regulations such as the Sarbanes-Oxley Act See SOX. , SEC 17a-4 & NASD NASD See: National Association of Securities Dealers NASD See National Association of Securities Dealers (NASD). Rules 3010/3110, FRA Fra: see Angelico, Fra; Bartolommeo di Pagholo del Fattorino, Fra; Fra Filippo Lippi under Lippi. , HIPAA (Health Insurance Portability & Accountability Act of 1996, Public Law 104-191) Also known as the "Kennedy-Kassebaum Act," this U.S. law protects employees' health insurance coverage when they change or lose their jobs (Title I) and provides standards for patient health, , FDA FDA abbr. Food and Drug Administration FDA, n.pr See Food and Drug Administration. FDA, n.pr the abbreviation for the Food and Drug Administration. Rule 11 define different aspects of managing records, including e-mail and other electronic or physical content. The Sarbanes-Oxley Act imposes hefty penalties (up to 20 years in prison) on anyone tampering tampering The adulteration of a thing. See Drug tampering. or destroying records with the intent to impede government investigations, and requires CEOs and CFOs to take personal responsibility for their accuracy and completeness. The need to capture, organize, and preserve corporate records, including e-mail records, is a fundamental requirement of compliance. SEC 17a-4 states that financial organizations must store all records for three, and in some cases six years, with the first two years in an easily accessible space. The SEC can require organizations to promptly produce copies of those records whenever they are required for investigation purposes. For example, in December 2002, the SEC levied a $1.65 million penalty on Deutsche Bank Deutsche Bank AG (IPA: /'dɔɪ.tʃə/[1]) (ISIN: DE0005140008, NYSE: DB) (English: German Bank Securities, Goldman Sachs The Goldman Sachs Group, Inc., or simply Goldman Sachs (NYSE: GS) is one of the world's largest global investment banks. Goldman Sachs was founded in 1869, and is headquartered in the Lower Manhattan area of New York City at 85 Broad Street. , Morgan Stanley  To comply with Wikipedia's , the introduction of this article needs a complete rewrite. ,
Salomon Smith Barney Smith Barney is a division of Citigroup Global Capital Markets Inc., a global, full-service financial firm, that provides brokerage, investment banking and asset management services to corporations, governments and individuals around the world. and U.S. Bancorp  This article or section needs copy editing for grammar, style, cohesion, tone and/or spelling.You can assist by [ editing it] now. Piper Jaffray Piper Jaffray & Co. (NYSE: PJC), often shortened to just Piper Jaffray or PiperJaffray, is a U.S. middle-market investment banking firm based in Minneapolis, Minnesota and is a focused on delivering financial advice, investment products and transaction execution for not storing e-mail properly and failing to produce e-mail requested during the course of the investigation. Five Wall Street brokers were fined $8.25 million by the SEC; the firms included Morgan Stanley, Goldman Sachs & Co. and Salomon Smith Barney Inc. The SEC, the New York Stock Exchange New York Stock Exchange (NYSE) World's largest marketplace for securities. The exchange began as an informal meeting of 24 men in 1792 on what is now Wall Street in New York City. and the National Association of Securities Dealers National Association of Securities Dealers (NASD) Nonprofit organization formed under the joint sponsorship of the investment bankers' conference and the SEC to comply with the Maloney Act, which provides for the regulation of the OTC market. all require brokerages to retain e-mail traffic. The brokerages that were fined failed to preserve the e-mails for three years and/or to preserve them in an accessible place for two years. However, keeping everything forever is not the answer. Regulations and policies usually establish the minimum time to retain or keep records (e.g. six years). After that period of time, organizations are permitted to destroy or dispose of those records to avoid additional storage expenses and also to minimize legal exposure beyond the legally defined periods. Clearly defining and adhering to retention policies are the key factors to avoid fines, sanctions, and legal exposure. Classifying E-Mail for Retention as a Corporate Record E-mail backups are complex and it is time-consuming and expensive to find e-mails on certain topics or belonging to certain users. Some IT departments create a second e-mail environment that replicates the production system just to be able to restore backup tapes to the replicated environment without disrupting or affecting the production system. Further, thousands of man-hours may be required to traverse all the "restored" mailboxes to recover only the e-mails that are required by the court or legal department. At times, this is done manually by opening every single mailbox, analyzing and reading individual e-mails, and copying or exporting them. The solution is to treat e-mails as corporate records and make them classified, searchable, available for fast retrieval, and subject to lifecycle and retention management. Collecting backup tapes or e-mails from user mailboxes is not enough to satisfy regulations or guarantee that captured e-mails are authentic, original, complete and unalterable. Users at any time can edit or delete e-mails from their mailboxes even before the first backup or mail-box-archived copy is taken. E-mail records must be captured before the user has a chance to tamper with them. Classifying e-mail helps in applying appropriate retention to different e-mails and also helps in organizing e-mail in hierarchical folder structures for easy navigation, searching, and retrieval. Searching for the appropriate e-mails is mandatory to comply and produce them upon request of regulatory bodies, or for legal discovery. Internal legal and compliance departments also benefit from advanced search capabilities such as Boolean operators, proximity, and other conditions applied to e-mail metadata, body, or even attachments. In addition to the normal lifecycle and retention policies, organizations involved in legal cases must manage legal holds. Once involved in a legal case, holds are applied to avoid destruction of e-mail required during the case and that could be subject to destruction based on the normal retention policy. Destruction of the e-mails subject to the hold must be suspended for as long as the case is active. New Solutions for E-mail Archiving Retaining e-mail messages for historical purposes or to be in compliance with many industry regulations. The file structure of e-mail is different than other data formats, and message archiving software is specialized for e-mail retention and searching. In most organizations today, e-mail management is either non-existent or is done using in-place technologies that fall short of what is needed to protect the organizations and ensure compliance. The new generation of e-mail management solutions goes beyond earlier, more limited products that provided simple backup or offloading of e-mail stores and products that left it to each user's discretion to decide which messages to retain. Today's e-mail management solutions are designed to address the following primary requirements: * Retain messages in compliance with regulations and corporate policies * Facilitate searching as required for legal discovery * Improve system performance and reliability * Integrate with other corporate content These tools automatically capture, classify, and index e-mail messages, create a searchable archive and manage the information lifecycle according to corporate retention and disposition rules. Offloaded to secondary storage to improve the efficiency of the e-mail system, the archive remains accessible to users, auditors, and compliance officers. The Figure represents an overview of an e-mail management solution that enables the capture, organization, access, retention and disposition of e-mails. To meet today's requirements, a solution should allow you to: * Capture everything you need--but only what you need. That means taking the decision on which messages to retain out of the users' hands and automating it according to rules you establish. You should be able to screen on subject, sender, recipient, message content and date. Ensure you can store attachments with messages and avoid duplicating messages that are sent to multiple recipients. * Establish flexible, automatic classification based on business rules and content analysis. This is a logical structure that can be organized by user, by chronology, by organizational function or by some combination. The classification system can also assign codes that determine length of retention and disposition. * Maintain accessibility for users, compliance officers, and corporate managers via the e-mail client Same as e-mail program. and a specialized user interface. Retrieval should be based on categorization and/or full-text search A search that compares every word in a document, as opposed to searching an abstract or a set of keywords associated with the document. Word processors and text editors contain full-text search functions that let you find a word or phrase anywhere in the document. of messages and attachments. * Implement an e-mail management software infrastructure that supports multiple storage options, including emerging network-attached storage See NAS. . * Seamlessly integrate with your plans for implementing a sound ILM strategy that will allow you to manage all types of information from creation to disposition. A solution that addresses these criteria will improve performance of e-mail systems and, more important, will support regulatory compliance, facilitate legal discovery, and integrate e-mail with other enterprise content to maximize the business value of the critical information contained in e-mails. David Winkler Winkler may refer to:
www.mobius.com |
|
||||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion