Categories

• Automation
• Compliance
• Consolidation
• Data Protection
• Networking News
• News
• RAID
• Security News
• Sencilo News
• Storage News
• Uncategorized
• Vendor News
• Virtualization

Archived by Date

• September 2010
• August 2010
• July 2010
• June 2010
• May 2010
• April 2010
• March 2010
• February 2010
• January 2010
• December 2009
• November 2009
• October 2009
• September 2009
• June 2009
• May 2009
• April 2009
• March 2009
• February 2009
• January 2009
• December 2008
• November 2008
• October 2008
• September 2008
• August 2008
• July 2008
• June 2008
• May 2008
• April 2008
• March 2008
• February 2008
• January 2008

Best Practices for E-Discovery, E-mail Archiving and Data Retention - March 29, 2008

Tampa Florida - Understand what your main problems are before you purchase technology.

The biggest mistake IT managers make when researching e-mail archiving is to not fully understanding the reasons for it. Often, companies are reacting to one problem of concern, such as an audit suggestion, which leads to rushing out to buy e-mail archiving technology for FRCP, Florida Sunshine Laws, PCI or Sarbanes-Oxley compliance, and not taking into account productivity or storage problems.

Most companies will have more than one problem that can be solved with e-mail archiving and record retentation. Whether it be regulatory compliance, litigation support or storage management, make sure you understand all of your needs before you take the next step.
Create or update e-mail retention policy to reflect today's business needs.
Very few companies have an up-to-date record retention policy. An effective document retention policy will address what the document retention policy covers, the company data retention philosophy, responsibilities and procedures. It will also have retention timeframes for all types of records in a company including unstructured data like Microsoft Office files, semi-structured records like e-mail and structured records like mainframe databases. You will also want to create retention schedules that employees can easily follow and remember. Make these documents short and simple. Also document how long you will keep records (including e-mails). There is lots of good software to assist you with data migration or working with a local reseller or consulting firm is always an option.

Periodically perform a legal or regulatory refresh.
When you have a data retention policy, be sure to review it annually. Regulations and laws change regularly, and so must your data retention policy. New regulations are created regularly as well as judicial rules of evidence. Government regulatory agencies and the courts expect companies to be fully aware of new regulations and laws.

Include all stakeholders: legal, compliance, HR, finance, investor relations, engineering, production and administration.
A data retention policy affects every employee in the company and should reflect input from everyone. Create a cross-functional team that represents most business operations or departments. Interview a wide sampling of employees and departments to determine how and why they create documents; if they re-use or reference them later; and where they store the documents. This helps you create a retention policy that won't adversely affect the employees and their day-to-day work.

Focus on similarities in laws or regulations and create "high water mark" retention lengths.
Multipage retention schedules are rarely effective or followed. Simplify them as much as possible. Most data retention requirements are for minimum retention periods. Create "high water marks" for similar types of documents. For example, retention regulations for employment records vary widely from one year to 10-plus years. "It is easier for employees to follow one retention period that meets all retention requirements for all employee-related records than to try to remember many different retention periods," states Brian McCarthy CEO and Archiving Consultant for Sencilo Solutions of Daytona Beach.  "Creating high-water marks for retention periods will also make it much easier to adopt automated e-mail archiving processes," says McCarthy. 

Socialize your policy companywide.
Be sure to adequately inform employees about the new or existing policy and make it easily accessible. Many employees don't know if their company has a data retention policy or where to find it if there is one. All employees should be "trained" on a new policy, including knowing why the policy was created (legal, regulatory or other); how to use any new technology associated with the new policy; and consequences for the company and employee if the policy is not followed. Offer annual training refreshers.

Don't attempt to teach employees to subjectively recognize "business" records.
It is very difficult to create a uniform archive across a company if you are asking employees to individually decide which records are business records and what can be archived. For example, in a company of 1,000 employees, you will have 1,000 different retention policies if you rely on employees to interpret the policy and make archiving decisions. The less complicated the policy, the more uniform the archives will be.

Don't forget the e-mail use policy.
Even when you have a data retention policy, you should still publish an e-mail use policy that informs the employees of their responsibilities, including things they shouldn't do, privacy expectations and consequences for system misuse. There are alot of good archiving products on the market like award winning Barracuda Archiver, Intradyn Orca eMail archiver vs Mimosa Systems.  Some of the legacy products are for the most part over priced by today's standards like Symantec Enterprise Vault, CA's Message Manager vs EMC's Legato. 

Move e-mail retention from a manual process to an automated process.
Take e-mail archiving out of the hands of employees. Automated e-mail archiving will ensure uniform archiving, increase employee and IT productivity and most importantly, put in place a system that can ensure no message protection if a litigation hold procedure is instituted.

Discourage employees from creating personal archives (PSTs).
Most employees, in companies without e-mail archiving automation, create their own "personal archives" or PSTs for many reasons. They create them for future protection, for reference or re-use. This adversely affects employee productivity. If the company is capturing e-mail traffic, employees won't need to spend time trying to find, access and create archives.

For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/c2c.php

About Us

Sencilo Solutions is a Florida-based integrator specializing in storage, security and networking solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, NetApp, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.

Sencilo has offices throughout Florida including: Jacksonville, Daytona Beach, Miami, Tampa, St. Petersburg, Orlando, Hialeah, St. Augustine, Gainesville, Ocala, Palm Coast, Clearwater, Kissimmee, Lakeland, Maitland, Cape Canaveral

Other Projects: DR BC Replication De-Dup De-Dupe iSCSI SAN NAS VMware Security EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant Quadrent LTO Backup Exc NetBackup Networker TSM Commvault BakBone D2D D2D2T compare cloud data deduplication thin provisioning DXi Global Compression DDX virtual tape library Data Reduction SEPATON FALCON compare Celerra CLARiiON Equallogic Dell NS20 NS40 CX3-20 CX3-40 CX3-80 FAS2050 FAS3050 Xiotech Nexsan Avamar CX4