1 / 34

Electronic Records Management: A Checklist for Success

Electronic Records Management: A Checklist for Success. Jesse Wilkins April 15, 2009. Email management technologies. Messaging system. Not built to store massive amounts of messages And attachments And manage as records Difficult to search across inboxes Discovery, auditing.

hazel
Télécharger la présentation

Electronic Records Management: A Checklist for Success

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Electronic Records Management: A Checklist for Success Jesse Wilkins April 15, 2009

  2. Email management technologies

  3. Messaging system • Not built to store massive amounts of messages • And attachments • And manage as records • Difficult to search across inboxes • Discovery, auditing

  4. Print & file • Common approach • Challenges: • Loss of metadata • Attachments • Typical threaded email message • Volume to print and to file • Authenticity (phishing)

  5. Backup tapes • Archival vs. backup • Backups store data, not files or messages • Multiple copies of data • Readability of older tapes • Format, media, hardware

  6. Email management applications • Move messages out of the messaging application • May provide simple retention management • But NOT records management solutions • Many different capabilities available

  7. Email archiving Copy or remove messages from messaging application store to other storage Enforce rules for archiving based on age, size, user, or mailbox quotas Enable centralized message capture and management

  8. Email compliance • Provide compliance functionality for specific requirements • HIPAA, S-OX, etc. • Message monitoring and notification • Message auditing • Incident and case management

  9. Email discovery Provide litigation hold for email messaging system Message search, review, and production Evidence preservation Annotation and redaction Case management

  10. Encryption and digital signatures • Encryption solutions encrypt messages from - and sometimes within - the organization • Digital signature solutions used to sign messages from the organization • Generally managed centrally

  11. Email security • Designed to protect the organization from external threats • May provide attachment blocking and filtering • May protect against directory harvest attacks • May provide spam blocking

  12. Personal archive management Search the network to find .pst files Extract messages and moves them into the email archive May also leave .pst files in place but note location and index their contents Often provide single-instance storage and de-duplication Enforce policies for .pst files

  13. Policy management • Provide enforcement of policies and procedures • Ethical walls • Content filtering • Attachment filtering • May also provide audit trails for actions taken

  14. ECRM solutions Most systems support email management May run at server or client Many support single-instance storage May allow declaration, management of messages as records Varying support for attachment management, metadata management

  15. Email management implementation models

  16. Implementation models • The solutions listed earlier use a number of different implementation models • Appliance • Application server • Hosted • Client/plug-in • Some providers offer several implementation models

  17. Appliance-based solutions The solution is pre-installed on a server Connected to the network and the messaging application Fairly common approach for email security and archiving Database considerations

  18. Appliance considerations Benefits: • No need for separate hardware • Minimal need to configure system Drawbacks: • May not be robust enough • Hardware may not be upgradable • May only work with certain platforms

  19. Application server • The solution is installed on a server on the network and connected to the messaging application • Most common approach today • May require RDBMS • Solution may need to be installed on the messaging application server • BAD!

  20. Application server considerations Benefits: • Hardware can be upgraded to meet solution requirements • Wide choice of hardware to choose from Drawbacks: • Requires dedicated hardware and configuration • May only work on certain platforms

  21. Hosted solutions Solution is provisioned by a third party Highly available and scalable Subscription-based pricing

  22. Hosted solution benefits The organization can purchase only as much as is needed Someone else has responsibility for backup, configuration, security Generally platform-independent May reduce internal network traffic

  23. Hosted solution drawbacks Cultural considerations Reliability issues Vendor stability Discovery issues Migration considerations

  24. Client/plug-in • Solution is installed on users’ machines, either as stand-alone application or plug-in • Most solutions can be deployed using scripts or policy objects; some must be installed manually • Client applications run separately; plug-ins are integrated into the client

  25. Client benefits and drawbacks Benefits: • Only deploy to users who require it Drawbacks: • Decentralized deployment and usage can be difficult to manage • May require specific configurations, clients, security settings, etc. • Leaves it under control of the user

  26. Selecting the right solution for you

  27. Who is involved in the selection? • IT • Own the existing messaging application • Installation and configuration of system • Support for system • Records management • Understand recordkeeping and compliance requirements • Legal • Understand litigation support requirements

  28. Determine the goal of the solution(s) • What are the problems to be addressed? • Operational efficiency (user-focused) • Storage/management costs • Security/compliance • Prioritize among the issues to be addressed and proposed solutions

  29. Gather requirements • Gather, identify, and validate requirements • Business requirements • The problem(s) to be addressed • Functional requirements • What type of functionality will solve the problem(s)? • Technical requirements

  30. Research • Research the available solutions • Vendor resources • Trade publications • Conferences • Associations • Consultants and analyst firms • Standards and guidelines

  31. The short list Determine the vendors to consider Narrow the list based on the messaging applications and platforms supported, key functionality, and deployment models Invite remaining vendors to provide demonstrations, references, and pilots

  32. Select the solution • Cost should be a factor but not the most important criteria • Pricing is not the same as cost • Select the solution that most closely matches organization’s requirements • Select a vendor you can work with and that is committed to the relationship

  33. Summary • Email management technologies can assist in managing email better • But they are not records management solutions • Requirements are a key part of the discussion • Solution should be selected by IT, RM, legal

  34. Questions?

More Related