Addressing the Abandoned Email Archive Risk



Similar documents
MIGRATING YOUR EMC SOURCEONE ARCHIVE

Take Advantage of Newer, More Powerful and Flexible Solutions: Exchange 2010/2013, or Cloud Solutions such as Office 365

FIVE TIPS FOR A SUCCESSFUL ARCHIVE MIGRATION TO MICROSOFT OFFICE 365 WHITEPAPER

Reduce Cost and Risk during Discovery E-DISCOVERY GLOSSARY

The evolution of data archiving

Director, Value Engineering

Information Governance Challenges and Solutions

The Disconnect Between Legal and IT Teams

Lowering E-Discovery Costs Through Enterprise Records and Retention Management. An Oracle White Paper March 2007

ediscovery: The New Information Management Battleground Developments in the Law and Best Practices

Proactive Data Management for ediscovery

Real World Strategies for Migrating and Decommissioning Legacy Applications

BEYOND THE HYPE: Understanding the Real Implications of the Amended Federal Rules of Civil Procedure. A Clearwell Systems White Paper

Archiving: Common Myths and Misconceptions

E-Discovery Toolkit for Educational Institutions

102 ediscovery Shakedown: Lowering your Risk. Kindred Healthcare

DOCSVAULT WhitePaper. Concise Guide to E-discovery. Contents

Capstone for Records Management

Symantec Enterprise Vault and Symantec Enterprise Vault.cloud

The E-Discovery Process

A White Paper. Archiving Implementation. Five Costly Mistakes to Avoid. By Bob Spurzem. May Mimosa Systems, Inc.

ARCHIVING FOR EXCHANGE 2013

Simplify the e-discovery process by learning which tools to use and when to use them. CHAPTER 7. Proactive. Review tools. litigation hold tools.

Understanding How Service Providers Charge for ediscovery Services

Navigating Information Governance and ediscovery

In-House Solutions to the E-Discovery Conundrum

E-Discovery for Paralegals: Definition, Application and FRCP Changes. April 27, 2007 IPE Seminar

State of Michigan Records Management Services. Frequently Asked Questions About E mail Retention

W H I T E P A P E R. Symantec Enterprise Vault and Exchange Server November 2011

Discovery Technology Group

The Disconnect Between Legal and IT Teams

EnCase ediscovery. Automatically search, identify, collect, preserve, and process electronically stored information across the network.

OVERCOME REGULATORY DATA RETENTION CHALLENGES WITH COMPLIANCE ARCHIVING

Electronic Discovery How can I be prepared? September 2010

Xact Data Discovery. Xact Data Discovery. Xact Data Discovery. Xact Data Discovery. ediscovery for DUMMIES LAWYERS. MDLA TTS August 23, 2013

A CommVault Business-Value White Paper Understanding and Mitigating the Legal Risks of Cloud Computing

Product Overview Archive2Anywhere Message Stub Management

Data Sheet: Archiving Symantec Enterprise Vault Store, Manage, and Discover Critical Business Information

Archiving/Retention Frequently Asked Questions (FAQ)

Electronic Discovery: Litigation Holds, Data Preservation and Production

Using EMC SourceOne Management in IBM Lotus Notes/Domino Environments

ESI DEMYSTIFIED. Streamlining the E-Discovery Process Through Internal Processes and Controls. Melinda Burrows Bruce Cosgrove*

Solution Brief. Archiving from Office 365 for Compliance and ediscovery. 1) Capture Everything

A Modern Approach for Corporations Facing the Demands of Litigation

Archiving and The Federal Rules of Civil Procedure: Understanding the Issues

ARCHIVING. What it is, what it isn t, and how it can improve your business operations

REDUCING COSTS WITH ADVANCED REVIEW STRATEGIES - PRIORITIZATION FOR 100% REVIEW. Bill Tolson Sr. Product Marketing Manager Recommind Inc.

Records Retention & E-Discovery. Preserving Electronically Stored Information for Litigation

Veritas Enterprise Vault.cloud for Microsoft Office 365

GUIDELINES FOR USE OF THE MODEL AGREEMENT REGARDING DISCOVERY OF ELECTRONICALLY STORED INFORMATION

Predictability in E-Discovery

Are Mailboxes Enough?

10 Point Plan to Eliminate PST Files

The ediscovery Balancing Act

Intelligent Information Management: Archive & ediscovery

Making Sense of E-Discovery: 10 Plain Steps for Producing ESI

What Am I Looking At? Andy Kass

CA Message Manager. Benefits. Overview. CA Advantage

E-Discovery in Practice: A Roadmap for Financial Institutions

State of Florida ELECTRONIC RECORDKEEPING STRATEGIC PLAN. January 2010 December 2012 DECEMBER 31, 2009

S O L U T I O N P R O F I L E. StoredIQ s Flagship ediscovery for SharePoint

3 "C" Words You Need to Know: Custody - Control - Cloud

The Intrusive Nature of Discovery in U.S. Patent Litigation

Integrated archiving: streamlining compliance and discovery through content and business process management

Rule 30(b)(6) Depositions in Electronic Discovery. Discovering What There Is to Discover

TERRITORY RECORDS OFFICE BUSINESS SYSTEMS AND DIGITAL RECORDKEEPING FUNCTIONALITY ASSESSMENT TOOL

ZL UNIFIED ARCHIVE A Project Manager s Guide to E-Discovery. ZL TECHNOLOGIES White Paper

Measures Regarding Litigation Holds and Preservation of Electronically Stored Information (ESI)

# Is ediscovery eating a hole in your companies wallet?

How to Avoid The Biggest Electronic Evidence Mistakes. Ken Jones Senior Technology Architect Pileum Corporation

Management Trends, Troubles, and Solutions

How To Manage An Electronic Discovery Project

How To Write A Hit Report On A Lawsuit Against A Company

Preservation and Production of Electronic Records

Transcription:

Addressing the Abandoned Email Archive Risk WHITE PAPER

Table of Contents 3 Executive Summary 3 Introduction 4 What are Email Archives? 4 EOL, Obsolete, and Abandoned Email Archives 5 The Risks and Costs Associated with Abandoned Email Archives 6 What to do with an Obsolete or Abandoned Email Archive 7 The Migration Process 9 The ROI of Email Archive Migration 11 Best Practices Checklist for Email Archive Migration 11 Conclusion Table of Figures 4 Figure 1. The Basic Flow of an Email Archiving System 4 Figure 2. Abandoned or Obsolete Email Archive Systems Hide Archived Data 8 Figure 3. Bulk Migration from Email Archive to File Share 9 Figure 4. Filtering Data during Migration 2

Executive Summary Stand-alone, on-premise email archiving solutions are quickly becoming outdated, either because the vendor no longer supports the email archive or because there are much better solutions available. For those companies sitting on old email archives, the question is what to do with their existing email archive; do they spend the money to keep it running as they move to newer technologies, or do they shut it down and walk away from all of that archived data. Neither option makes much sense. Keeping an obsolete email archive active to retain access to the archived information is both costly and risky. Shutting down and walking away from an obsolete email archive carries with it additional legal liabilities. The right way to move beyond the obsolete email archive is to migrate all data to another repository, or a staging area for further processing, then shut it down, and repurpose the hardware so that the original archived data is destroyed and not subject to discovery. Email archive migration is a specialized process and should only be done with trusted vendors and solutions. Keep reading for an in-depth discussion about best practices for email archive migration. Introduction As corporate data has transitioned, from mostly paper-based to now, about 95% electronically created and consumed, the information management problem has changed as well. Prior to the shift towards electronically stored information (ESI), an information-heavy day for the average office worker would have translated to 10-20 pieces of (real) mail, less than 10 work documents and a couple of extraneous pieces of marketing content. 90+% of hardcopy content wasn t considered a business record so only a couple hardcopy documents might have had to be filed for regulatory reasons. In today s business climate, individuals are buried in information all day long. Some market analysts have estimated that the average employee creates, receives, sends and shares hundreds of megabytes of content per day, a large majority of which is email and attachments. This volume can equate to hundreds of pages of content per day. Increasingly comprehensive requirements for regulatory retention and litigation preparedness further complicate today s information. The increased scope of what constitutes regulatory information, and the amendments to the federal rules of civil procedure (FRCP), which in 2006 defined ESI as discoverable, pushed many companies to adopt email archiving solutions to automatically capture the largest portion of this ESI deluge email. 3

What are Email Archives? Email archiving solutions capture email and sometimes other email system content such as calendar entries, appointments, contacts, and tasks, directly from the email system itself. The email content is then stored in stand-alone archiving applications that index all content to make it searchable for later queries (Figure 1). More recent email archives have additional capabilities such as basic records management, legal hold, and ediscovery tagging and export. When an email is sent, it passes through the email server where a copy is made and sent to the archive server where it is indexed and stored, with the index stored on a separate database server. The original email is sent to the recipient s mailbox within the enterprise, or is sent outside the enterprise for routing to other domains. The same theory of operation holds true when the email server receives email. A copy is made and sent to the email archive server (with the proper ownership information and metadata) where it is indexed and stored while the original email is placed into the recipients mailbox. Tina s Mailbox Email Archive Server Email Server Database Server Bill s Mailbox Figure 1. The Basic Flow of an Email Archiving System EOL, Obsolete, and abandoned Email archives Email Archive Server Database Server There have been many occasions in the last several years where companies receive the dreaded EOL (endof-life) notification from their email archiving vendor. Reasons include going out of business, new vendor directions, or being informed that another company purchased the vendor that was supporting your email archive and they have decided to stop support. A related situation many find themselves in is sitting on an old email archive that the customer chose to stop using several years ago and now find themselves being forced to access and retrieve old content due to a regulatory request or discovery order more about that later (Figure 2). Email Server Bill s Mailbox Figure 2. Abandoned or Obsolete Email Archive Systems Hide Archived Data 4

The Risks and Costs Associated with Abandoned Email Archives As was mentioned briefly in the previous section, there are two main reasons that trigger a need to migrate archived data from a discontinued, obsolete or abandoned email archive: ediscovery and regulatory requirements. Legal Hold and ediscovery In December of 2006, the Federal Rules of Civil Procedure were amended to better account for the digital age. Rule 34 of the new amendments focused in on the discoverability of ESI: any designated documents or electronically stored information including writings, drawings, graphs, charts, photographs, sound recordings, images, and other data or data compilations stored in any medium from which information can be obtained either directly or, if necessary, after translation by the responding party into a reasonably usable form. 1 Rule 34 started a rush by plaintiffs attorneys to begin asking for all sorts of electronic content that companies in the past had not had to deal with before. The amended FRCP also placed the burden of litigation (legal) holds on all potentially relevant electronic content, no matter where it was stored. A litigation hold is a provision in the FRCP requiring any party to an anticipated or existing lawsuit to preserve all data that may relate to a legal action involving the company. A litigation hold ensures that the documents (evidence) relating to the lawsuit are not destroyed and are available for the discovery process prior to actual court dates. The expectation of most Judges is that the discovered party must make a good faith effort to find and turnover all potentially relevant content that the opposing side has asked for in their discovery request. There are a couple caveats in reference to accessibility of data, but the overwhelming trend by Judges is if the data potentially exists, and has a possibility of pertaining to the case, the discovered party must secure and provide the data. Ignoring legal holds and ediscovery requirements, or not taking them seriously, can be extremely costly to an organization that is drawn into a lawsuit. Large fines, punitive judgments, loss of case, or even jail time can be the result of playing fast and loose with the ediscovery process. Regulatory Retention Requirements Compliance with Federal, State and local laws requiring the retention and availability of specific records are an accepted reality for most organizations. Companies in highly regulated industries such as financial services, energy, healthcare, and pharmaceutical manufacturers have highly prescriptive laws (regulations) pertaining to the types of records they must maintain and make available for inspection for specific periods. If an organization employs anyone, pays corporate taxes, or has investors, they have federal regulatory retention requirements. Much like the previously mentioned ediscovery requirements where the opposing counsel can ask for content relevant to a case, regulatory agencies can ask an organization for specific records that should have been retained. This information or records request is usually unscheduled and carries with it the expectation that the organization should be able to respond fully in a relatively short time. The inability to respond fully can trigger fines, penalties, and lawsuits by the regulatory agencies. Abandoned Email Archives are still a Liability Both ediscovery and regulatory requirements can place a costly burden on an organization if ESI exists in a repository not easily accessed. Many organizations with obsolete or abandoned email archives may find they are forced to access, filter, and migrate their archived email data quickly. Because regulatory and ediscovery requests are in essence obligatory, many organizations find themselves paying extremely high prices to get content out of their archive in the timeframe 1 FRCP Rule 34 Cornell Legal Information Institute http://www.law.cornell.edu/rules/frcp/rule_34 This was ruled to include email and associated data 5

provided by the Judge or Federal Agency. Those that forget about the existence of their archive, or for whatever reason cannot access it, have a high probability of incurring much higher costs in the form of fines, penalties, lost cases, and negative public relations. What to do with an Obsolete or Abandoned Email Archive If your organization has an aging, obsolete, or abandoned email archive, proactively migrating the entire content store is a good business strategy for the legal and regulatory reasons stated above. The primary question to address when dealing with a migration project is what you plan on doing with the archived data. Additional questions include; do you plan to move the entire archive to another repository such as office 365 or into your current email system?, are you responding to a discovery or regulatory request?, or do you want to proactively characterize the archived content so you can decide what to keep and what to defensibly dispose of during the migration process? Having answers to these questions before the migration begins will save time and cost in the end. Know your Situation The creation, use, and disposal of ESI can carry liabilities unknown ten years ago. Many organizations have run into conflicts with regulatory agencies and the courts for inadvertent actions. Many lawsuits have been lost before the trail began because someone unintentionally disposed of or lost ESI that they should have kept. With that said, it is never a good strategy to simply turn off and walk away from an email archive. There may be data important to your business, subject to regulatory retention, or potentially relevant to a current or anticipated lawsuit. There are only two legally defensible processes available to shut down an email archive: 1. Migrate the complete email archive into another repository for continuing availability and management, or 2. Migrate the entire archive to a staging area, characterize the migrated content, filter the content to determine what to keep, and defensibly dispose of the rest. Shutting down an email archive and repurposing the hardware without considering the liabilities of the archived content could be extremely risky. You could be faced with an order to reassemble and access the archived content, even if the content has been partially written over. If unable to retrieve the content, you could face a destruction of evidence judgment if it is later determined you should have anticipated the archived content could be relevant in a lawsuit (a low probability but not zero). Before any migration begins, you should ask your legal department to sign off on the migration project. Questions to ask your legal department to respond to in writing are: Does the organization have any regulatory retention requirements that, based on retention period and the age of the archived content, could be present in the email archive? Does the organization have ediscovery or legal hold requirements for data potentially present in the email archive based on the ediscovery timeframe for the lawsuit? Develop a Plan First Before a migration plan is completed, every department should be consulted to determine if they have records requirements that could be affected by the email archive migration. The obvious planning participants include the legal department, the CFO, and the Chief Compliance Officer. Other not so obvious departments include human relations, investor relations, PR, information security, R&D, and records management. Most departments in an organization should have detailed knowledge about their specific information requirements. 6

A migration plan should address these specific questions: Why does the organization need to migrate the email archive? What brand/type of email archive does the organization have? Where will the migrated data go? Most vendors have rearchitected their products, and, consequently, their customers are faced with an opportunity to upgrade or migrate to a new solution. A significant number of organizations are opting to migrate to a cloud archive. Gartner 2013 Magic Quadrant for Enterprise Information Archiving 2 Are there any lawsuits or regulatory information requests that should be taken into consideration? Are there any regulatory retention requirements? Does chain of custody need to be maintained? Will the entire email archive be migrated into another repository? Will there be any filtering or culling required? Will some of the data be disposed of? The above questions are not a comprehensive list but provide an idea of topics to consider. For example, if you are migrating an email archive because you need to respond to an ediscovery or regulatory information request, you need to consider things like maintaining chain of custody, ensuring metadata is not altered during migration, and immediately securing migrated content under a legal hold until it can be fully screened for relevance. If your company has decided to migrate your email archive because it has reached EOL, has been replaced with a new product by the vendor, or because you have simply decided to move to a different platform (and you do not have any legal or regulatory requirements surrounding the data) the migration would be a much more straightforward process. The Migration Process As stated earlier, there are two main migration strategies; migrate everything to another repository or, migrate the entire email archive to a staging area, process/filter the content, and finish the migration. When simply migrating the email archive in its entirety and depositing it into another repository (Figure 3), the main concerns to address are: 1. Who manufactured your email archive? The answer to this question will also tell you the format the archived data is stored. 2. What types of email data were archived: email, email and attachments, task lists, appointments, contacts, notes, completed tasks, accepted appointments, refused appointments, data movements, deleted items and all metadata? Many email archive vendors simply grabbed email and attachments from the journal mailbox so were not able to capture much metadata or other content types. The Mimosa NearPoint Email Archive, on the other hand, was able to archive a much more comprehensive data set. 3. Where will the migrated data be deposited: files shares, Microsoft Exchange, Office 365, or other? 4. Based on the end repository, what format does the migrated data need to be in? 2 http://www.keyinfo.com/assets/attachments/gartner-magic-quadrant-for-enterprise-information-archiving.pdf 7

As noted in question #1 above, a major consideration is the manufacturer of the email archive. The key to a troublefree email archive migration is to utilize a solution that can recognize and work with the archived data format and has experience doing so successfully. A more complex migration process includes extenuating circumstances surrounding the archive and reason for the migration - especially when ediscovery or regulatory inquiries are involved or you want to filter for specific content and dispose of the rest. The additional step of deduplication, culling, categorization and disposing of unneeded content will add to the cost of the migration but can save a great deal more than it will cost in storage savings, in ediscovery costs, and in productivity improvements. Email Archive Server Archive 2-Anywhere Migration Server File Share Email Archive SQL Server Archive 2-Anywhere SQL Server Figure 3. Bulk Migration from Email Archive to File Share Additional Migration Issues Email archive regulatory inquiries, legal hold requirements, and ediscovery response, require full knowledge of the migration application capabilities and careful handling of the migration while in process. When migrating an obsolete email archive due to ediscovery response, the data should be moved to a staging location so the archive content can be searched for case relevant content. The actual movement of the data must be accomplished so that no content, including all metadata, attachments, hyperlinks etc., is altered. The data chain of custody should also be maintained so that any questions about data originality and alterations can be addressed later. In a discovery situation, you must be able to assure the court that all potentially relevant information was found, reviewed for relevancy, and secured under a legal hold. When dealing with these kinds of special circumstances, or if you plan to filter and cull the archived data before it is moved into another repository, a staging location and additional information management capability is needed so that additional processing can be completed before final migration. Figure 4 below shows the additional staging process. 8

Staging area for Dedup, Culling, Categorization, Defensible Disposal Cloud Storage Email Archive Server Archive 2-Anywhere Migration Server Legal Dept SharePoint Email Archive SQL Server Archive 2-Anywhere SQL Server File Share Figure 4. Filtering Data during Migration Shutting Down the Abandoned Archive - Defensibly The final step many companies neglect after they have migrated all content out of their obsolete email archive is to repurpose the email archive hardware so there is no possibility of recovering any data from the old archive based on an ediscovery request. If data is potentially retrievable, an attorney may be able to convince the Judge that data could exist on the abandoned email archive system. Once the migration has been completed, reformat the archive storage and repurpose it to be used with other solutions so it can never be discovered in the future. The ROI of Email Archive Migration Return on investment or ROI is an often-misunderstood investment performance measure used to evaluate the quality (gain) of an investment. Many vendors broadly misuse ROI to mean dollar cost savings - but ROI is always expressed as a percentage. As you will see a little later in this section, cost savings is one of the variables needed to calculate ROI but the cost of the investment (solution) is also an important variable. So what is the return on investment (ROI) for proactively migrating email from your old abandoned email archive due to litigation issues? To calculate the cost savings for a migration investment, first you need to estimate what it would cost 9

to quickly respond to an ediscovery request by hiring experts and consultants to fire up the abandoned email archive and search it for relevant information. Keep in mind that for regulatory requests and ediscovery orders, the information searched for and pulled out must not be altered during the process, including any metadata; otherwise, any deletions or alterations could be considered destruction of evidence. Generally speaking ediscovery experts can cost $200 to $400 per hour, per expert, for this type of rush service. In real world situations, the estimated cost to run this process successfully would be hundreds of thousands or even millions of dollars. The next step is to estimate the cost to respond to a discovery request after the migration has occurred taking into account the straightforward search and retrieval - probably one or two days work by a couple of IT people. Conservatively this cost could reach between $2,000 and $5,000 at the most. Therefore, in this example, the cost savings calculation would include the cost of the process before the investment minus the cost of the process after the investment. However, keep in mind a cost savings does not equal an ROI calculation. To finish the ROI calculation, the cost of the investment needs to be subtracted from the cost savings as well as divided into the cost savings. The ROI formula looks like this: ROI = (Cost of the process before the investment cost of the process after the investment) the cost of the investment Cost of the investment As an example, the cost of reacting to a regulatory or ediscovery request to retrieve specific data out of an abandoned email archive and searched for relevance is approximately $250,000. We have already estimated the cost of searching the migrated content at $5,000. The cost savings would be $245,000 ($250,000 - $5,000). To calculate the ROI, you need to figure in the cost of the investment. For this example, the cost of the solution (investment) for the proactive migration of all data from the email archive is estimated at $35,000. Using the ROI formula above, the calculation would look like this: ROI = ($250,000 $5,000) $35,000 $35,000 or 600% A 600% return on investment is a good return - few investments approach that type of gain. The key is to conservatively estimate real-life costs and cost savings. 10

Best Practices Checklist for Email Archive Migration Understand why you are migrating data from your obsolete email archive Consult with all potentially affected departments Determine what vendor sold the archive and what types of data they were capable of archiving Understand what data your email archive captured Document how far back the email archive goes start date Verify any legal and regulatory requirements that could affect data in the archive, i.e. any outstanding regulatory or ediscovery requests in a given date range Determine the final repositories for the migrated data and any format requirements Create a migration plan and get legal to sign off Understand any bandwidth limitations and plan accordingly Work with a vendor experienced with your email archive, with a documented record of success Alert any affected end-users to the new location of their data When deleting data, do it in a defensible manner document all policies followed Wipe and repurpose all email archive hardware Document every step in the process followed conclusion Email archives have been around for many years and are now being eclipsed by new technologies and capabilities. This evolution has caused several email archiving vendors to leave the business, stranding thousands of their customers with obsolete email archives offering only expensive upgrades to remedy the situation. As a result, many customers have chosen to simply abandon their obsolete solutions leaving huge amounts of data behind. These huge data archives have become a growing liability due to regulatory and ediscovery requirements and as the abandoned email archives age, the cost to recover data increases dramatically. It is never a good business strategy to abandon an email archive. The only legally defensible thing to do with an abandoned archive is to migrate all the data to another repository for characterization, filtering, retention and defensible deletion to ensure required ediscovery and regulatory retention requirements are met. 11

About Archive360 Archive360 provides next generation software tools for email archive migrations. As an Independent Software Vendor (ISV), Archive360 works directly with customers and a global network of specialist partners. Archive360 designs solutions to handle the most demanding archive migration projects in the world. Archive360 is committed to protecting your email records for every business, regulatory and end-user requirement, with complete chain of custody reporting. Whether you're migrating your data to a new on-premise archive or into a cloud solution, Archive360 s products are engineered to cope with highly complex migrations and high volumes. For more information, please visit http://www.archive360.com. Archive360 Global Headquarters: 1737 S Naperville Road Suite 101 Wheaton, IL 60189 USA P: +1 (630) 358-4448 E: info@archive360.com @Archive360 ARCHIVE360.COM Copyright 2014 Archive360, Inc. 12

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information