1 Compliance and New Regulations Drive Demand for Information Archiving New regulations and requirements for operational transparency represent key drivers for the adoption of information archiving solutions. These drivers affect organizations of all types and sizes across numerous geographies and industries. This kit provides a high-level overview of the key regulations that many businesses cite as drivers for their information archiving projects. Industries All Finance Healthcare Government Education Regulations / Implications SOX (esp. 103, 801) Describes specific mandates and requirements for financial reporting Electronic Signatures Act Confirms that electronic contracts are equivalent to those executed on paper. FINRA Regulates its members through the adoption and enforcement of rules and regulations governing the business conduct GLBA Regulates the collection, disclosure and protection of consumers personal information SEC Enforces federal securities laws HIPAA Maintains strict rules related to the retention of Electronically Stored Information CFR , Regulate the management, maintenance, use, and disposition of records on the part of government agencies. FRCP Companies need to be prepared for electronic discovery FERPA Requires that educational agencies control the disclosure of records Our archiving solution enables organizations to comply with regulatory requirements
2 Organizations are Fined for Non-Compliance The Financial Regulatory Authority (FINRA) has served as the primary issuer of archiving-related fines in recent years. FINRA fines doubled in 2009, when it levied $50M in penalties and resolved 1,090 disciplinary actions, up from $28M in fines from 1,007 actions in This growth is expected to continue in 2010 as FINRA and other regulators become more aggressive in their pursuit of violators. Company Summary Piper Jaffray South Shore Hospital Metlife Citi Group Zurich Insurance FINRA fined Piper Jaffray $700,000 non-compliance with retention requirements. Piper Jaffray failed to retain about 4.3M s from November 2002 to December 2008 and it also failed to inform FINRA of their retrieval issues, inhibiting the firm complying with extraction requests in a timely manner. The hospital violated HIPAA by losing the personal information for roughly 800,000 people while in-transit to a contractor for destruction. South Shore Hospital will be facing federal fines & penalties for non-compliance ranging from $50,000 to $200,000. In case of personal complains, the hospital would have to handle 800,000 individual settlements. FINRA fined Metlife $1.2M for failing to review messages. FINRA found especially significant the company s failure to properly review correspondence, leading the firm to miss clear indications of violations of the firm s outside activities policies. Citi Group was fined 750,000 for non-compliance with archiving requirements at the end of This follows a previous fine of 1.6M, again, for non-compliance with archiving requirements. Zurich Insurance will be fined $2.27M by Financial Services Authority for the loss of detailed personal data over 46,000 customers. The data was housed on an unencrypted back-up tape that was lost during a transfer to a storage center. The financial and reputational penalties for non-compliance are high and raising. Archiving can help.
3 Key terms CFIP CFR ESI FEHA Definitions / Relevance Compliance Terminology Coordination of Federal Information Policy describes the role of the Director of Office Management and Budget around record management policies. The Code of Federal Regulations is the codification of the general and permanent rules and regulations published by the executive departments and agencies of the Federal Government of the USA. Electronically stored information, which includes employee generated content ( s, texts, social media, IM activity ), has to be and archived for easy access. Fair Employment and Housing Act that is specifically applicable to California FINRA The FINRA (Financial Regulatory Authority) was formed by the merger of the NASD and the NYSE s regulation committee in it s a non-governmental organization that performs financial regulation of member brokerage firms and exchange markets. FISMA FRCP GLBA GRC HIPAA Federal Information Security Management Act defines guidelines around record management policies. The 2006 Federal Rules of Civil Procedures require all organizations to maintain complete archives with ESI that is readily accessible in the event of litigation. The Gram-Leach-Bliley Act allowed commercial banks, investment banks, securities firms, and insurance companies to consolidate. GLB compliance is mandatory, there must be a policy in place to protect the information from foreseeable threats in security and data integrity. Governance, Risk Management, and Compliance is the umbrella term covering an organization s approach across these 3 areas. Governance, risk and compliance are increasingly being related integrated and aligned to some extent in order to avoid conflicts. The Heath Insurance Portability and Accountability Act maintains strict rules on retaining ESI. All healthcare organizations must take steps to simplify and standardize electronic data exchange, and protect the confidentiality and security of all electronic health data managed by the organization.
4 Key terms MDM NARA NASD NYSE SEC SOX (Sarbanes- Oxley Act 2002) USC Compliance Terminology (2) Definitions / Relevance Master Data Management refers to infrastructure, tools and best practices for governance of official corporate records that may be scattered across diverse databases and other repositories. The United States National Archives and Records Administration is an independent agency of the USA government charged with preserving and documenting historical records and with increasing public access to those documents The National Association of Security Dealers was a self-regulatory organization of the securities industry responsible for the operation and regulation of the Nasdaq stock market and the over-countered market. the NASD merged with the NYSE s committee to form the FINRA. The New York Stock Exchange provides a means for buyers and sellers to trade share of stocks in companies registered for public trading. Financial services are the most heavily regulated industry with regards to archiving. The Security Exchange Commission is a federal agency which holds primary responsibility for enforcing the federal security laws and regulating the securities industry, the nation s stock and options exchanges, and the electronic securities markets in the USA. All publicly traded companies are required to maintain s for up to 5 years, and make them readily accessible for audits, investigations, or litigation. This was enacted as a reaction to a number of major scandals: Enron, Tyco International, WorldCom, Adelphia and Peregrine. The United States Code is a compilation of the general and permanent federal law of the USA.
5 SEC FINRA Financial Services Regulations Books and records (Rule 3110) Rule 17a-3 Rule 17A-4 & NASD 3010 Investment Advisers Act of 1940 Rule 17a-4 Advertisements and sales literature must be maintained as part of the firm s records for 3 years from the date of last use. Correspondence must also be maintained in compliance with applicable FINRA rules and SEC 17A-3 & 17A-4 Every member of a national securities exchange, must keep current a variety of books and records that relate to his/her business Securities dealers must implement specific, enforceable retention procedures, which include the following: - Messages must be stored in duplicate - Data must be verified automatically for quality and accuracy - Messages must be date/time-stamped and serialized - A searchable index of all data must be maintained - Messages and indexes must be easily retrievable and downloadable Hedge funds managers with assets in excess of $25M have to register with the SEC under the Investment Advisers Act of 1940, which includes provisions for securing electronic communication, including and instant messages (same requirements as SEC 17A-4). Records, including messages, must be preserved at least 6 years, the first 2 in an easily accessible way -Command Archive offers low-cost & long-term storage -The archive supports and indexes several data types and formats -Command Archive allows for 24/7 offline data access and search with rolebased permissions - Command Archive stores data on tamper-proof storage media (WORM) -Stored data is replicated in geographically dispersed datacenters in real-time -Command Archive offers full-text indexing and advanced search capability -All stored data is auditable -Command Archive can archive and index over 400 different file types -All archived data is stored in a single repository -Advanced exporting capability -Low-cost and long-term storage -We offer 24/7/365 data access
6 Amendments NYSE NASD Financial Services Regulations (2) Rule 3110 Rule 2860 (b) (17) Rule 342 To Rules 31a-2 and To Rules 3010 and 3110 Each member should make and preserve books, accounts, records, memoranda. The record keeping, format, medium, and retention policy shall comply with SEC Rule 17a-4 Members shall maintain and keep current separate central log, index or other file for all options-related complaints, through which these complaints can easily be identified and retrieved. Background and financial information of customers shall be maintained at both the branch office servicing customer s account and the principal supervisory office Requires that procedures be designed for review of communications between members of the NYSE and the public so that reasonable supervision can be exercised Funds and advisers can maintain all of their records in an electronic format as long as procedures are put in place to protect records from loss, alteration, or destruction ; that access to these records is limited to authorized personnel; and that electronic copies of non-electronic originals are complete, true, and legible. Specifies supervisory procedures for the review of correspondence between individual representatives and the public. -We offer default WORM storage -We offer 24/7 data access -We offer multiple export formats -We provide full-text indexing -We offer advanced search & reviewing tools for archived data -Ability to perform large exports -Command Archive offers archive data access from any web browser -Command Archive offers a highly traceable record-keeping system -Role-based archive access -Command Archive features granular legal holds -We offer different accessibility levels to the archive -Any actions taken in the archive from login is auditable and reportable -Full audit trailing capability -Command Archive offers multiple permissions levels to access data
7 Gramm-Leach-Bliley Act Financial Services Regulations (3) Pretexting protection The Financial Privacy Rule The Safeguards Rule Federal Deposit Insurance Corporation USA Patriot Act Financial institutions must implement safeguards against people trying to gain access to personal nonpublic information without properly authority to do so Financial institutions must provide each consumer with a privacy notice, explaining where the info is shared, how it is used and how it is protected, at the time the consumer relationship is established and annually thereafter Financial institutions must design, implement, and maintain an information security plan to protect customer information; it also applies to credit reporting agencies, appraisers and mortgage brokers receiving info from financial institutions Provides guidance on security and management of Instant Messaging. Social Media communications need to be supervised, reviewed, and retained Requires records retention for suspicious communications associated with money transfer and laundering -Data encryption in transit and at rest (AES- 256 bit) -Role-based archive access -Command Archive leverages world-class datacenter infrastructure (SAS 70 II, ISO 27001, PCI-DSS, etc) -We offer AES-256 bit encryption -Command Archive complies with PCI-DSS standards -We encrypt data at all times (in-transit & at-rest) -We ensure 100% data capture -Command Archive offers the ability to store multiple data types (>400) in a single repository -Command Archive features advanced search feature to retrieve suspicious files SB 1386 (only in California) Requires any agency, person, or business conducting business in California that owns or licenses computerized data that contains personal information to disclose any breach of security -Command Archive archiving system ensuring 100% data capture -Command Archive encrypts data at all times (in-transit & at-rest)
8 USC CFR Government Agencies Regulations 36 CFR CFR CFR USC USC 3106 Agencies must institute adequate records management controls over the maintenance and use of records wherever they are located. Records must be organized, classified and made available for their authorized retention period. Agencies must also maintain permanent records. Agencies must ensure the proper disposition of their records, regardless of format or medium, so that permanent records are preserved and temporary records no longer of use to an agency are promptly deleted or disposed of in accordance with the approved records schedule. Agencies must establish procedures for addressing records management requirements, including recordkeeping requirements and disposition, before approving new electronic information systems or enhancements to existing systems. Head of each Federal Agency shall make and preserve records containing adequate and proper documentation of the organization, functions, policies, decisions, procedures and essential transactions of the agency and designed to furnish the info necessary to protect the legal and financial rights of the Government. Head of each federal Agency shall notify the Archivist of any actual, impending, or threatened unlawful removal, defacing, alteration, or destruction of records in the custody of the agency of which he is the head that shall come to his attention. -We offer enterprise-grade SLAs -We offer flexible retention policy -Command Archive ensures no comingling of archived data -Command Archive is compatible with numerous content types and platforms -Command Archive features on-demand purge -We enable companies to include their archiving strategy as part of their overall ESI strategy -We offer future-proof archiving -We offer different level of accessibility to archive data -We have a user-friendly platform -Command Archive features full-text extraction of >400 file types -The archive has a full audit trail -Ability to place data on legal hold -We offer a super admin role to override any action taken
9 Government Agencies Regulations (2) U.S. Department of Defense Directive Electronic Signatures Act CFIP OMB Circular A- 130, par. 8a (1) (k) The Paperwork Reduction Act Create, maintain and preserve information as records, in any media, that document the transaction of business and mission in wartime and peacetime to provide evidence of DoD Component organization, functions, policies, procedures and decisions Any government agency s record-keeping obligations may be solely through the maintenance of electronic records if those records accurately reflect the information set forth in the record, and remain accessible to all persons who are entitled to access, in a format that can be accurately reproduced. The Director of the Office of Management and Budget shall oversee the application of records management polices, principles, standards, and guidelines, including requirements for archiving information maintained in electronic format, in the planning and design of information systems Federal agencies must incorporate records management and archival functions into the design, development, and implementation of information systems. Agencies must implement and enforce applicable records management procedures, including requirements for archiving information maintained in electronic format, particularly in the planning, design, and operation of information systems. -We offer an archiving service compatible with numerous content types and ( ) platforms -Command Archive allows to search any archived data in a single repository -Command Archive features full-text indexing to easily review archived data -We offer multiple accessibility levels -Data can be downloadable in several formats (PST, NSF, HTML, PDF, EML ) -Command Archive offers a low TCO solution to comply with shrinking budgets -Command Archive is future-proof archiving and help you align with long-term design of information systems -Command Archive offers a compliant archive -Command Archive is a future-proof archiving solution that streamlines migrations -Command Archive enables to archive both and file data -The archive is fully auditable
10 Government Agencies Regulations (3) NARA General Records Schedule 20 Federal CIO Council NPG C FISMA (2002) Freedom of Information Act This schedule provides disposal authorization for certain electronic records and specified hard copy or microform records that are integrally related to the electronics records. It applies to records created or received by Federal agencies including those managed for agencies by contractors. It covers records created by computers, operators, programmers, analysts, systems administrators, and all personnel with access to a computer. Any federal agency that uses social media services to collaborate and communicate among employees, partners, other federal agencies, and the public should develop a social media communications strategy NASA procedures and Guidelines define a variety of retention requirements for both electronic and non-electronic records, including guidelines for retiring documents. Requires each federal agency to develop, document, and implement an agency-wide program to provide information security for the information and information systems that support the operations and assets of the agency. Each agency, in accordance with published rules, shall make available for public inspection and copying copies all records, regardless of form or format. -Stored data can be easily retrieved and is always readily available -We offer advanced search tools -We allow data to be recovered in its native format -Stored data stored is highly traceable -Command Archive allows admin to grant different levels of accessibility to the archive -Command Archive can handle >400 different file types and social media (w/ partnership) -All archived is stored and can be retrieved from a single repository -We offer flexible retention policy -Command Archive offers on-demand purge -Command Archive offers 11 9s of data resiliency and durability by default -We encrypt data in transit & at rest -We offer 8-way data replication -Stored data is easy to locate & export -Data is available (offline) 24/7 in matters of seconds
11 Healthcare and Life Sciences Regulations HIPAA Medicare Requires that a wide range of documents (contracts with business associates, all documents related to policies and procedures, communications from patients, authorizations and customer complaints), including s, be kept for 6 years. All records about a patient must be retained for 2 years after his death. Retained content must be stored in a robust data center that provides minimum guaranteed uptime and very high security. Imposes strict data disposal requirements, including overwriting or physically destroying all magnetic media that is no longer in use or that is given away or sold. Medical records be retained for 5 years as they relate to radiological and nuclear medicine services, and inpatient and outpatient services. Medicare and Medicaid reimbursement to rural heath clinics requires that they maintain medical records for 6 years. -We offer long-term, tamper-proof (WORM compliant) storage media -Archive service is compatible with multiple data types and formats -Command Archive features on-demand purge -We offer enterprise grade SLAs and worldclass datacenter infrastructure -Command Archive features flexible retention policy and on-demand purge -We allow to place data on legal hold -We offer unlimited scalability at a fixed price per user per month -Command Archive relies on DoD encryption standards to transfer and store data FDA The Food and Drug Administration requires that drug makers maintain records of employees contact, date of birth, compensation and other information for 3 years. -Command Archive offers both and File archiving capabilities that handle >400 different file formats
12 Healthcare and Life Sciences Regulations (2) HITECH Extension of the complete Privacy and Security Provisions of HIPAA to business associates of covered entities. Includes extension of civil and criminal penalties to business associates Maximum penalty raised to $1.5 million for all violations of HIPAA provisions ($25,000 previously) A covered entity can no longer bar the imposition of a civil money penalty for an unknown violation unless it corrects the violation within 30 days of discovery -We offer a bullet-proof archive ensuring high availability and world-class SLAs -Command Archive is a fully compliant archiving system that can handle multiple data types/formats -Command Archive offers advanced ediscovery features to locate and retrieve data in limited timeframe -Command Archive is an always-on, easy to search single repository for archived data -We offer the ability to perform large exports in compliant format -Command Archive allows to give forensic teams (legal team) access to archived data
13 FRCP Educational Institutions Regulations Rule 33 Rule 34 Rule 26 Family Educational Rights and Privacy Act Response to interrogatories allows response to an interrogatory to be electronic data or electronic documents Establishes protocols for how documents are produced to requesting parties. ESI may be requested in its original form or after translation by the responding party into a reasonably usable form. Organizations must manage their electronically stored information (ESI) so that it can be produced in a timely and complete manner when necessary Educational agencies and institutions must provides students with access to their education records, an opportunity to seek to have the records amended, and some control over the disclosure of information from the records. -Allows to perform large exports -Command Archive offers best-in-class search performance -We allow to choose from several export formats -We enable archived data to be retrieved in its native format -Command Archive offers 24/7 (offline) access to stored data -We offer powerful and advanced search capability to locate data -We enable IT to restrict access to archived data w/ permission levels -We ensure data security through DoD standards encryption
14 Sarbanes-Oxley Act of Regulations Applying to All Organizations Overall Section 302 Sections 103(a) & 801(a) Section 802 Electronic Signatures Act FRCP Rules 26 to 35 Specifies minimum retention periods for all accounting records, work papers, communications, file attachments, and documents whether transmitted via , instant messaging or other message modes CFOs and CEOs have to personally certify and be accountable for their firms record retention policies and financial reports Companies have to maintain all documents including electronic documents that form the basis of an audit or review for seven years Possible fine of up to $1M or prison sentence of up to 20 years for any person who destroys, alters, mutilates or conceals any electronic document in an official investigation Applies to all organizations doing business electronically. Allows electronically-created contracts to have the same force of law as papercontracts. It supersedes all state laws and provides a uniform method for conducting business electronically. Organizations must keep track of electronic records and be able to produce ESI as part of the ediscovery process -Command Archive is a highly scalable archive compatible with different data formats and ( ) platforms -Command Archive is a bullet-proof archive & offers best-in-class infrastructure -We offer both & file archiving in a single repository -We do not store data offline -We offer granular legal holds -We encrypt data at all times -We offer full audit trailing -We offer best-in-class search performance regardless of archive size -We offer large export optiomns -Archive data is searchable and retrievable at all times
15 California State-specific Regulations Alaska Public Records Act Arizona Public Records Law Education Code Sect Article 8 Edu. Code Sec et seq. Edu. Code Sec et esq. The public records of all public agencies are open to inspection by the public under reasonable rules Public records are defined as any document, regardless of physical form or characteristics, developed or received under law or in connection with the transaction of official business Public records are all documentary materials, regardless of physical form or characteristics, on film or electronic media pursuant to section , made or received by any governmental agency in pursuance of law or in connection withy the transaction of public business and are open to inspection by any person at all times during office hours. Metadata has recently been deemed as subject to open records requests. The governing board of every school district shall make or maintain such other records or reports as are required by law. Specifies parents rights to inspect, review, and challenge the content of a student s records maintained at the school district Specifies requirements for school districts pertaining to student directory information and exceptions to parental consent requirements. -Command Archive offers a single repository to locate and retrieve any archive document in a limited timeframe -Ability to grant access to outside users and monitor their actions -Ability to grant access to outside users for review -Command Archive archive can store and index >400 file types and formats -We offer powerful search tools to accommodate scope of ediscovery requests -Command Archive features several reporting options on archived data and activity - We offer powerful and advanced search capability to locate data -Command Archive features 24/7 access to stored data and advanced search tools -We offer advanced exporting options -Data is encrypted at all times -Command Archive allows to enable selective archiving
16 California State-specific Regulations (2) Public Records Act SB 1386 Chapter 5. Electronic Discovery Act FEHA (code 12946) -Imposes a requirement on California s state government to provide public records. -Public records are broadly defined to include any writing containing info related to the conduct of a public s business prepared, owned, used, or retained by any state or local agency regardless of physical form or characteristic Requires any agency, person, or business conducting business in California that owns or licenses computerized data contains personal information to disclose any breach of security -Expands on FRCP and takes ediscovery to yet another level. -The burden is on the company to provide the information in a reasonably usable form. -Expands ediscovery procedures to include copying, testing, or sampling of ESI. It allows for a party to demand that another party of someone acting on that party s behalf, to inspect, copy, test, or sample the ESI in the possession, custody, or control of the party when an ediscovery demand is made. -Monetary sanctions can be levied by California -Requires employers & employment agencies to maintain and preserve any and all applications, personnel, membership, or employment referral records & files for a minimum of 2 years. -Companies involved in employment-based legal complaints are not permitted to destroy records until all appeals or related proceedings are terminated -We offer 24/7 (offline) access to archived data -Command Archive offers a single repository for both and file data -We feature advanced search options to retrieve data -Command Archive ensures 100% data capture -We encrypt data at all times complying w/ DoD standards -We offer several data recovery and export options -Command Archive features multiple rolebased access to predefined data sets -We offer full audit trailing on archive activity -Our search options feature random sampling -Command Archive offers a single repository to archive both and file data -We allow to place data on legal hold -We offer automatic purge based on retention policy -We offer custodian-based search
17 Florida State-specific Regulations (3) Florida and Title XIX Chapter 286 Provides that all state, county, and municipal are open for personal inspection and copying by any person. -Command Archive offers role-based archive access -We allow to forward a copy out of the archive or recover back to mailbox Government-inthe-sunshine law -Records of personal, phone, written communications, and use of computer of those, including s and IM, for state government business must be archived and available for public viewing -Command Archive offers 24/7 (offline access to archive data based on different level permissions -We can archive s, IM, and file data Public Records Law Chap 119 Requires record custodians to allow inspection and copying of public records expect for those specifically confidential or exempt from inspection by statue -Command Archive provides several export options -We feature advanced search options as well as ediscovery feature set Public Records Law Chap 257 Requires agency to establish and maintain and active and continuing program for the economical and efficient management of records -Command Archive offers low TCO and unlimited storage for a fixed price/user/month -We integrate in records mgmt policies Public Records Law Chap. 119 & 257 & Rule 1B-24 -Require that agencies adhere to records retention schedules established by the Division of Library and Information Services of the Department of State and prohibit destruction of public records expect in accordance with those retention policies -Command Archive has flexible retention policy -The archive features a full-audit trailing capability -We allow for role-based access to predefined data sets Public records: all documents, papers, letters, maps, books, tapes, photographs, films, sound recordings, data processing software, or other material, regardless of the physical form, characteristics, or means of transmission, made or received pursuant to law or ordinance or in connection with the transaction of official business by any agency.
18 Florida State-specific Regulations (4) Rule 1B Florida Administrative Code -In providing access to electronic records, agencies shall ensure that procedures and controls are in place to maintain confidentiality for info exempt from public disclosure -Each agency which maintains public records in an electronic recordkeeping system shall provide, to any person making a public record request pursuant to Chapter 119, F.S., a copy of any data in such records -Agencies shall annually read a statistical sample of all electronic media containing permanent or long-term records to identify any loss of info and to discover and correct the cause of data loss -Each agency is responsible for ensuring the continued accessibility and readability of public records throughout their entire lifecycle regardless of the format or media in which the records are maintained. -Command Archive offers role-based and configurable search-level access -We offer full audit trailing of archive activity -Command Archive offers the ability to export data sets in a readable/usable format -Our search options allow for Random sampling -Command Archive offer 24/7/365 (offline) data access to streamline ediscovery requests Louisiana Sunshine Laws MA SPR Bulletin No.1-99 Missouri Public Records Law (Sunshine Law) All books, records, writing, accounts, letters and letter books, maps, drawing, photographs, cards, tapes, recordings, memoranda and papers are public records. All created or received by an employee of a government unit is a public record. Meetings, records, votes, actions, and deliberations of public governmental bodies be open to the public unless otherwise provided by law -We offer full-text indexing and extraction of >400 file types -We archive both & File data -We offer advanced search options -WORM/FISMA compliant storage -Command Archive allows to archive , files for a grand total of >400 different file types
19 State Agencies Regulations (5) Ohio Public Records Act Oregon Public Records Law Washington Public Records Act Wisconsin Public Records Law Virtually every type of record created by a government entity in the state, including those of alternative schools, is a public record. Every person has the right to inspect any public record of a public body in this state, except as otherwise expressly provided. Each agency, in accordance with published rules, shall make available for public inspection and copying all public records, unless the record falls within specific exemptions. Expect as otherwise provided by law, any request has a right to inspect any record -Command Archive archives , file, etc -We offer classification tools -We are a one-stop archiving solution -We offer a single repository for multiple data types w/ advanced ediscovery tools -Ability to copy or recover archived data -We offer several permission levels -We support for multiple data types and formats -Data is searchable 24/7 and available in matters of seconds -We offer enterprise-grade SLAs
20 Resources 2 Subscription Required Title Source Summary What You Need to Know About File Archiving Archiving in the Cloud: What End Users Should Consider Implementing Archiving: Investments in Planning Pay off Building an Retention Strategy Gartner ID: G Gartner ID: G Gartner ID: G Gartner ID: G File archiving should be part of an organization s data management strategy. IT professionals have many file-archiving options to choose from to meet their specific requirements for storage cost and growth, and for ediscovery and compliance. Market excitement associated with cloud computing and new cloudcomputing infrastructure capabilities is accelerating the availability of archiving as a service. Organizations should see expanded choices for archiving, including cloud-based. Successful archiving implementations depend upfront planning ad offer organizations the ability to focus on good information management policies in an organized, methodical way. This research discuss specific areas of focus for policy development, infrastructure planning, deployment and training. One of the most contentious issues inside organizations today is determining how much to save, where to save it and how long to save it for. A message retention program is becoming a business necessity as organizations struggle to comply with external regulatory requirements and internal records management needs.