Solving the Unmanaged Content Conundrum: Dealing with the Exploding Volume of E-Mail and Other Unmanaged Electronic Documents Can Cost a Bundle Unless the Proper Steps Are Taken

Article excerpt

Recent federal rules, significant fines from regulatory agencies, and the threat of electronic discovery are driving organizations to better identify and manage the information they create and store. Companies need to ensure that their information is retained according to business needs and legal requirements.

To operate effectively, organizations also need to dispose properly of information that is no longer needed for business or legal reasons, including that store on shared and individual hard drives and in e-mail and other stored information systems.

Enlightened organizations realize that cleaning up unnecessary files improves employee productivity by reducing the time they spend searching (particularly through masses of e-mail) and allows them to share and re-use knowledge more effectively. It also reduces overhead costs associated with managing and maintaining storage devices, where labor costs are far higher than storage media.

The Problem

Today, most information is created in electronic form, and the volume of electronic documents is growing dramatically. It is not uncommon for large organizations to invest significant human and technological resources to store and manage millions of electronic documents and e-mail that may not be company records, that may never be accessed after their creation, and that the organizations may not be required by law to keep.

Even in organizations that have record retention schedules, electronic files are often not managed according to them. Yet laws and regulations mandate retention of many types of records, including those in electronic format. Laws also require the production of all information relevant to any imminent or on-going audit, lawsuit, or investigation. Last year's amendments to the Federal Rules of Civil Procedure explicitly require discovery of electronically stored information.

In addition to the problem of unmanaged volumes of stored information, organizations must also deal with the reality that hard drives crash, laptops are stolen, thumb drives are lost, and employees and organizations are devastated by the loss of critical business information, company trade secrets, or exposure of customers' personal identifiable information.

Organizations are also quite concerned about identifying and protecting specific types of confidential information: trade secrets, employees' confidential information, passwords, and customers' financial data. There is a high likelihood that this information is sometimes contained in e-mail that is disbursed to several recipients and not treated as confidential.

Finally, while storage media may be inexpensive and the cost is going down, storing large volumes of information is not cheap. Well-paid IT staff members, who maintain storage systems, are an expensive cost of doing business. So is the cost of restoring millions of files when a disaster occurs, requiring days or weeks of combing through them to find the critical ones that the organization needs to stay in business.

Facing these challenges will force organizations to ask themselves many questions:

* How will they go through the millions of files, documents, and e-mails stored on local area networks, wide area networks, storage area networks, shared drives, and a host of other locations? How will they identify which are records rather than non-records, which ones are needed for lawsuits, and what can be disposed of without causing liability?

* How can they control and secure information that customers expect to remain private? How should they manage confidential documents or trade secrets, such as product pricing data?

* Can they expect employees to take the time to go back to all the documents they have created or saved across the enterprise to manage, preserve, and protect the files that constitute records?

* How will they unearth and dispose of unnecessary files while minimizing the risk of non-compliance with laws and regulations? …