Educause Security Discussion mailing list archives
Re: Email Archiving/Enterprise Information Archiving
From: Clifford Collins <collinsc () FRANKLIN EDU>
Date: Wed, 21 Jul 2010 17:27:04 -0400
We are in the midst of sorting out what to do with e-mail and other sensitive documents in terms of data retention and destruction. I am interested in knowing why you permit folks to keep e-mail indefinitely. It sounds like an e-discovery nightmare and mis-application of e-mail. Let me give you my context. If you were still dealing with U.S. postal mail then would people be leaving the original correspondence folded back in their envelopes, stored in cartons with labels like "vendors" or "personal" on them, sitting on their desk? Probably not. They would file them in folders in a personal or deprtmental filing cabinet (you remember the rows of filing cabinets) or just throw them away (or maybe shred them). As the filing cabinets begin to bulge with documents the staff would periodically be forced to clean them out (perhaps according to some retention policy). Because we allow the bad habit of not saving important correspondence in a folder on our departmental share where it belongs but, instead, leave it in a folder in our e-mail, our mail system has become our personal and departmental filing cabinet. After all, it is too easy to just leave it there instead of putting it where the department can find it! And thus e-mail accounts bloat with stuff that doesn't get purged. And when we reach our storage quota (the filing cabinets are full) we beg for more space because disks are cheap! And our legal counsel gets heartburn! Wouldn't it be better to require people to save important documents to the departmental or personal share they are assigned and automagically expunge all messages that are more than six months old? That way, people are forced to decide whether to keep it. Otherwise, it will be trashed according to the University's retention and destruction schedule. Also, the departmental data steward has to periodically review what is in the departmental share and expunge useless or expired information that might violate that same policy and possibly become fodder for an e-discovery. No different from clearing out old stuff from the physical filing cabinets. Sorry for the flow of consciousness. We had a close brush with e-discovery a while back and woke up to the cost of diverting our IT department to the arduous task of restoring EVERYTHING from years back and finding every message that pertained to the subject of the litigation. Big $$$$$$!! and stopping everything else in IT for several weeks or even months! We began to question whether backups should be "ooops protection" for the careless staff member or should exist for disaster recovery only and merely go back two major backup sets (fulls and incrementals). This way staff are responsible for taking the "correspondence" they receive out of the "envelope" (the e-mail system) and filing it in the appropriate "filing cabinet" (shared drive). The shares get backed up regularly and can be restored if something important got deleted but would involve the data steward (and a little bit of grief for the user) as it should. Going back to the USPS analogy, imagine the look you would get from your postal carrier if you asked him to give you a backup copy of a letter he delivered two days ago! Why do we expect this of our e-mail services? And think of the savings in backups! I don't know. Am I making any sense? We've allowed people to embrace the wrong analogy with the way they use e-mail. It is a message delivery mechanism and not a document storage mechanism (despite the tools they find in the mail software). We need to retrain folks to file important stuff in the right place and not leave "boxes of mail" in their opened envelopes sitting around on our desks (perhaps a poor analogy) waiting for one to accidentally slide into the trash or worse, get discovered by a litigant's lawyer who relishes e-mail pack rats. If I am wrong then somebody set me straight or put me out of my misery! Clifford A. Collins Information Security Officer Franklin University 201 South Grant Avenue Columbus, Ohio 43215 "Security is a process, not a product" ----- Original Message ----- From: "Patrick Feehan" <Patrick.Feehan () MONTGOMERYCOLLEGE EDU> To: SECURITY () LISTSERV EDUCAUSE EDU Sent: Wednesday, July 21, 2010 4:22:52 PM GMT -05:00 US/Canada Eastern Subject: [SECURITY] Email Archiving/Enterprise Information Archiving We are in the process of evaluating an e-mail archiving solution for Montgomery College. Our initial reason to consider e-mail archiving was to meet the storage challenge and email retention issues. We use Exchange, Outlook, and Outlook Web Access. We note, in the process, that Gartner is retiring the E-Mail Active Archiving Magic Quadrant and replacing it with a new Magic Quadrant for Enterprise Information Archiving. Is the concept of email archiving as a siloed activity already past its prime? Have any of your schools using Exchange implemented an e-mail archiving solution? If so, did you look for a tool that goes beyond e-mail to assist with e-discovery, legal holds, SharePoint files, electronic information archiving, records management policies, etc? If yes, which features/capabilities did you decide were important? Was ability to grow into enterprise information archiving important to you? Thanks in advance for any thoughts you can offer. Patrick J. Feehan JD, CIPP Director of IT Privacy & Cybersecurity Compliance Montgomery College (240) 567-3087 patrick.feehan () montgomerycollege edu
Current thread:
- Email Archiving/Enterprise Information Archiving Feehan, Patrick (Jul 21)
- <Possible follow-ups>
- Re: Email Archiving/Enterprise Information Archiving Clifford Collins (Jul 21)
- Re: Email Archiving/Enterprise Information Archiving Jesse Thompson (Jul 22)
- Re: Email Archiving/Enterprise Information Archiving Ken Connelly (Jul 22)
- Re: Email Archiving/Enterprise Information Archiving Chris Boniforti (Jul 22)
- Re: Email Archiving/Enterprise Information Archiving Jesse Thompson (Jul 22)