This white paper examines the different methods for deploying and managing email archive solutions in an organization. It also specifies key requirements that any full featured email archiving system should include.
1) Electronic evidence is becoming increasingly important in business litigation as the volume of electronically stored information continues to expand. Companies involved in litigation must preserve documents that may be relevant and implement a "litigation hold" once litigation is anticipated.
2) Failure to properly preserve electronic documents can result in severe consequences like sanctions, adverse inferences by the jury, payment of legal fees, and loss of defenses. Even inadvertent destruction of relevant electronic evidence can warrant sanctions.
3) Federal Rule 37(f) provides a "safe harbor" protecting the routine deletion of electronic data, but a company must show it follows a documented electronic document retention policy in good faith. Developing such a policy helps companies better manage electronic information
Email is the lifeblood of modern business, without which productivity and day-to-day communications soon break down. Incidents such as the failure of BlackBerry maker RIM’s back-end systems which crippled millions of BlackBerry email smartphones serve as an easy reminder of just how important email is today.
This document discusses the benefits of archiving electronic content like email for medical establishments. It notes that archiving is necessary to comply with regulations like HIPAA that require preserving patient records for long periods of time. Archiving supports legal requirements to retain content that may be needed for litigation and allows placing holds on content when requested. It also helps manage storage and reduces costs. Overall archiving is important for regulatory compliance, legal needs, and cost savings.
The document summarizes Joulé Inc.'s updated email policy and new litigation hold notice. It outlines guidelines for appropriate email use, retention and deletion policies, and consequences for inappropriate use. It also explains what constitutes a litigation hold notice and the process for preserving relevant documents and emails if one is issued.
This presentation at the 2011 ARMA Boston Spring Seminar described structural and policy elements to include in a comprehensive email policy as well as the steps involved in developing a policy.
Ahima2008 Summer Presentatione Mail KohnDeborah Kohn
The document discusses managing email for legal electronic health records. It provides a brief history of email and how email has become an important business record that must be managed. It notes that email containing protected health information is considered a patient record and must be protected and managed according to regulations. The document outlines strategies for developing an email management system, including archiving, retention, access controls and disaster recovery.
Using Email, File, Social Media and Mobile Archiving to Grow Your BusinessOsterman Research, Inc.
Archiving can be used as a primarily “defensive” capability to protect an organization from the variety of legal, regulatory and other external requirements that it will inevitably be called upon to satisfy. However, archiving can be used proactively to make employees more productive, enable a better understanding of how a business operates, and to manage risk effectively.
1) Electronic evidence is becoming increasingly important in business litigation as the volume of electronically stored information continues to expand. Companies involved in litigation must preserve documents that may be relevant and implement a "litigation hold" once litigation is anticipated.
2) Failure to properly preserve electronic documents can result in severe consequences like sanctions, adverse inferences by the jury, payment of legal fees, and loss of defenses. Even inadvertent destruction of relevant electronic evidence can warrant sanctions.
3) Federal Rule 37(f) provides a "safe harbor" protecting the routine deletion of electronic data, but a company must show it follows a documented electronic document retention policy in good faith. Developing such a policy helps companies better manage electronic information
Email is the lifeblood of modern business, without which productivity and day-to-day communications soon break down. Incidents such as the failure of BlackBerry maker RIM’s back-end systems which crippled millions of BlackBerry email smartphones serve as an easy reminder of just how important email is today.
This document discusses the benefits of archiving electronic content like email for medical establishments. It notes that archiving is necessary to comply with regulations like HIPAA that require preserving patient records for long periods of time. Archiving supports legal requirements to retain content that may be needed for litigation and allows placing holds on content when requested. It also helps manage storage and reduces costs. Overall archiving is important for regulatory compliance, legal needs, and cost savings.
The document summarizes Joulé Inc.'s updated email policy and new litigation hold notice. It outlines guidelines for appropriate email use, retention and deletion policies, and consequences for inappropriate use. It also explains what constitutes a litigation hold notice and the process for preserving relevant documents and emails if one is issued.
This presentation at the 2011 ARMA Boston Spring Seminar described structural and policy elements to include in a comprehensive email policy as well as the steps involved in developing a policy.
Ahima2008 Summer Presentatione Mail KohnDeborah Kohn
The document discusses managing email for legal electronic health records. It provides a brief history of email and how email has become an important business record that must be managed. It notes that email containing protected health information is considered a patient record and must be protected and managed according to regulations. The document outlines strategies for developing an email management system, including archiving, retention, access controls and disaster recovery.
Using Email, File, Social Media and Mobile Archiving to Grow Your BusinessOsterman Research, Inc.
Archiving can be used as a primarily “defensive” capability to protect an organization from the variety of legal, regulatory and other external requirements that it will inevitably be called upon to satisfy. However, archiving can be used proactively to make employees more productive, enable a better understanding of how a business operates, and to manage risk effectively.
ABOUT THIS WHITE PAPER A key component of this white paper program is a survey that was conducted by Osterman Research during May 2014, results of which are presented in this paper. The paper also provides an overview of its sponsors, Sonasoft, and its relevant offerings.
THE KEY DRIVERS FOR ARCHIVING ELECTRONIC CONTENT There are a variety of reasons that organizations archive their electronic content, although these will vary based on the industry that an organization serves, its risk tolerance, its corporate culture, the legal advice it chooses to follow, and the volume of electronic content it possesses. Figure 1 shows the reasons that organizations archive their electronic content and how these drivers have been changing over time. Further, we discuss the five primary drivers for archiving email and other content.
This may feel like a long way off but the obligations on businesses are onerous and the time to prepare is now. The hefty fines that GDPR promises will come into force immediately so businesses are being given plenty of warning to put procedures in place to ensure they are compliant with the regulation. Read this essential guide to getting GDPR ready.
Microsoft and Tech Data’s Ultimate GPDR GlossaryTech Data
Decipher the GDPR’s complex language using Microsoft and Tech Data’s jargon-busting guide to ensure your business stays on the right side of the new law.
One of the most important aspects of GDPR compliance is your Privacy Policy.
The GDPR has increased requirements for Privacy Policies, as well as for getting consent for your Policy terms. Learn more in this informative presentation.
Read our related blog post here: https://termsfeed.com/blog/gdpr-privacy-policy/
DCH Data Protection Training PresentationMark Gracey
This document provides an overview of a training module on data protection. It discusses how the General Data Protection Regulation (GDPR) was implemented in the UK through the Data Protection Act 2018. The training aims to help organizations understand their obligations to comply with data protection laws and ensure all employees understand their roles. It covers key concepts like personal data, processing, data subjects, controllers, and processors. It also outlines the core data protection principles of lawful, fair and transparent processing.
If your business is registered in Australia or you plan to expand your website or app to the Australian market, you must comply with the Privacy Act of 1988.
This presentation discusses the Act and how you can comply with its privacy principles to protect your company from liability.
Read the related blog article here:
https://termsfeed.com/blog/australia-privacy-act-1988/
Three men, including a Football League referee and FA referee development manager, are accused of hacking into a fellow referee's email account and stealing confidential data. If failings in the FA's data security are found, it could embarrass the organization. Proper data encryption and security practices are important for organizations to protect themselves from data breaches and resulting fines, as was shown by a £80,000 fine against a council for losing a memory stick with unencrypted sensitive information.
M6 - E Commerce - Integrity And SecurityJamie Hutt
The document discusses data privacy and integrity in e-commerce. It explains that personal data shared online needs protections, as it may travel through multiple points where it could be compromised. Companies have a legal responsibility to only use customer data for its intended purposes and prevent unauthorized access or disclosure. Laws like the UK Data Protection Act regulate proper data usage and storage, and give individuals rights over their own information. The document prompts researching data privacy laws in Thailand and examples of any personal data theft or misuse there.
Enterprise Encryption and Authentication Usage: Survey ReportEchoworx
Enterprise Encryption and Authentication Usage: A Survey Report contains the findings of market research conducted on behalf of Echoworx by Osterman Research.
The study polled the views IT decision makers and influencers, managing on average 14,000 email users per organization, to assess the adoption of encryption technologies in email for communicating sensitive and confidential records.
Privacy Breaches In Canada It.Can May 1 2009canadianlawyer
This document summarizes three key questions an organization faces after suffering a privacy breach:
1. Do they have to tell anyone about the breach? Laws in Canada currently only explicitly require notification for health information breaches in Ontario, but notification requirements are developing quickly in other areas.
2. What should they do about the breach? Organizations should investigate the breach, secure any compromised systems or information, and consider notifying affected individuals.
3. Can they be liable for the breach? Laws allow for potential liability, though the extent depends on factors like an organization's security measures and response to the breach. Overall liability in this area is still developing.
This document discusses a new approach to data leakage investigations and security called Catelas. Catelas uses behavioral science algorithms and social network analysis of log file data to map employee relationships and identify anomalous behavior, allowing proactive surveillance of the entire email network. This helps speed up internal investigations by identifying key suspects and custodians before collection begins. The approach aims to detect and contain information theft without collecting any emails. Catelas provides a single, holistic solution for security, compliance, and legal needs through intelligent collection and early case assessment.
The Threats Posed by Portable Storage DevicesGFI Software
In a society where the use of portable storage devices is commonplace, there is a real risk to business. The threat that these devices pose to corporations and organizations is often ignored. This white paper examines the nature of the threat that devices such as iPods, USB sticks, flash drives and PDAs present and the counter-measures that organizations can adopt to eliminate them.
This document discusses the importance of network environments for business success and outlines key terms and concepts. It emphasizes shared understanding between IT and business professionals and having a plan to improve network security, such as investing in antivirus software, patching systems regularly, and using passphrases instead of passwords. The document provides recommendations for securing the network, including limiting administrator privileges, restricting internet access, regularly backing up data, and communicating expectations around occasional outages.
Security Management and Disaster Preparedness for Archival CollectionsFe Angela Verzosa
presented at the PAARL Seminar-workshop on “Strategic Organization and Management of Archival Programs,” held in Vigan, Ilocos Sur, Philippines on 22 March 2005.
Spotlight on GFI EndPoint Security 2013GFI Software
GFI EndPointSecurity is a solution that provides comprehensive control over the use of portable devices like USB drives and iPods to prevent data loss and theft. It actively manages devices and file transfers by user, machine, access level and file type. Key features include volume encryption, access control policies for devices and users, data awareness to detect sensitive file types, and reporting on device usage and files copied. The solution monitors connected devices, controls data transfers, assesses risk, and logs user activity to safeguard corporate data and intellectual property without overly restricting productivity.
The Needs of Archives: 16 (simple) rules for a better archival managementTom Cobbaert
This document provides guidance on archival management through 16 rules organized under 6 themes: context, appraisal, arrangement, preservation, digitization, and access. It emphasizes the importance of understanding the history and use of archives, following national retention policies, avoiding unnecessary conservation through good storage practices, using digitization to increase access while preserving originals, and developing transparent access policies. While archival management is complex, these rules provide guidelines to help archives fulfill their roles in supporting rights, governance, history, and policy.
lecture presented by Fe Angela M. Verzosa at the AKLATAN 2016:
a regional conference on the Art of Librarianship held at Centennial Hall, Malolos Resort Club Royale, Malolos, Bulacan, on 31 August 2016
Comply with Email retention regulations in India and cut costs using cloud em...Vaultastic
This webinar addresses how a cloud email archiving solution can help you formulate a sound retention policy, protect all your email data and keep you away from the stinging costs of data breach.
ABOUT THIS WHITE PAPER A key component of this white paper program is a survey that was conducted by Osterman Research during May 2014, results of which are presented in this paper. The paper also provides an overview of its sponsors, Sonasoft, and its relevant offerings.
THE KEY DRIVERS FOR ARCHIVING ELECTRONIC CONTENT There are a variety of reasons that organizations archive their electronic content, although these will vary based on the industry that an organization serves, its risk tolerance, its corporate culture, the legal advice it chooses to follow, and the volume of electronic content it possesses. Figure 1 shows the reasons that organizations archive their electronic content and how these drivers have been changing over time. Further, we discuss the five primary drivers for archiving email and other content.
This may feel like a long way off but the obligations on businesses are onerous and the time to prepare is now. The hefty fines that GDPR promises will come into force immediately so businesses are being given plenty of warning to put procedures in place to ensure they are compliant with the regulation. Read this essential guide to getting GDPR ready.
Microsoft and Tech Data’s Ultimate GPDR GlossaryTech Data
Decipher the GDPR’s complex language using Microsoft and Tech Data’s jargon-busting guide to ensure your business stays on the right side of the new law.
One of the most important aspects of GDPR compliance is your Privacy Policy.
The GDPR has increased requirements for Privacy Policies, as well as for getting consent for your Policy terms. Learn more in this informative presentation.
Read our related blog post here: https://termsfeed.com/blog/gdpr-privacy-policy/
DCH Data Protection Training PresentationMark Gracey
This document provides an overview of a training module on data protection. It discusses how the General Data Protection Regulation (GDPR) was implemented in the UK through the Data Protection Act 2018. The training aims to help organizations understand their obligations to comply with data protection laws and ensure all employees understand their roles. It covers key concepts like personal data, processing, data subjects, controllers, and processors. It also outlines the core data protection principles of lawful, fair and transparent processing.
If your business is registered in Australia or you plan to expand your website or app to the Australian market, you must comply with the Privacy Act of 1988.
This presentation discusses the Act and how you can comply with its privacy principles to protect your company from liability.
Read the related blog article here:
https://termsfeed.com/blog/australia-privacy-act-1988/
Three men, including a Football League referee and FA referee development manager, are accused of hacking into a fellow referee's email account and stealing confidential data. If failings in the FA's data security are found, it could embarrass the organization. Proper data encryption and security practices are important for organizations to protect themselves from data breaches and resulting fines, as was shown by a £80,000 fine against a council for losing a memory stick with unencrypted sensitive information.
M6 - E Commerce - Integrity And SecurityJamie Hutt
The document discusses data privacy and integrity in e-commerce. It explains that personal data shared online needs protections, as it may travel through multiple points where it could be compromised. Companies have a legal responsibility to only use customer data for its intended purposes and prevent unauthorized access or disclosure. Laws like the UK Data Protection Act regulate proper data usage and storage, and give individuals rights over their own information. The document prompts researching data privacy laws in Thailand and examples of any personal data theft or misuse there.
Enterprise Encryption and Authentication Usage: Survey ReportEchoworx
Enterprise Encryption and Authentication Usage: A Survey Report contains the findings of market research conducted on behalf of Echoworx by Osterman Research.
The study polled the views IT decision makers and influencers, managing on average 14,000 email users per organization, to assess the adoption of encryption technologies in email for communicating sensitive and confidential records.
Privacy Breaches In Canada It.Can May 1 2009canadianlawyer
This document summarizes three key questions an organization faces after suffering a privacy breach:
1. Do they have to tell anyone about the breach? Laws in Canada currently only explicitly require notification for health information breaches in Ontario, but notification requirements are developing quickly in other areas.
2. What should they do about the breach? Organizations should investigate the breach, secure any compromised systems or information, and consider notifying affected individuals.
3. Can they be liable for the breach? Laws allow for potential liability, though the extent depends on factors like an organization's security measures and response to the breach. Overall liability in this area is still developing.
This document discusses a new approach to data leakage investigations and security called Catelas. Catelas uses behavioral science algorithms and social network analysis of log file data to map employee relationships and identify anomalous behavior, allowing proactive surveillance of the entire email network. This helps speed up internal investigations by identifying key suspects and custodians before collection begins. The approach aims to detect and contain information theft without collecting any emails. Catelas provides a single, holistic solution for security, compliance, and legal needs through intelligent collection and early case assessment.
The Threats Posed by Portable Storage DevicesGFI Software
In a society where the use of portable storage devices is commonplace, there is a real risk to business. The threat that these devices pose to corporations and organizations is often ignored. This white paper examines the nature of the threat that devices such as iPods, USB sticks, flash drives and PDAs present and the counter-measures that organizations can adopt to eliminate them.
This document discusses the importance of network environments for business success and outlines key terms and concepts. It emphasizes shared understanding between IT and business professionals and having a plan to improve network security, such as investing in antivirus software, patching systems regularly, and using passphrases instead of passwords. The document provides recommendations for securing the network, including limiting administrator privileges, restricting internet access, regularly backing up data, and communicating expectations around occasional outages.
Security Management and Disaster Preparedness for Archival CollectionsFe Angela Verzosa
presented at the PAARL Seminar-workshop on “Strategic Organization and Management of Archival Programs,” held in Vigan, Ilocos Sur, Philippines on 22 March 2005.
Spotlight on GFI EndPoint Security 2013GFI Software
GFI EndPointSecurity is a solution that provides comprehensive control over the use of portable devices like USB drives and iPods to prevent data loss and theft. It actively manages devices and file transfers by user, machine, access level and file type. Key features include volume encryption, access control policies for devices and users, data awareness to detect sensitive file types, and reporting on device usage and files copied. The solution monitors connected devices, controls data transfers, assesses risk, and logs user activity to safeguard corporate data and intellectual property without overly restricting productivity.
The Needs of Archives: 16 (simple) rules for a better archival managementTom Cobbaert
This document provides guidance on archival management through 16 rules organized under 6 themes: context, appraisal, arrangement, preservation, digitization, and access. It emphasizes the importance of understanding the history and use of archives, following national retention policies, avoiding unnecessary conservation through good storage practices, using digitization to increase access while preserving originals, and developing transparent access policies. While archival management is complex, these rules provide guidelines to help archives fulfill their roles in supporting rights, governance, history, and policy.
lecture presented by Fe Angela M. Verzosa at the AKLATAN 2016:
a regional conference on the Art of Librarianship held at Centennial Hall, Malolos Resort Club Royale, Malolos, Bulacan, on 31 August 2016
Comply with Email retention regulations in India and cut costs using cloud em...Vaultastic
This webinar addresses how a cloud email archiving solution can help you formulate a sound retention policy, protect all your email data and keep you away from the stinging costs of data breach.
KEY TAKEAWAYS The goal of this white paper is to demonstrate the critical importance of electronic archiving as a best practice for any organization to follow. Specifically:
• Archiving can be used as a primarily “defensive” capability to protect an organization from the variety of legal, regulatory and other external requirements that it will inevitably be called upon to satisfy.
• Archiving can also be used proactively to make employees more productive, enable a better understanding of how a business operates, and manage risk effectively.
• Archiving can provide hard cost savings that can be easily quantified, resulting in the ability to demonstrate a significant return-on-investment and a relatively short payback period.
• While email is the most common source of archived content, a number of other content types are becoming important to archive.
THE KEY DRIVERS FOR ARCHIVING ELECTRONIC CONTENT There are a variety of reasons that organizations archive their electronic content, although these will vary based on the industry that an organization serves, its risk tolerance, its corporate culture, the legal advice it chooses to follow, and the volume of electronic content it possesses. Figure 1 shows the reasons that organizations archive their electronic content and how these drivers have been changing over time. Further, we discuss the five primary drivers for archiving email and other content.
Webinar Mastery Series: Email Retention Regulations in India and How Business...Vaultastic
This email data management mastery series aims to educate and share Myths, Facts, Best Practices, Technologies along with live case studies.
This webinar takes a look at some of the regulations present in India that require long term email retention and how a cloud email archiving solution can help you formulate a sound retention policy and protect all email data.
The document discusses considerations for email archiving solutions. It notes that email volume is growing significantly each year, driving the need for archiving. Organizations require archiving primarily for mailbox management, compliance, eDiscovery/litigation support, and knowledge management. When selecting an archiving solution, organizations should consider how it will help manage their overall email environment and infrastructure costs while ensuring important email data remains accessible and policies can be consistently applied. Cloud-based solutions may help address these goals more effectively than on-premises systems.
Email archiving is no longer an option for organizations and the key to a successful implementation is choosing the right email archiving technology for that organization.
Brian Dirking Software Selection For Records Managementbdirking
The document discusses selecting records management software. It outlines key considerations like ensuring compliance, reducing costs through e-discovery and controlling information retention. The summary explores features needed like retention management, multi-schedule support, categorizing content and a single records management console. Implementing such a system could help with storage savings, restoration costs, discovery costs and litigation preparedness.
Email Archiving for the Financial industrykdunnjatheon
In this white paper we look at why investing in an email archiving solution is vital to businesses within the financial sector. We look at the compliance regulations financial institutions which affect how financial institutions store their electronically stored information (ESI). Read this white paper to see just how essential email archiving is...
An effective records and information management system can help control e-discovery costs by reducing unnecessary data and easing the collection and review process. Key aspects of a successful RIM program include senior management buy-in, developing a data map and retention policies, implementing classification and retention tools, educating employees, and retiring legacy data through a defensible process. Sound RIM practices can decrease risk and costs by simplifying legal holds, retrieval of critical information, and demonstrating compliance with retention requirements.
This document discusses email management challenges in today's regulatory environment. It explains that email has become critical for business but can be difficult to search and recover from backups due to Exchange database complexity. Regulations now require email retention for legal and compliance reasons. Ontrack PowerControls software solves these problems by allowing restoration of individual emails, mailboxes, and attachments directly from Exchange backups without rebuilding the entire database. It works with existing backup processes and environments.
Email Archiving and the EU’s General Data Protection Regulation (GDPR)
Email archiving is a crucial element of any data governance policy. Professional email archiving makes it significantly easier to carry out data governance at a company. Without using a professional
email archiving solution, many companies have little control of where and how email is used and accessed. It is often unclear where email is stored, whether additional local copies exist, and
whether email records are complete.
How does MailStore Server support customers to enable GDPR compliance or a corresponding data compliance policy?
It is a duty of the entire company to comply with the organizational, technical and administrative
provisions of the GDPR. In this regard, MailStore Server can help you immensely with implementing
data compliance for email communications.
Several requirements in the GDPR are based on requirements from other local regulatory bodies.
The point is to provide a high level of coverage in terms of the protection goals for IT security.
MailStore Server enables you to ensure the completeness of your company email archives. It has
featured functions that support you in your data compliance and in turn with compliance with the GDPR. Here are some ways the MailStore Server helps you manage your email archives, and comply with GDPR:
Solving the Encryption Conundrum in Financial ServicesEchoworx
Encryption has gone mainstream!
The encryption debate has captured the world’s attention. And coupled with the inevitability of another notable data breach, awareness of encryption as a tool to mitigate threat is at an all-time high. Still confidential financial statements, mortgage documents, and investment information are regularly sent unencrypted.
This white paper sets out some of the key rules, guidelines, best practices and associated risks for FINRA member firms and suggests ways that organizations can use encryption to protect themselves, their customers and representatives. In addition, it looks at some of the issues enterprises encounter when enabling email encryption technologies and ways to avoid them.
Enterprise Records Management : New challenges & Better Solutions Whitepaper ...Jone Smith
Records management has become more complex as the volume of documents and information has grown exponentially. Organizations face challenges in maintaining regulatory compliance due to gaps between requirements and capabilities. A records management solution is needed that can handle both paper and electronic records, integrate easily across systems, and scale to large volumes of information. Systemware provides a records management system that captures, indexes, stores, and manages records throughout their lifecycle to help organizations address these challenges.
ITS 833 – INFORMATION GOVERNANCEChapter 9IG AND RECORDS AN.docxvrickens
This chapter discusses records management and its relationship to information governance. It provides definitions for key concepts like records management, electronic records management, and information governance. Effective records management is important for regulatory compliance, litigation needs, and business continuity. However, implementing records management, particularly for electronic records, is challenging due to factors like changing regulations and platforms. Completing an inventory of electronic records is an important first step, though more difficult than for physical records. The inventory provides benefits like identifying record ownership and informing retention scheduling.
How Insurance Companies Increase Profits Using eFileCabinet Document ManagementeFileCabinet
This document summarizes how insurance companies are using eFileCabinet to increase profits. It discusses how going paperless saves money through lower storage costs and reduced time spent searching for documents. eFileCabinet helps companies stay compliant with regulations by securely managing sensitive customer information. It also allows for fast searching of files by name, profile, or text indexing. The webinar promotes eFileCabinet's document management and sharing capabilities.
Accounting Information Systems Australasian 1st Edition Romney Solutions Manualxexunidop
Full download : https://alibabadownload.com/product/accounting-information-systems-australasian-1st-edition-romney-solutions-manual/
Accounting Information Systems Australasian 1st Edition Romney Solutions Manual
Business records are created through transactions and meet regulatory requirements. They are stored in various formats, including paper, servers, optical media, and video. Records can be internal or external, transactional or reference, and have different retention periods depending on their administrative, legal, or historical value. The records lifecycle includes creation, distribution, use, maintenance, and disposition. Records can be physical or electronic, with electronic formats including email, wikis, blogs, podcasts, webinars and tweets.
Intranet and Enterprise Content Management Systems (ECMS) that do not deliver information quickly and efficiently are expensive electronic dumping grounds. Service desks, search, security, records handling, information sharing, all require timely information retrieval. These information retrieval applications need to be powered by categorizing and tagging your content just as e-commerce sites such as Amazon or online publishers like BBC do.
Avoid expensive electronic dumping grounds by auto-tagging contentZanda Mark
Automatically categorizing and tagging content in intranets and enterprise content management systems allows information to be retrieved more quickly and efficiently. This avoids expensive electronic dumping grounds where important information is difficult to find. By categorizing content, users can rapidly identify documents by type or topic. Pingar software automatically categorizes and tags content, allowing for faster searches and information retrieval across knowledge bases, records, and throughout organizations.
The document discusses best practices for managing archive migrations. It notes that many organizations need to migrate huge amounts of archived data as their legacy archive systems have become expensive to maintain, difficult to upgrade, and unable to meet new functionality needs. A successful archive migration requires careful planning, understanding the capabilities and limitations of the current system, choosing migration software to meet requirements, and regular communication. The document provides an overview of challenges organizations face with archive migrations and recommendations to improve the process.
Similar to Why Organizations Need to Archive Email (20)
As the price of storage and bandwidth continues to drop fast, Cloud-based services are becoming more and more attractive to small and medium-sized businesses (SMBs) which are seeking to reduce licensing costs, avoid recruiting IT staff and focus fully on their core responsibility - growing the business.
Email is a critical communications tool. Email downtime means a loss of productivity, possible compliance and regulatory issues related to data loss, or even lost revenues. Minimizing email downtime is an increasingly important part of an organization’s messaging infrastructure and of its disaster prevention and recovery strategy.
Data is the lifeblood of every organization yet many either fail to backup their data or they are not doing so properly. Losing data can be catastrophic for a business. This white paper explains why backups are important and the challenges they face.
Data is the lifeblood of every organization and business. Data theft and data loss through negligence or hardware failure can cause irreparable damage if the data is not easily retrievable. That is why making regular backups of an organization’s data are so important.
Virtualization enables companies to build fully functional infrastructures that are easily recovered and maintained with minimal effort and reduced hardware costs. Through cloning and replication, IT industries can replicate and test clients' environments without breaking clients' business continuity.
Many small and medium sized businesses are still unaware of the threats that exist. This guide to security threats for SMBs outlines the most common threats and how they can be dealt with.
It is never possible to guarantee that a company is totally secure or that a breach will not occur, however implementing the latest tools and providing ongoing, end-user education will minimize those risks and allow companies to focus more on growing their business rather than repairing it.
Managing a large and growing PC estate is no simple matter, particularly if you are doing it manually. Keeping a close watch on a couple of PCs can be straightforward, and a diligent IT manager will manage to keep such machines fully patched and free of troublesome software. But what happens when your estate grows beyond one or two machines?
This technical white paper gives an overview of how GFI EventsManager works and discusses installation and deployment issues while enabling you to calculate the number of GFI EventsManager instances required on your network.
How to Perform Network-wide Security Event Log ManagementGFI Software
This white paper explains the need to monitor security event logs network-wide and how you can achieve this using GFI LanGuard S.E.L.M. (now GFI EventsManager). It is written by Randy Franklin Smith, author of the in-depth series on the Windows security log in Windows 2000 & .NET Magazine.
How to configure IBM iSeries event collection with Audit and GFI EventsManagerGFI Software
This document explains how to configure and use GFI EventsManager to collect IBM iSeries (formerly AS/400) audit events through Audit, a software tool developed by Raz-Lee.
Through the recent acquisition of Katharion™, GFI Software is able to offer a hosted email filtering solution in conjunction with GFI MailEssentials™ and GFI MailSecurity™.
In an Osterman Research survey conducted during January 2011, decision makers and influencers demonstrated that they are decidedly pessimistic about the future of spam and malware problems for 2011.
This white paper provides a technical explanation of NDR Spam and recommend solutions that can prevent or limit exposure to this kind of unsolicited email.
How to tell if that pop-up window is offering you a rogue anti-malware productGFI Software
Rogue anti-malware products are a bane for every Internet user, especially those who have little or no technical knowhow. These are hundreds of scare ware ‘products’ on the Internet. This white paper examines this type of scam, explains how they work, what to look out for and how to prevent your computer from being infected.
Email is a critical communications tool. Email downtime means a loss of productivity, possible compliance and regulatory issues related to data loss or even lost revenues. Minimizing email downtime is an increasingly important part of an organization’s messaging infrastructure and its disaster prevention and recovery strategy.
The goal of GFI MailEssentials Complete Online is to improve business productivity by reducing the volume of junk mail. While MailEssentials Complete Online detects a vast majority of today’s junk email, we are continually working on new approaches to combat the increasing sophistication of spammers. Greylisting is one of the ways MailEssentials Complete Online reduces junk mail and saves you time.
CPU emulation has been used over the years for a multitude of objectives. It allows an application compiled for a specific target platform to be run on a host platform with a completely different or overlapping architecture set.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!SOFTTECHHUB
As the digital landscape continually evolves, operating systems play a critical role in shaping user experiences and productivity. The launch of Nitrux Linux 3.5.0 marks a significant milestone, offering a robust alternative to traditional systems such as Windows 11. This article delves into the essence of Nitrux Linux 3.5.0, exploring its unique features, advantages, and how it stands as a compelling choice for both casual users and tech enthusiasts.
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIVladimir Iglovikov, Ph.D.
Presented by Vladimir Iglovikov:
- https://www.linkedin.com/in/iglovikov/
- https://x.com/viglovikov
- https://www.instagram.com/ternaus/
This presentation delves into the journey of Albumentations.ai, a highly successful open-source library for data augmentation.
Created out of a necessity for superior performance in Kaggle competitions, Albumentations has grown to become a widely used tool among data scientists and machine learning practitioners.
This case study covers various aspects, including:
People: The contributors and community that have supported Albumentations.
Metrics: The success indicators such as downloads, daily active users, GitHub stars, and financial contributions.
Challenges: The hurdles in monetizing open-source projects and measuring user engagement.
Development Practices: Best practices for creating, maintaining, and scaling open-source libraries, including code hygiene, CI/CD, and fast iteration.
Community Building: Strategies for making adoption easy, iterating quickly, and fostering a vibrant, engaged community.
Marketing: Both online and offline marketing tactics, focusing on real, impactful interactions and collaborations.
Mental Health: Maintaining balance and not feeling pressured by user demands.
Key insights include the importance of automation, making the adoption process seamless, and leveraging offline interactions for marketing. The presentation also emphasizes the need for continuous small improvements and building a friendly, inclusive community that contributes to the project's growth.
Vladimir Iglovikov brings his extensive experience as a Kaggle Grandmaster, ex-Staff ML Engineer at Lyft, sharing valuable lessons and practical advice for anyone looking to enhance the adoption of their open-source projects.
Explore more about Albumentations and join the community at:
GitHub: https://github.com/albumentations-team/albumentations
Website: https://albumentations.ai/
LinkedIn: https://www.linkedin.com/company/100504475
Twitter: https://x.com/albumentations
GridMate - End to end testing is a critical piece to ensure quality and avoid...ThomasParaiso2
End to end testing is a critical piece to ensure quality and avoid regressions. In this session, we share our journey building an E2E testing pipeline for GridMate components (LWC and Aura) using Cypress, JSForce, FakerJS…
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofsAlex Pruden
This paper presents Reef, a system for generating publicly verifiable succinct non-interactive zero-knowledge proofs that a committed document matches or does not match a regular expression. We describe applications such as proving the strength of passwords, the provenance of email despite redactions, the validity of oblivious DNS queries, and the existence of mutations in DNA. Reef supports the Perl Compatible Regular Expression syntax, including wildcards, alternation, ranges, capture groups, Kleene star, negations, and lookarounds. Reef introduces a new type of automata, Skipping Alternating Finite Automata (SAFA), that skips irrelevant parts of a document when producing proofs without undermining soundness, and instantiates SAFA with a lookup argument. Our experimental evaluation confirms that Reef can generate proofs for documents with 32M characters; the proofs are small and cheap to verify (under a second).
Paper: https://eprint.iacr.org/2023/1886
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfMalak Abu Hammad
Discover how MongoDB Atlas and vector search technology can revolutionize your application's search capabilities. This comprehensive presentation covers:
* What is Vector Search?
* Importance and benefits of vector search
* Practical use cases across various industries
* Step-by-step implementation guide
* Live demos with code snippets
* Enhancing LLM capabilities with vector search
* Best practices and optimization strategies
Perfect for developers, AI enthusiasts, and tech leaders. Learn how to leverage MongoDB Atlas to deliver highly relevant, context-aware search results, transforming your data retrieval process. Stay ahead in tech innovation and maximize the potential of your applications.
#MongoDB #VectorSearch #AI #SemanticSearch #TechInnovation #DataScience #LLM #MachineLearning #SearchTechnology
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
UiPath Test Automation using UiPath Test Suite series, part 6DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 6. In this session, we will cover Test Automation with generative AI and Open AI.
UiPath Test Automation with generative AI and Open AI webinar offers an in-depth exploration of leveraging cutting-edge technologies for test automation within the UiPath platform. Attendees will delve into the integration of generative AI, a test automation solution, with Open AI advanced natural language processing capabilities.
Throughout the session, participants will discover how this synergy empowers testers to automate repetitive tasks, enhance testing accuracy, and expedite the software testing life cycle. Topics covered include the seamless integration process, practical use cases, and the benefits of harnessing AI-driven automation for UiPath testing initiatives. By attending this webinar, testers, and automation professionals can gain valuable insights into harnessing the power of AI to optimize their test automation workflows within the UiPath ecosystem, ultimately driving efficiency and quality in software development processes.
What will you get from this session?
1. Insights into integrating generative AI.
2. Understanding how this integration enhances test automation within the UiPath platform
3. Practical demonstrations
4. Exploration of real-world use cases illustrating the benefits of AI-driven test automation for UiPath
Topics covered:
What is generative AI
Test Automation with generative AI and Open AI.
UiPath integration with generative AI
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
UiPath Test Automation using UiPath Test Suite series, part 5DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
1. GFI White Paper
Why organizations need to
archive email
The underlying reasons why corporate email archiving is important
Over the past few years, email has become an integral part of the
business workflow. This white paper explains why email archiving
must be an integral part of every organization. It also examines
the different methods for deploying and managing email archive
solutions in an organization as well as specifying the key requirements
that a fully featured email archiving system should include.
2. Contents
Introduction 3
The corporate value of email 3
What is the ‘true’ meaning of email archiving? 3
What are the primary reasons to archive email? 3
Litigation support 5
Deploying and managing email archive solutions 6
What features should an email archiving solution have? 6
About GFI® 7
References 7
Why organizations need to archive email 2
3. Introduction
Email has become one of, if not the most important communication and business tool in use by organizations
worldwide. The growth of email use has not only created security and storage issues but more and more
organizations are finding themselves obliged to maintain records of all emails for a number of years. Email archiving
has proved to be the way forward for businesses. But why is email archiving so important for organizations?
The corporate value of email
Over the past years, email has become a primary channel of business communication. It provides organizations
with a fast medium of conveying business correspondence such as purchase orders, quotations and sales
transactions, in virtually any geographical area with the least physical effort possible. Research by Osterman
found that 46% of email users spend more than two hours each day doing something in their mailbox while as
much as 75% of a company’s intellectual property is contained within email and messaging systems.
Since emails have become the electronic substitutes of legal business documentation, the information being
passed on through this electronic correspondence constitutes a record. Consequently, such correspondence
must be retained for a minimum period of time, often established by statutes. Due to email predominance in
the business industry, various pieces of legislations have been enacted to protect personal privacy, enforce
corporate governance standards and maintain ethical conduct. The Sarbanes-Oxley Act (SOX), Gramm-Leach
Bliley Act (GLBA) and the Freedom of Information Act (FOIA) are some examples of such regulations.
What is the ‘true’ meaning of email archiving?
An email archive is a repository generally kept in a non-productive environment to provide secure
preservation of email for compliance and operational purposes. A ‘true’ email archiving system automatically
extracts message contents and attachments from incoming/outgoing emails and after indexing, it stores
them in read-only format. This ensures that archived records are maintained in their original state.
Email archiving moderates the demand for storage space by reducing the amount of online emails on the
mail server. Moreover email archives consume less physical storage space than other email storage methods.
The active approach adopted by email archiving solutions ensures that the company has a centralized and
accessible copy of all its email. This provides additional protection against accidental or intentional deletion
of emails by end-users. Email archiving also eliminates the need to search for personal archives on each and
every local machine whenever litigation support is requested.
It must be noted that ‘backup’ and ‘archival’ storage serve two different purposes. Backups are intended to
save current data against the event of failure or disaster whilst archives protect data so that it can be accessed
when needed. The cost of finding the electronic records for a discovery process can be astronomical, requiring
months of IT manpower to wade through backup tapes. Analyst firm AMR Research estimates that in 2010,
compliance spending in North America will exceed $80 billion. Email archiving systems provide advanced
search and retrieval functions. These allow users to track down email messages in a timely and cost effective
manner. Without an effective email archiving system, finding an email record is worse than trying to find a
needle in a haystack. In Murphy Oil USA vs. Flour Daniel, the defendant was ordered to restore and print the
emails contained in 93 tape backups and to absorb the total costs involved to perform this operation which
amount to $6.2 million.
Email archiving solutions allow administrators to setup access restrictions. These restrictions secure and protect
intellectual property rights as well as ensure data integrity and confidentiality in compliance to the statutes.
What are the primary reasons to archive email?
There are four predominant reasons for an organization to archive its email. These are: Compliance, litigation
support, storage management and knowledge management.
Why organizations need to archive email 3
4. Compliance
The new regulatory environment is one of the major drivers behind the increase in demand for email
archiving solutions. It is estimated that over 10,000 compliance regulations have been enacted around
the world. More stringent controls and severe penalties are forcing organizations to address regulatory
compliance more seriously. Morgan Stanley were fined $15 million to the Securities and Exchange
Commission in 2006. According to the Washington Post, “… the SEC alleges that Morgan Stanley delayed
handing over emails, destroyed others and misled SEC investigators about the efforts the firm was making to
comply with the government’s request for documents.” A $1.57 billion judgment against Morgan Stanley was
also issued in 2005 in a case where the firm failed to produce emails. The decision was overturned on appeal
but the case highlights the tough stand that the courts will take if companies fail to produce email evidence
when required.
Although the data subject to regulatory statutes varies by industry, all records that pertain to the
organization’s business activity are subject to compliance regulations. These include employee and client
records, correspondence between organizations and financial documentation. For example, the Sarbanes-
Oxley Act (SOX), affects all industries and imposes severe penalties on anyone who deliberately alters or
deletes documents with the intent to defraud third parties. This act necessitates auditors to retain audit
papers for a minimum of five years from the end of the fiscal year. Even though it is a US law, SOX is also
applicable to European companies with US listings as well as to companies which do business with the US.
For more information on Sarbanes-Oxley please visit http://www.s-ox.com.
Other legislations define requirements for specific regulated industries. For instance the Securities and Exchange
Commission (SEC) and National Association of Securities Dealers (NASD) are two of the regulators which govern
the financial community. SEC Rules 17a-3/a-4 and NASD Rules 3010/3110 oblige broker/dealer organizations to
maintain and store all emails pertaining to their trading activity for a minimum period of six years. These rules
also impose that for the first two years, this documentation must be kept in an indexed and easily accessible
storage. Investment firms Deutsche Bank Securities Inc., Goldman Sachs & Co., Morgan Stanley, Solomon Smith
Barney Inc. and U.S. Bancorp Piper Jaffray Inc. were all fined $1.65 million each for not complying with SEC Rule
17a-4 and for failing to produce emails requested during the course of an investigation. For more information
on SEC and NASD please visit http://www.sec.gov and http://www.nasd.com.
Healthcare is another heavily regulated industry. The Health Insurance Portability Accountability Act (HIPAA)
covers any type of records in both paper and electronic form that contains personal information and details
relevant to the medical history of an individual. This information is known as Protected Health Information
(PHI). Although present in probably few email messages, all organizations are bound to manage this
information according to HIPAA regulations. Firms that are subject to HIPAA regulations include healthcare
providers, health insurance firms, healthcare clearing houses and employers that provide health services. The
preservation period for medical records varies between five to six years. However, certain statutes oblige the
retention of such documentation throughout the whole life of the patient and even for two years after the
patient’s death. For more information on HIPAA, please visit http://www.hipaa.com.
The Food and Drug Administration (FDA) is the regulatory board which controls firms that make drugs, medical
devices, cosmetics and edible goods. The set of regulations which governs record management in these
industries is known as GxP. For more information on FDA and its regulations please visit http://www.fda.gov.
Government agencies too must archive email messages. These must comply with the regulations set by the
Freedom of Information Act (FOIA), the Patriot Act, National Archive Records Administration (NARA) and other
legislative entities. For more information, please visit http://www.usgs.gov/foia, http://www.archives.gov.
Although many regulations exist and each seems to have its own requirements, compliance is based on three
main concepts:
»» Data permanence – The notion that data must be retained in its original state without being altered or deleted.
»» Data security – Information that is retained must be safeguarded against all security threats which
include access by unauthorized persons as well as anything which could physically damage or endanger
the availability of the information.
Why organizations need to archive email 4
5. »» Auditability – The concept of having information duly protected but easily accessible in a timely manner
by authorized personnel whenever required.
Not all email is covered under compliance regulations. Some exemptions include spam that clearly does not need
to be saved and personal emails, although the latter can be requested as litigation support during an investigation.
Litigation support
Nearly all companies in the course of regular business activities become implicated in lawsuits. Litigation
discovery is the process in which parties involved in a lawsuit are requested by the court of law to submit
information which is relevant to the case. The company which receives the discovery request is obliged
to search its records and to submit all the relevant/requested information in a timely manner. The cost of
producing the information for litigation can be colossal and can often outweigh the damages sought in the
suit. This is most common in organizations which do not have an adequate email archiving solution in place.
For example, the cost for restoring 77 tape backups in the case Zubulake vs. Warbung (UBS Bank) amounted
to $165,954 and the relative review costs totaled to $107,694.
One issue with discovery requests is that there is no specific time limit which defines how far back a company
must search. Organizations are required to provide all copies of email relevant to the request, regardless
how backdated this may be. The completeness and availability of all the requested records and the time
required to extract this information depends very much on the organization’s email storage management
and employee behavior. Electronic documentation can be located in every reasonable place and media.
This includes email servers, PST files on desktops, laptops, PDAs, backup tapes and other removable media.
Emails stored in a local message store such as an individual’s hard disk or often other removable media is
rarely beneficial to an employer. Apart from the high cost involved to search every single machine in an
organization during a discovery request, it represents a security and intellectual property risk for the company.
Furthermore, the existence of this end-user information storage is generally unknown to the IT staff members
and can go unnoticed during the course of a discovery search. When email is not stored in a true (and
centralized) archive, restoring it consumes a huge amount of time and money, often upwards of $25,000.
Recent rulings have acknowledged that the company providing the information must endure the discovery
cost, without reimbursement.
Litigation support information must be accurate, complete and possibly in its original state. Since backup
systems are prone to error, loss or destruction of data may occur. An organization that fails to submit the
information requested in a legal discovery can be found guilty of ‘spoliation’. This is a legal term used to
describe the improper destruction of evidence (for example, deletion of company email). Such circumstances
can lead to a court ordered verdict for the other party or can lead the court to assume that the lost
information was harmful to the party that failed to produce it. This occurred in the case Zubulake vs UBS AG
Bank where due to the bank’s failure to deliver the requested email evidence, district judge Shira Scheindlin
instructed the jury to infer that the undelivered evidence was harmful to the bank. Other consequences for
spoliation are hefty fines. Philip Morris International, one of the largest tobacco companies in the world was
fined $2.75 million dollars for destroying emails in violation of a 1999 order.
Storage management
It is estimated that, one in every four organizations experiences a storage management growth in excess of
25% per year. This drastic escalation in storage requirements is mainly attributed to the increase in use of email
in general, added to the upsurge of attachments, which increased the size of the average email from 22 KB
to 350 KB. In fact, it is estimated that nearly 50% of organizations are providing more than 150 MB of storage
per user. Organizations often make use of email storage quotas to prevent message stores from growing
and degrading server performance. The downside of quotas is the effect they have on end-user productivity.
Apart from stopping users from using their email whenever their storage allowance is exceeded, quotas can
have more serious implications. For instance, quotas and subsequent blockages might drive users to delete
important messages from their mailbox in order to make room for new email.
The increase in email usage as well as the relative growth in email size has also affected the efficiency,
reliability and speed of message servers. A study by Osterman Research affirms that email stores are growing
Why organizations need to archive email 5
6. at 37% annually. Consequently keeping email in a ‘live’ (online) storage format will necessitate more physical
storage space as well as increasingly powerful hardware to handle these loads.
Compliance regulations have further contributed to the increased demand for storage by obliging
organizations to preserve old email for predefined periods.
While storage solutions can be used to deal with the problem of message storage growth, an email archiving
solution provides a more versatile way of handling this problem. Apart from centralizing your email records, an
efficient archiving solution will store the emails in a compressed format, resulting in considerable disk space
savings when compared to a traditional mail store. Furthermore, the emails will be automatically archived as
soon as they pass through the message store, thus users can clean up their mailboxes without the worry of
losing important emails. Additionally, an email archiving solution that allows authorized users to view emails
from a central repository will encourage them to do without having bulky PST files stored locally. Considering
the fact that PST files usually take 2 to 5 times more physical storage than an email archive, this would add up
to considerable disk space savings.
Knowledge management
An organization’s email system is a corporate knowledge repository. It can contain vast quantities of useful
email information which is often vital to a business and allowing access to this corporate asset can make users
more productive.
An email archiving system can provide appropriate knowledge management tools (for example, email
records sorting, advanced search and retrieval functions) that enable IT and end-users to better manage the
knowledge base contained in the company’s email archive.
Deploying and managing email archive solutions
There are two main methods for deploying and managing email archive solutions:
»» A completely in-house solution
»» A hosted solution in which the archive is maintained at a third party’s data center.
An in-house email archiving solution involves having your email repository on a server within the corporate
building. Perhaps the main advantage of in-house archiving is that the organization’s sensitive information is
stored behind the corporate firewall and is handled by its own internal staff. This ensures better control over
data integrity and confidentiality. The organization relies entirely and independently on its own resources and
can therefore assess its compliance status at any time. The main disadvantage is the upfront costs involved
and the sudden impact which the system might have on the company’s IT department. In order to deploy
an internal email archive, the company must purchase an adequate email archiving program as well as the
hardware (server) which will host the archive.
Hosted solutions require lower up-front cost than in-house solutions. Customers can get up and running
pretty quickly without the investment in hardware and IT staff. Running costs are also low since new
capabilities and software/hardware upgrades are generally implemented by the provider. In hosted solutions,
a software application located on the corporate email server captures email and migrates it offsite via the
Internet to a third party data warehouse for archiving. Authorized users can subsequently access the data
stored offsite using a web browser or compatible email client.
What features should an email archiving solution have?
»» Minimal user intervention/automation – Company emails have to be archived automatically and with
the minimal human intervention possible.
»» Indexing of records and search capabilities – Archived emails should be indexed, especially the text
content, so that search facilities will enable the quick extraction of records to support regulatory audit
requests and legal discovery.
Why organizations need to archive email 6
7. »» Data retention policy control – The system must include configuration features through which the
company can define its archiving criteria. These features should at least allow archiving of specific
mailboxes and messages from specific domains or email addresses. In such a way, unnecessary contents
such as spam and other informal correspondence is automatically excluded from the archive.
»» Security/tamper-proofing – An email archiving system must be capable of protecting records from loss,
damage or misuse. Record authenticity (i.e. preservation of a record in its original state) is one of the key
requirements in many of the content regulations imposed by the laws. In addition, archiving programs
must include access restriction features.
»» End-user and management access to archives – This feature allows a company to use its email archive
as a central knowledge repository from where authorized users can extract information required during
productivity. One further benefit is that it enables authorized users, such as compliance officers, to access
the information contained in the archive without the need for support by IT staff.
»» Support for multiple messaging platforms – The archiving system should support all major messaging
platforms to ensure standards compatibility.
About GFI
GFI Software provides web and mail security, archiving, backup and fax, networking and security software
and hosted IT solutions for small to medium-sized enterprises (SMEs) via an extensive global partner
community. GFI products are available either as on-premise solutions, in the cloud or as a hybrid of both
delivery models. With award-winning technology, a competitive pricing strategy and a strong focus on the
unique requirements of SMEs, GFI satisfies the IT needs of organizations on a global scale. The company has
offices in the United States (North Carolina, California and Florida), UK (London and Dundee), Austria, Australia,
Malta, Hong Kong, Philippines and Romania, which together support hundreds of thousands of installations
worldwide. GFI is a channel-focused company with thousands of partners throughout the world and is also a
Microsoft Gold Certified Partner.
More information about GFI can be found at http://www.gfi.com.
References
Osterman Research – http://www.ostermanresearch.com.
Messaging archiving Market Trends, 2005-2008.
Sarbanes-Oxley Compliance Journal – http://www.s-ox.com.
Compliance Pipeline – http://www.compliancepipeline.com.
Transform Magazine – http://www.transformmag.com/compliance.
U.S. Securities and Exchange Commission – http://www.sec.gov.
National Association of Securities Dealers (NASD) – http://www.nasd.com.
Why organizations need to archive email 7