Modern business cannot function without the use of email. In an age where e-communications are often, if not more widely used, than traditional communication methods, email has become a crucial source of company information. It is being used on a daily basis around the world to confirm contracts, communication and other business arrangements. Consequently, companies must take a more thorough approach to retention, by storing all forms of media that may contain business critical information. Many believe that this equates purely to the storage and archiving of emails, but this is just one aspect of a truly effective email management strategy.
Email as a Corporate Issue
Increased regulations and compliance pressures have seen a need for the vast amount of business data sent via email to be stored more effectively. The sheer volume of emails and the way data is presented within them has created problems for organisations, both locally within the UK and beyond. When you also consider the security issues currently surrounding data held on email, coupled with the often complicated information held on email files (which users have historically been able to alter, delete or manipulate through insecure systems) it becomes clear what a major task organisations are faced with.
The widespread use of company email for personal activity also reinforces the importance of email management, with the analyst organisation IDC stating that 40 per cent of email at work is non-business related. Email and more recently Instant Messaging (IM), have become mediums for both personal and business use simultaneously, blurring the lines of corporate email use and therefore increasing the need for them to be retained to meet the plethora of compliance regulation and legal doctrine affecting business. As a result, complying with one regulation relating to business communication could mean breaching regulations relating to the retention of personal information in the same mail. This makes it essential that companies invest in a powerful email management solution that is sophisticated enough to cater for these contradictions both today and to enable integration with or make allowances for future technology demands.
For example, the Data Protection Act 1998 states in its principles of good practice that personal data must be processed for limited periods and not kept longer than necessary. In contrast to this, the Financial Services and Markets Act 2000 states that, A person conducting a review (a) has a right of access at any reasonable time to all such documents as he may reasonably require for purposes of the review; and (b) may require any person holding or accountable for any such document to provide such information and explanation as are reasonably necessary for that purpose. Therefore the storage of an email containing both personal and business information is problematic and may contravene at least one of these acts.
A Challenge More Complex than Compliance - Archiving
Effective email management requires both compliant archiving and secure storage systems and procedures. In many cases, email as a business tool has grown faster than the companys ability to manage it. As such, across every vertical, the mis-management of email is creating costly consequences for organisations, from a financial bottom line and corporate reputation perspective.
Storage and more specifically archiving is an essential aspect of effective email management, and is inherently linked to security. Many organisations use back-up tapes for email storage. However, these tapes are unable to store emails in-real time and do not show a true forensic record of all email correspondence, as they can be modified or deleted before they are saved. Emails stored in this way are usually unencrypted, and access to them is unaudited, so they are therefore not compliant with legislation such as the Data Protection Act 1998.
Archiving in a referenceable format is crucial, although many companies mistakenly still see this as simple email storage. A survey by Osterman Research concluded that less than half of businesses retain their critical email-based data for long periods, and many just delete old emails after a set period regardless. Regulation, however, has made it unacceptable for companies to act in this way. For example, section 222(5) of the Companies Act 1985 states that records relating to company accounts must be retained for a minimum of six years (for public companies) or a minimum of three years (for private companies). If a company fails to comply with this regulation, the penalties for a company officer are a term of imprisonment of up to two years and potentially a hefty fine.
Perhaps the most important aspect of email management is the creation of the audit trail. Recent months have seen some alarming consequences of email mismanagement, including large financial penalties for organisations such as Morgan Stanley and Bank of America, and as a result, the need for forensic email archiving is swiftly moving up the boards agenda. If a company is asked to retrieve emails for the courts, do they know how quickly they can do it, what it will cost them and can they be sure that the emails are the originals?
Effective Email Management
This fast growing email management market in the UK is currently heading in the same direction as the US. An example of this is Repton, a leading systems integrator that is in partnership with Cryoserver. Repton is aware of the importance of email management and in particular the forensic approach. As a global supplier of IT solutions and services to the MLE (medium and large enterprises), it recognises how so much can depend on just one email and has gained the high level of technical knowledge required to bring maximum benefit to its customers.
Email management is set to rise up the corporate agenda as new regulations come into force and the ways in which staff use it continue to diversify. This growing market provides major opportunities for resellers that offer powerful email management solutions and really understand the communications issues affecting both their existing customers and their prospects.
Mike Berry is Vice President Sales for Cryoserver a leading forensic archiving and compliance solution for email, instant messaging and other electronic records. Enterprises, businesses and governments rely on Cryoserver for assurance surrounding the retention and access of critical business, operational and publicly held information.