Hundreds of emails a day come pouring into a user’s inbox. Keeping track of
them is a chore.
But multiply that by 500 workers in the company, or 1,000, or 20,000, and
managing that email becomes more than a chore. Some IT managers would say
it’s become a nightmare.
Well, the nightmare is getting worse.
A deluge of regulations is raining down on corporate America. Customer
privacy issues, fair trade issues and corporate bad citizenship are driving
legislative mandates and regulations that have rules for various industries
governing what information must be retained and for how long. The health
care industry and financial services are the two industries generally
considered to be the hardest hit, but the idea behind the regulations —
credibility and not a little CYA (cover your assets) — is spreading from
industry to industry.
That means it’s no longer enough to filter out spam and viruses from coming
in, managing the email in the system and then reminding users to delete
their old messages. Today, it’s fast becoming necessary to be able to sort
the business-critical emails from the CFO’s messages from his mother and
then archive those important emails in a way that they can be easily and
quickly accessed again.
”We’ve done surveys and there’s really been a reversal in attitudes on
email,” says David Via, a research analyst with San Francisco-based Ferris
Research. ”Two years ago, the prevailing approach was to delete
everything. We’ve seen almost an inversion of that. Today, they know they
have to keep it but they don’t always know how.”
A large part of the catalyst for the change is the fact that email has
replaced the memo and to a great extent even the telephone for business
communications. That means email is the communication medium of record. If
federal authorities, like the SEC and the FDA, want to monitor or be able
to audit communications, they’re going to be looking at email. When a
company is sued, lawyers will go straight to the email. Just ask Bill Gates.
”The importance is that email has become the primary business record,”
says Via. ”All internal correspondence is done via email so it comes under
the authority of all of these regulations… You have a telephone
conversation and it goes away. But email leaves a trail. If you destroy
email after 90 days, you’ve destroyed evidence that could be incriminating
but also information that could prove your innocence.”
And we’re not just talking about emails that list meeting times or where to
meet for lunch.
With a majority of business users relying on email more than the telephone
when it comes to business communications, an ever-increasing amount of
critical information is passing through a company’s email system. Sendmail,
Inc., a company that sells email archiving technology, reports that 60
percent of business critical information is stored within corporate
messaging systems. That’s up from 33 percent just four years ago. Sendmail
also reports that an average IT administrator spends five to six hours a
week recovering old messages, since more than 80 percent of end users
cannot recover them on their own.
In emails, financial expectations are discussed. Stocks might be suggested.
Sales are made. Customers make complaints. Companies make promises.
Now a growing number of businesses are realizing that they need to save
these emails. And they can’t just pack them away like receipts you toss in
a box at home. It’s much more complicated — and expensive — than that.
They need to be organized. They need to be easily accessible. When an
archived email is needed, you don’t want to have to call in half the IT
team just to find it.
”It’s not just a case of not throwing out your backup tapes,” says Gordon
Haff, an analyst with Illuminata, an industry analyst firm based in Nashua,
N.H. ”It’s a case of having policies and procedures in place. If a company
has not given any thought to this in the past, it’s relatively complex.
”It’s daunting because the consequences of messing up could be very
severe,” adds Haff. ”If there was a lawsuit or investigation, and data
that was required to be stored and made accessible wasn’t stored, that’s a
violation of the law. There’s even the potential for criminal charges and
they could certainly include IT management.”
What to Save and How to Do It
One of the issues is that you can’t save everything and you don’t want to.
Just storing data isn’t enough. Storing lots and lots of documents and
files isn’t what’s needed either. The stored emails need to be searchable
and accessible.
”What the software companies in the market are doing is attempting to allow
customers to set policies so you don’t have to save everything. It’s
Information Lifecycle Management,” says Doug Chandler, a program director
at Framingham, Mass.-based IDC, an industry analyst firm. ”It’s too
expensive and not very efficient to save everything. What needs to be saved
and available and what needs to be saved but not instantly available?
There’s a lot of policies to set… It’s not a situation of traditional
software and services. There’s a lot of different elements here.”
So this is not even close to a solely IT project. Business leaders,
corporate attorneys and human resource people need to sit down together,
pour over the regulations and set up the policies. What emails can be
safely discarded? Maybe none. What emails need to be stored so that they
are immediately available? How do you categorize and cross categorize them?
Will you need a third-party to come in and do this for you? Can it be
managed inhouse?
These regulations are coming down at a time when the economy is still
stumbling and IT budgets are leaner than they’ve been in years. Can
companies afford to do this now? Analysts say they really don’t have a
choice.
”Companies need to spend money on certain things to be compliant with
laws,” notes Haff. ”Accountants are expensive too. This is one of those
things that companies really don’t have the choice to economize on. I don’t
think it’s a huge expensive relative to IT expenditures as a whole, but it
certainly is an expense. How expensive will partly depend on how well laid
out and how structured the current policies and procedures are… Either
way, it can’t be avoided.”