Think You Don't Need an Email Management System? Think Again

In a previous post, I highlighted an interesting study from AIIM, “Email Management: The Good, the Bad, and the Ugly.” Since reading that study, a few of the findings keep nagging at me — specifically, that 54 percent of the organizations participating in the survey have yet to implement email management. Here are the top 6 reasons those participants gave, followed by some points to consider if you are still on the fence.

[ ] We're happy to rely on backup tapes.

Backup and archive are not the same. Backups take periodic snapshots of active data so you can recover it in the event it's deleted or destroyed. OK for use in an emergency, backups usually contain multiple copies of messages, and there's no clear information about which messages exist on which backup tape — an eDiscovery nightmare waiting to happen. Think of backup as a short-term insurance policy to facilitate disaster recovery. Think of archiving as ongoing, rapid, and precise access to years of business information.

[ ] Outlook/Exchange archiving is sufficient.

The Outlook/Exchange 2007 Archiving feature is primarily used to keep inbox size down and circumvent fixed-term deletion policies. To do this, it creates a secondary database to store messages. The default location for this database is the user's local hard drive or, if a user has both a desktop and laptop, multiple archives. Without structured deletion policies, this approach will soon cause serious compliance gaps.

In Exchange 2010, Microsoft is adding multi-mailbox search functionality that offers only basic query (date, keyword, boolean). However, every search creates messages in a "search" mailbox, which in even moderately sized enterprises will quickly become bloated and unresponsive. Storing archives in Exchange also means using expensive hardware (SAN) rather than lower-cost devices or optical disc.

[ ] We don't view email as a sufficient threat to our business to take action.

Hard to believe that organizations are ignoring the evidence (so to speak) all around them. The Federal Rules of Civil Procedure that addressed electronically stored information went into effect in 2006, and the scandals (Enron, WorldCom, Tyco…) which led to the enactment of various regulatory frameworks date back almost as far. An entire industry has built up around providing software and services to ensure compliance with these laws, which apply to both private and public organizations, across almost all sectors. Inaction or the choice to not abide by these clear and legally binding obligations for preserving records is the real threat.

[ ] We have bigger email concerns right now, e.g., security, spam, mobile, etc.

Another stunner. We know that M+Guardian users are not part of this bunch.

[ ] Our staff is responsible for filing email appropriately on paper or file shares.

It's great to hear that so many of the survey participants are confident in their employees' ability to understand and implement their organizations' email retention policies! Sarcasm aside, I truly doubt professional IT Managers trust that every single user will implement those policies. Perfectly. For every single message. Every day. Professional IT Managers implement applications and frameworks to ensure that the end result they know needs to happen, actually happens. Except in the smallest organizations (less than 15 users), no policy management usually means that each user implements their own slightly modified version of their interpretation of what the policy might mean to them. The result is a quagmire of hundreds of individualized and idiosyncratic archives that are nearly impossible to manage.  

[ ] We would like to save email to a records management system, but we don't have one.

When it comes to email management, the costs and potential penalties are high. The average lawsuit cost can easily exceed $1 million, and 30 percent of the cost is associated with IT-related tasks such as searching for emails and files. Failure to produce email records altogether during legal discovery means the organization doesn't have the evidence needed to defend itself. And if the courts determine that an organization has willingly destroyed its email records, it will be slapped with hefty fines — in fact, 84 percent of all eeDiscovery fines are due to email destruction.

We're well past the point where organizations can plea ignorance when it comes to electronically stored information. If you haven't implemented email management in your organization, today is the day to begin. We have tons of resources available, and most of them are free.  We regularly conduct public webinars and can provide material you can use to educate your team.

We have a passion for archiving, and with more than 500 M+Archive deployments in 20+ countries to date, we’ve learned a lot about how to do things the right way. Let us know how you’d like us to help.

– Pierre Chamberland
Pierre Chamberland is the Chief Energizing Officer at Messaging Architects.