• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1040
  • Last Modified:

Best practice in maintaining corporate email for legal reasons?

What is the best way to keep corporate email communications available
in the event that legal authorities may require those records in
coming years? Electronically through software or, would it actually
be better to keep huge searchable PDF documents of all email activity?

0
machine_run
Asked:
machine_run
  • 3
  • 2
  • 2
  • +6
3 Solutions
 
Scotty_ciscoCommented:
.PST files backed up IMHO
0
 
Lee W, MVPTechnology and Business Process AdvisorCommented:
I don't see how a huge searchable PDF would be efficient.  Not to mention, PDFs don't handle attachments.  I'd suggest you investigate some e-mail compliance software.  If you use exchange, simply storing backups may be sufficient.  But in the past months I've read of some tools in eweek that specifically archive e-mail for compliance reasons.

Just search google for "email compliance" and you will get a large list of software, articles, and discussions on the topic.

This article seemed potentially interesting.
http://www.s-ox.com/Feature/detail.cfm?ArticleID=1068
0
 
Lee W, MVPTechnology and Business Process AdvisorCommented:
PST files are ok, but I'm not sure they would qualify as "compliant" - problem being that some legal regulations MAY want any message that hits the mail server backed up and exporting to a PST file would not get deleted messages if they were new and quickly deleted.
0
Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

 
michael_heringCommented:
Scotty_cisco,

The correct answer depends on your organization's legal requirements. If your organization is subject to strict compliance stipulations, such has HIPPA or Sarbanes-Oxley, then you would be best served by spec'ing out some software that is designed to meet these requirements. There are several softwares available for archiving email for this exact purpose.

If you are not subject to outside regulation, you can do a whole spectrum of options. Anything from configuring your email server to retain email for a certain number of days after deletion to storage of old email in PSTs.

I hope this helps.
0
 
The--CaptainCommented:
?!?

You should consult your corporate legal team to determine what data you are *currently* legally required to retain, and retain *only* that data.

The only compelling reasons to retain data are for *your* benefit (not big brother's), and as currently required by law.

I think Microsoft learned this the hard way in their case with the US DoJ - I believe they have now implemented a policy where all emails not critical to current operations are deleted.

Also, there are liability issues to consider when retaining data - just ask the VA, who is currently facing a lawsuit that some have wondered is the most costly lawsuit in goverment history...

Once your legal team tells you what data the law requires you to retain (since I have no idea), I'll be happy to provide some opinions on how to do it...

Cheers,
-Jon
0
 
livedrive777Commented:
There are enterprise mail archiving solutions that allow for searchable database driven archiving of emails.  Some even allow end users to restore their entire mailbox to the state as of any time/date in the past.  One I just came across that seems to fit some of your basic requirements is this one: http://www.gfi.com/mailarchiver/
0
 
giltjrCommented:
michael_hering and The--Captain are 100% correct.  Before you implement a solution you must KNOW what the problem is.  If your company does not have a legal group or a laywer, get one.  If you are asking about keeping e-mail for legal reasons then you need a laywer.

Once you figure out what your legal requirments are then you can look at setting policies that allow you to meet the requirments, then you look at products that allow you to meet your policies and then ENFORCE THEM 100%.  If you have ONE e-mail that you should NOT have because of your polocies, they are going to want you to produce all e-mails.

The PDF file ain't that bad of an idea.  The company that I work for has been supenaed a few times.  You should see the look on the lawyer's faces when you say "Sure we have the last five years of e-mail.  It is printed off and stored in our warehouse, shouldn't take more that a year to go through it. Exactly what words did you want us to search for?"
0
 
nexissteveCommented:
We have implmented Legato Email Extender recently for this very reason.

I suggest you take a peek at it, The other plus to e-mail extender is you can ge rid of those damn annoying PST's

Cheers

Steve
0
 
norganCommented:
i keep a backup tape of full backup every month and keep a yearly forever. if you need to keep email then do a brick level backup to tape and set your rotation policy to include a kept tape for however long you are required to keep records.
0
 
livedrive777Commented:
I have heard of the Legato system as well and like the sound of it.  Again, I think you should be looking at something like that or some other DB driven enterprise app.  it is going to be much much easier to manage than PDFs or Tape backups.
0
 
machine_runAuthor Commented:
Thanks to all. It does depend on individual company circumstances as you've
pointed out. It looks like quite an inconvenience for business.
0
 
giltjrCommented:
Thanks  but PLEASE IMHO you should:

Unaccept my answer, all I did was re-enforce michael_hering and The--Captain answers.  

You can then accept either of their answers and give an assist to the other. If you wish you can also give me an assist.

To unaccept an answer:

     http://www.experts-exchange.com/help.jsp#hi17
0
 
michael_heringCommented:
Thanks giltjr in your honesty on this. It's nice when credit is given where due. =)
0
 
The--CaptainCommented:
>Thanks giltjr in your honesty on this

I've been discovering that giltjr is a very good person to know...

Cheers,
-Jon
0
 
giltjrCommented:
Thanks for the compliments guys.  I may have some weird quirks and be a bit overzealous at times, but I am always trying to be fair.  

michael_hering, welcome aboard and hopefully you will this as great of a site as I and others have.  

The--Captain, you and the other admin's have a thankless job and I do want to say thank you for the hard work you put in and the contributions you make.  You also are a very good person to know.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

  • 3
  • 2
  • 2
  • +6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now