A 15-Minute Guide to 15-MINUTE GUIDE

Similar documents
WHITE PAPER Practical Information Governance: Balancing Cost, Risk, and Productivity

EMC PERSPECTIVE EMC SourceOne Management

Can CA Information Governance help us protect and manage our information throughout its life cycle and reduce our risk exposure?

W H I T E P A P E R E X E C U T I V E S U M M AR Y S I T U AT I O N O V E R V I E W. Sponsored by: EMC Corporation. Laura DuBois May 2010

CA Records Manager. Benefits. CA Advantage. Overview

Add the compliance and discovery benefits of records management to your business solutions. IBM Information Management software

Capstone Compliance Using Symantec Archiving and ediscovery Solutions

Using EMC SourceOne Management in IBM Lotus Notes/Domino Environments

The archiving activities occur in the background and are transparent to knowledge workers. Archive Services for SharePoint

Streamline Enterprise Records Management. Laserfiche Records Management Edition

W H I T E P A P E R E n a b l i n g S h a r e P o i n t O p e r a t i o n a l E f f i c i e n c y a n d I n f o r m a t i o n G o v e r n a n c e

A 15-MINUTE GUIDE TO CLINICAL TRIAL DOCUMENT MANAGEMENT AND THE etmf

15-Minute Guide to Contract Lifecycle Management

MOVING TO THE NEXT-GENERATION MEDICAL INFORMATION CALL CENTER

CA Message Manager. Benefits. Overview. CA Advantage

Data Sheet: Archiving Symantec Enterprise Vault Store, Manage, and Discover Critical Business Information

Realizing the ROI of Information Governance. Gregory P. Kosinski Director, Product Marketing EMC

EMC PERSPECTIVE. The Private Cloud for Healthcare Enables Coordinated Patient Care

Microsoft SharePoint and Records Management Compliance

Brochure. ECM without borders. HP Enterprise Content Management (ECM)

Transform records management

68% Meet compliance needs with Microsoft Exchange. of companies send sensitive data via .

IBM Unstructured Data Identification and Management

Laserfiche for Federal Government MEET YOUR AGENCY S MISSION

Laserfiche for Federal Government MEET YOUR AGENCY S MISSION

IBM DB2 CommonStore for Lotus Domino, Version 8.3

The Smart Archive strategy from IBM

Extending Microsoft SharePoint Environments with EMC Documentum ApplicationXtender Document Management

Records Management and SharePoint 2013

The biggest challenges of Life Sciences companies today. Comply or Perish: Maintaining 21 CFR Part 11 Compliance

Enforce Governance, Risk, and Compliance Programs for Database Data

Lowering E-Discovery Costs Through Enterprise Records and Retention Management. An Oracle White Paper March 2007

Integrated archiving: streamlining compliance and discovery through content and business process management

5 WAYS STRUCTURED ARCHIVING DELIVERS ENTERPRISE ADVANTAGE

Implementing SharePoint 2010 as a Compliant Information Management Platform

Gain control over all enterprise content

Symantec Enterprise Vault

SMART ARCHIVING. The need for a strategy around archiving. Peter Van Camp

SAME PRINCIPLES APPLY, BUT NEW MANDATES FOR CHANGE

Top 5 reasons to choose HP Information Archiving

COMPLIANCE BENEFITS OF SAP ARCHIVING

EMC DOCUMENTUM CONTENT ENABLED EMR Enhance the value of your EMR investment by accessing the complete patient record.

Combining the power of content and process with the right content management solution. IBM Information Management software

SharePoint Will be Your Repository for Governed Content

IBM Information Archive for , Files and ediscovery

Data Sheet: Archiving Symantec Enterprise Vault Discovery Accelerator Accelerate e-discovery and simplify review

Why enterprise data archiving is critical in a changing landscape

Information Governance: CA/Microsoft Solutions for Compliance, Legal and Governance Responsibilities

Cloud computing: Innovative solutions for test environments

SAP Solution Brief SAP Solutions for Sustainability. Pave the Way for IT Innovation by Reducing Cost, Risk, and Energy Use

Top 5 reasons to choose HP Information Archiving

Document Management. Document Management for the Agile Enterprise. AuraTech Pte Ltd

IBM Unstructured Data Identification & Management An on ramp to reducing information costs and risk

Management Trends, Troubles, and Solutions

ILM et Archivage Les solutions IBM

10 Steps to Establishing an Effective Retention Policy

Hitachi Cloud Service for Content Archiving. Delivered by Hitachi Data Systems

Extend Business Scope and Improve Governance with SAP Content Management

IBM Tivoli Storage Manager

1 Product. Open Text is the leading fax server vendor in the world. *

EMC DOCUMENTUM Capital Projects Express. KEEP YOUR PROJECTS ON TRACK Flexible Document Control for Agile Teams

Compliance and Litigation Readiness System. The economic climate sparks more frequent and rigorous

EMC Documentum ApplicationXtender Add-on Modules

Global Headquarters: 5 Speen Street Framingham, MA USA P F

Consolidate and Virtualize Your Windows Environment with NetApp and VMware

Content Management for SAP Business Suite powered by SAP HANA

Informatica Application Information Lifecycle Management

Defensible Disposition Strategies for Disposing of Structured Data - etrash

Get More from Microsoft SharePoint with Oracle Fusion Middleware. An Oracle White Paper January 2008

TO BE OR NOT TO BE (Archiving), That is the question!

ARCHIVING FOR EXCHANGE 2013

Record Retention and Digital Asset Management Tim Shinkle Perpetual Logic, LLC

Reduce Cost, Time, and Risk ediscovery and Records Management in SharePoint

Driving workload automation across the enterprise

Capstone Compliance Using Symantec Archiving and ediscovery Solutions

Provide access control with innovative solutions from IBM.

Veritas Enterprise Vault Overview

How To Use The Hitachi Content Archive Platform

Archive 8.0 for File Systems and NAS Optimize Storage Resources, Reduce Risk and Improve Operational Efficiencies

Vormetric Encryption Architecture Overview

Strategies for Managing SharePoint Chaos and Legal Risk

The IBM Archive Cloud Project: Compliant Archiving into the Cloud

SOLUTION WHITE PAPER. BMC Manages the Full Service Stack on Secure Multi-tenant Architecture

EMC INFORMATION INFRASTRUCTURE SOLUTIONS FOR THE PUBLIC SECTOR. Delivering constituent value through government innovation

WHITEPAPER. Complete Lifecycle Management for Records with EAS and emanage

The evolution of data archiving

OPERATIONALIZING EXCELLENCE IN THE GLOBAL REGULATORY SUBMISSIONS PROCESS

Transcription:

A 15-Minute Guide to Retention Management 15-MINUTE GUIDE

Foreword For you as a business professional, time is a precious commodity. You spend much of your day distilling concepts, evaluating options, and managing complex transactions. When you need information, you need it in a form that can be assimilated quickly forget the mind-numbing detail and get to the point With that in mind, we ve developed our series of 15-minute guides to essential topics in information management. This guide focuses on retention management specifically, the tools and technology that enable businesses to properly retain and dispose of large volumes of content in order to reduce information management costs and adhere to legal and corporate obligations. In about 15 minutes, we ll illustrate the challenges organizations face when properly retaining and disposing of business information, suggest a framework for overcoming these challenges, and discuss various solution options and benefits. We think you ll agree that it will be 15 minutes well spent. Table of Contents Foreword...2 Introduction...3 Retention and Disposition in a Complex Enterprise Environment...4 The Piecemeal Approach...5 The Classic Records Management Approach...5 Addressing the Challenge: A Modular Approach to Retention...6 Retention and Disposition Challenges and EMC Solutions...8 EMC Documentum Platform...8 EMC Documentum Retention Policy Services...9 EMC Documentum Records Manager...9 EMC SourceOne Family... 10 Customer Success Story... 11 2

INTRODUCTION Information is the life blood of any modern-day enterprise many organizations will succeed or fail based on the accuracy, availability, and security of their information. As a result, information needs to be managed as a critical corporate asset according to a well-designed information governance strategy. Quite simply, companies that design and implement processes and systems with specified decision rights and accountability for how information is created, stored, used, retained, and disposed of will have a distinct competitive advantage. Organizations must confront significant challenges when designing and implementing an information governance strategy for today s complex business environment. Exponential growth in electronic content: Systems need to manage this growth and simply archiving information to maintain overall performance is not enough. Organizations must ultimately dispose of it according to consistent policies that both fulfill regulatory and legal obligations and reduce information management costs. Increased pace of regulatory change: Business and IT managers must respond to a wide range of rapidly changing rules and regulations that govern the management of information in order to address an increasingly complex legal and compliance landscape. A much wider range of unstructured content: The face of unstructured information requiring governance has expanded to include e-mail, file systems, and a rapidly growing set of social networking content such as wikis, blogs, and user-generated content. Regulatory and legal requirements have expanded to include much of this content under formal management policies, and specific content types may have specific retention and disposition needs. The basis of any information governance strategy is the appropriate retention and disposition of electronic and physical information, or retention management. A well-designed retention management solution provides a cost-effective means to better cope with large volumes of content; adhere to rapidly changing compliance standards; and effectively respond to operational, corporate, and regulatory demands. 3

RETENTION AND DISPOSITION IN A COMPLEX ENTERPRISE ENVIRONMENT It is critical for organizations to have good information governance in order to operate in today s complex business environment. If implemented without a well-thought-out strategy and design, governance practices have the potential for slowing down operations and inhibiting successful business results. However, a well designed information governance strategy actually has the opposite effect by freeing users and organizations from the worry of policy compliance and allowing them to focus on delivering better products and services. Moreover, rapidly changing industry trends, such as cloud computing, are redefining the boundaries of IT infrastructures. With more data and applications moving outside of corporate firewalls, information governance becomes the means by which businesses can move to the cloud with confidence that their content is being appropriately managed. At the foundation of good information governance is knowing where all an organization s enterprise content resides and that its use is being carefully managed. As a result, it is a business imperative in today s environment that organizations ensure that their content is retained and disposed of according to corporate policies and/or industry regulations. This capability must both be broadly deployed and efficiently implemented. Organizations can have a wide range of information retention and disposition requirements. Content may be well organized - residing in an enterprise repository with readily available metadata for controlling retention. Or it may be unmanaged - spread around the extended enterprise in a variety of network locations and formats. Some content, such as contracts, government filings, or case management files, is mission-critical with highly regulated, long-term retention and access control requirements. Other content, such as twitter feeds, blogs, or daily newsletters, may be transitory in nature with a very short shelf life and few privacy concerns. Businesses and vendors have attempted to address this wide range of retention management needs using a number of approaches. 4

THE PIECEMEAL APPRoaCH In response to the growing volume and complexity of content that needs policy-driven retention management, many vendors have added a semblance of retention management to each of their products - forcing businesses to implement an overall solution by specifying content retention policies within each individual product. Each separate product then runs on its own, managing the retention of the content under its control. Organizations that address retention management with this approach can encounter many problems, including: Inadequate retention and disposition capabilities: Many products don t have the necessary retention and disposition capabilities to satisfy compliance, certification, or other regulatory imperatives across all content, resulting in holes in a retention management strategy and a difficulty to enforce policies. Inability to implement consistent retention policies across different products: Each product has its own retention engine, with its own set of management interfaces. Attempting to coordinate retention activities across systems can result in retention errors, inconsistent results, and perhaps most worrisome, an inability to demonstrate compliance. Inability to easily update retention policies: Updating retention policies across multiple products can be time consuming, expensive, and difficult to accomplish in a rapidly changing regulatory and e-discovery environment. This piecemeal approach makes it difficult for organizations to scale their retention management capabilities to the extended enterprise. THE ClassIC RECORDS MANAGEMENT APPRoaCH Classic records management systems provide extensive retention and disposition capabilities for content that is being managed to rigorously defined standards. Individuals, processes, or business systems can declare content as a formal record. The content is then managed by a records management system with a broad set of system-enforced capabilities, including the ability to: Specify and implement a file plan that details security, content permissions, retention duration, and disposition criteria Specify and implement a rich set of user and role-based record access controls Support and implement litigation holds on content that must be retained for specific legal or regulatory investigations independent of disposal status Monitor and manage audit trails detailing record possession, condition, transfer, and/or immutability This type of rigorous records management approach is necessary for a subset of enterprise content whose management may need to conform to mission-critical, regulatory, or legal standards. Records management systems can enable companies to comply with wide-ranging recordkeeping requirements, reduce the cost of litigation and audits, and appropriately dispose of content once it has fulfilled regulatory and compliance obligations. 5

But this formal approach is not necessary for much of the other content in large, enterprise systems. This broader set of content needs appropriate retention and disposition controls in place, but may not need the additional controls required by formal records management. The time and effort required for both users and administrators to implement records management s broad, system-enforced capabilities can make it impractical for wide-scale deployment. ADDRESSING THE CHALLENGE: A MODULAR APPROACH TO RETENTION The two approaches outlined above illustrate the fundamental challenge to retention management in an enterprise environment. How can robust retention management capabilities be consistently implemented across the enterprise while simultaneously minimizing deployment time and cost, and the impact on user and administrator productivity? Responding to this challenge in today s complex environment demands a modular approach to records and retention management. This approach avoids the pitfalls of a piecemeal approach yet still provides the flexibility required to address a company s varying requirements across the entire enterprise. For an effective modular approach, a business should organize their records and retention efforts around three main areas of capabilities. Enterprise Content Management First, consider whether to deploy an enterprise content management (ECM) platform suitable for wide-scale adoption to provide essential content management capabilities. This platform should feature a unified architecture capable of storing virtually any type and format of content. By utilizing a rich set of content services, security, and access controls, users and businesses can organize, control, and access their content through a range of client interfaces. By building upon these services, retention and records management capabilities become a seamless part of an ECM platform. This platform will form the basis by which an organization can design and deliver an information governance capability that is responsive to today s complex challenges. 6

Core Retention Capability Second, strive to deliver a core retention management capability that can operate automatically, without user intervention, to consistently manage the retention and disposition of all enterprise content. This capability should be robust enough to satisfy the requirements of formal records management, yet be able to operate independently with a small deployment footprint in order to avoid the overhead of a full records management solution. Such core retention management capabilities should satisfy a broad set of regulatory, compliance, and investigative retention and disposition requirements for the bulk of a company s content. Formal Records Management Capability Finally, design a records management capability that encompasses core retention management functionality as a retention and disposition component, while also providing the complete set of additional services required for formal records management. The records management solution should have optional components in order to manage content not typically found in an enterprise content platform, such as physical records or information stored in other records management systems. This solution will be used for the specific content that must conform to mission-critical, regulatory, or legal standards. Ideally, the underlying core retention management capability will provide the same retention and disposition functionality for all content whether or not it is under the control of a records management system. A Modular Approach to Retention Management Comprehensive Records Management System Content Security, Permissions, Retention and Disposition File Plan User and Rolebased Access Controls Report and Auditing Services Monitoring and Notification Services Physical Records Services Federated Records Services RETENTION ENGINE INTERFACE RECORDS MANAGEMENT INTERFACES RETENTION AND DISPOSITION POLICY SERVICES AUTOMATIC OPERATION ACROSS ALL CONTENT TYPES Core Retention Engine WEB-BASED CLIENT AND SYSTEM INTERFACES CONTENT SERVICES, SECURITY AND ACCESS CONTROL UNIFIED ARCHITECTURE Enterprise Content Platform Benefits of a modular approach This type of modular approach provides organizations with many distinct benefits: Wider application of retention and disposition policies: Core retention management capabilities can satisfy the retention and disposition requirements for the bulk of content across the enterprise without impacting user productivity. Requiring less overhead to configure and deploy than a formal records management solution, a core retention engine becomes an efficient and effective way to deliver rigorous retention and disposition capabilities enterprise-wide. 7

Better use of resources: The overhead required for records management can be concentrated on mission-critical content that needs to be managed according to formal standards. With the bulk of content in an enterprise being retained and disposed of by the core retention engine, users and administrators are free to focus their efforts appropriately. Consistent standards: Retention and disposition capabilities are delivered according to the same consistent standards for both records and non-records. The core retention engine has the same robust retention and disposition capabilities, whether deployed as a standalone solution or as a component of a records management system. Enterprise-wide retention coverage is assured and consistent compliance to standards can be demonstrated. The growing adoption of cloud computing and the rapid changes in both social media and mobile applications will provide additional challenges to retention management. This consistent, robust, and scalable modular approach can provide a better foundation from which to respond to future changes in a complex information governance environment. RETENTION AND DISPOSITION CHALLENGES AND EMC SOLUTIONS EMC provides robust retention and disposition options that deliver the capabilities and benefits of a modular system. EMC DOCUMENTUM PLATFORM The EMC Documentum Platform provides the essential capabilities for managing enterprise content. Service-oriented and based on industry standards, the Documentum Platform supports a broad range of operating systems, databases, application servers, and enterprise applications. With simplified administration, security, and user management, it provides universal access to a single or common repository. The Documentum Platform provides the foundation for compliance and security by controlling content access through fine-grained authentication, authorization, and auditing. The platform is enterprise-class, providing a scalable, fault tolerant, extensible architecture capable of supporting both workgroups and globally distributed deployments. 8

EMC DOCUMENTUM RETENTION POLICY services CUSTOMER CHALLENGE An organization has decided to use an ECM system for managing its content in order to accelerate the flow of information across processes and improve business performance. All of the content needs to be appropriately and consistently retained and disposed of to reduce storage management costs and to satisfy a broad set of regulatory, compliance, and investigative requirements. SOLUTION EMC Documentum Retention Policy Services is a core retention engine suitable for enterprise-wide deployment. Deployed as a standalone product, or as a component of an EMC records management system, Retention Policy Services provides consistent and robust retention management capabilities for both records and non-records. Retention Policy Services is fully compliant with the retention requirements of DOD 5015.2 v3. As a standalone product, it satisfies a broad range of regulatory, compliance, and investigative requirements for the bulk of a company s enterprise content. Features and benefits include the ability to: Automate retention according to event-based triggers in workflows and business processes via robust policies. Policies are applied automatically and transparently to minimize end-user involvement and maximize policy compliance. Configure automatic disposition in the policy or define mandatory conditions that enforce administrative review and approval prior to disposal. Apply litigation holds. Litigation hold capabilities suspend disposition based on ongoing investigations and provide an interface with audit trails for the legal team. Holds can be managed by legal case matter with support for multiple overlapping holds. Set expiration dates to ensure the systematic disposal of non-records content when no retention policy or litigation hold has been applied. EMC DOCUMENTUM RECORDS MANAGER CUSTOMER CHALLENGE An organization has decided to use an ECM system for managing its content in order to accelerate the flow of information across processes and improve business performance. A subset of their content needs to be management according to mission-critical, regulatory, or legal standards satisfied by a formal records management system. SOLUTION EMC Documentum Records Manager provides formal records management capabilities and allows companies to meet stringent government records management standards including DOD 5015.2 v3. Records Manager uses Retention Policy Services as a foundational component to provide consistent retention and disposition capabilities for records and non-records alike. Records Manager provides additional capabilities required to manage enterprise content according to mission-critical, regulatory, and legal standards. These features include: Management interfaces that formally define the contents of a record along with its security model, content permissions, retention duration, and disposition criteria. A rich set of user and role-based content controls that provide the ability to manage access down to the individual record level. 9

Certifiable audit trails that detail record possession, condition, transfer, and/or immutability. Notifications that alert records owners when records are eligible for disposition, track record progress, and produce confirmation reports on records ultimate destruction. EMC Documentum Physical Records Services, which allows physical records to be linked to Records Manager and managed according to the same rigorous standards as electronic records. EMC Documentum Federated Records Services, which extends in-place records management to content located in multiple source repositories. All policies are stored in a single, virtual master repository with a single set of behaviors that ensure data integrity, while the underlying federated content remains in its source repository. EMC SOURCeone family CUSTOMER CHALLENGE An organization holds a large amount of unstructured information in their messaging system, within file shares, or within their Microsoft SharePoint environment. This content needs to be off-loaded from production servers to both improve system performance and lower storage management costs and requirements, while also being retained and disposed of appropriately to meet regulatory mandates and reduce the risks and costs of ediscovery requests. SOLUTION The EMC SourceOne family of products provides retention and disposition services for information that is typically not under the management of an enterprise content platform, such as e-mail and unstructured content in file systems or Microsoft SharePoint. The EMC SourceOne family of products enables an organization to: Consolidate policies and ensure consistent and automatic retention and disposition of content across a variety of repositories and systems, including Microsoft Exchange, IBM Lotus Notes Domino, native files systems, and Microsoft SharePoint for litigation preparedness and good information governance. Reduce the operational costs and boost the efficiency and performance of the production environment. The EMC SourceOne family leverages a tiered storage infrastructure to reclaim capacity and enhance performance, reduce storage requirements, and improve backup and recovery operations. Provide DOD 5015.2 v3 certification of e-mail records when paired with EMC Records Manager. 10

CUSTOMER SUCCess STORY AstraZeneca reduced costs and improved compliance with EMC s modular retention solution The Challenge As one of the largest pharmaceutical companies in the world, appropriately retaining and disposing of information is a corporate and regulatory imperative. With critical R&D information spread out across business units located in 50 countries around the world, and thousands of record keeping systems globally, AstraZeneca recognized the need for an automated long term retention management solution. By protecting and preserving our critical records for regulatory and legal obligations, we significantly minimize the risk to the company. We needed such a solution to protect the company s license to operate. says AstraZeneca s Strategy & Program Director, Archives and Records Management Group (ARM) The Solution Using EMC s Documentum Platform, Retention Policy Services (RPS) and Records Manager (RM), AstraZeneca created a new retention solution and methodology. The subset of content requiring attention was distributed to trained internal archivists in main hubs for investigative work. These records were examined and indexed before sending them to Documentum, ultimately decommissioning paper hubs. The Benefits By using EMC s retention solution, AstraZeneca has reduced their storage and retention costs and improved their regulatory compliance. Specifically, AstraZeneca has: Contact Us To learn more about how EMC Information Governance Solutions can benefit your organization, visit www.emc.com/ecm or call 800.607.9546 (outside the U.S.: +1.925.600.5802). Achieved significant cost savings by decommissioning thousands of legacy systems Minimized corporate risk by meeting industry-specific legal archiving and licensing requirements Reduced the time to respond to record locator requests via content indexing and automated filtering Recognized enterprise storage savings by purging unnecessary documents in a scalable and flexibly configured solution EMC 2, EMC, Documentum, and the EMC logo are registered trademarks or trademarks of EMC Corporation in the United States and other countries. All other trademarks are the property of their respective owners. Copyright 2011 EMC Corporation. All rights reserved. Published in the USA. 8/11 Brochure H4947 EMC Corporation Hopkinton, Massachusetts 01748-9103 1-508-435-1000 In North America 1-866-464-7381 www.emc.com

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information