Many times archiving projects get put off for another day because of “policy paralysis,” which is an affliction that prohibits IT decision makers from deciding what to keep and what to discard before implementing archiving.
Cloud-powered archiving does not penalize a simple straightforward “keep it all” plan. This means IT decision makers can implement retention archiving now, and create policies later. It’s a Win-Win scenario for IT and businesses, and is the cure to “policy paralysis.”
Overflowing in-boxes, maxed out email servers, and now even more places for employees to generate content. Enterprises are implementing new collaboration systems (Sharepoint, GDocs, ZoHo) for document sharing, which means employees will have more options beyond email to collaborate internally with each other and externally with customers, vendors, friends & family.
These new capabilities mean there are growing “shards of content” data silos in the enterprise that need to be captured and archived for compliance, e-discovery, storage management and universal information governance best practices.
Sonian believes the best most cost-effective and reliable way to solve this problem is a centralized archiving service, powered by cloud-scale infrastructure as a service. Here’s why:
The Securities Exchange Commission (SEC) originally enacted the Securities Exchange Act in 1934, as a means of protecting investors from fraudulent or misleading claims by securities dealers. The Act required member firms to create and maintain transaction records which could be reviewed and audited. In 1997, rule 17a-4 of the Act was amended to provide procedures for storage of electronic records, including emails.
This rule has since been interpreted to include instant messages as well. NASD (National Association of Securities Dealers) applies similar rules to its member firms through NASD 3010. The provisions of SEC 17a-4 and NASD 3010 apply to all individuals and organizations involved in trading securities. This includes securities firms, stock brokerage firms, banks and any financial institutions that fall under SEC or NASD jurisdiction. They require securities dealers to implement specific, enforceable retention procedures, which include the following:
• Archived messages must be stored in duplicate. One copy must be stored in an online archive, and a second copy must be stored offline on permanent, tamperproof media, such as Write-Once-Read-Many (WORM) technology.
• Storage media must be verified automatically for quality and accuracy.
• Archived messages must be date/time-stamped and serialized. Each message must be assigned a unique, sequential identification number as a safeguard against deletion.
• A searchable index of all stored data must be maintained. Indexes must be retained on each unit of storage media for the messages and attachments stored on that unit.
• Messages and indexes must be easily retrievable and downloadable to other media as required by SEC regulators.
The U.S. Securities and Exchange Commission (SEC) has recently imposed new regulations on private investment pools, also known as hedge funds. The U.S. Securities and Exchange Commission, in a three-to-two vote on Oct. 26, 2005 decided to require hedge fund managers with assets in excess of $25 million to register under the Investment Advisors Act of 1940. The regulation went into effect on Feb. 1, 2006.The ruling requires that most hedge fund advisers register with the SEC under the Investment Advisers Act of 1940, which includes provisions for securing, managing and archiving all
electronic communication, including email and instant messages.
• Archived messages must be stored in duplicate. One copy must be stored in an online archive, and a second copy must be stored offline on permanent, tamper-proof media, such as Write-Once-Read-Many (WORM) technology.
• Storage media must be verified automatically for quality and accuracy.
• Archived messages must be date/time-stamped and serialized. Each message must be assigned a unique, sequential identification number as a safeguard against deletion.
• A searchable index of all stored data must be maintained. Indexes must be retained on each unit of storage media for the messages and attachments stored on that unit.
Messages and indexes must be easily retrievable and downloadable to other media as required by SEC regulators.
The Sarbanes-Oxley Act of 2002 was enacted in the wake of several major corporate and accounting scandals. Its provisions affect email retention, integrity and oversight. Sarbanes-Oxley applies to all publicly traded companies and the CPA’s and attorneys associated with these companies.
• Section 802 presents a possible fine of up to $1,000,000 dollars or a prison sentence of up to 20 years for any person who destroys, alters, mutilates or conceals any electronic document in an official investigation.
• Sarbanes-Oxley specifies minimum retention periods for all accounting records, work papers, communications, file attachments, and documents whether transmitted via email, instant messaging or other message modes.
• Section 302 requires CFO’s and CEO’s to personally certify and be accountable for their firms record retention policies and financial reports.
• Section 404 requires auditors to certify the underlying controls and processes that are used to compile the financial results of a company. Email is a critical component in being able to achieve this certification.
• Section 103(a) and 801(a) require companies to maintain all documents including electronic documents that form the basis of an audit or review for seven years.
Aberdeen Group published findings in a recent study about Strategic Archiving Decisions: Retaining and Retrieving Important Company Information. The finance sector reported that the top pressures leading them to implement such [archiving] technology were to improve operational efficiency (44%, compared to all others at 34%), and to achieve compliance with regulations (33%, compared to all others 9%).
These findings match our experience with hosted email archiving; A majority (by greater than 10%) of new customers archive for compliance with storage management as the secondary consideration in their archive purchasing drivers.
The world-wide financial systems’ near-collapse will certainly spur new legislation requiring more oversight and reporting about transactions and relationships between the different financial sectors. There will also likely be an uptick in lawsuits and investigations, and a need to know “who said what when” to figure out the truth trail. This is when an email archiving solution can provide actionable intelligence.
Electronic records management systems, email archiving and e-discovery systems will need to step up to the plate and deliver results without undue burden on IT budgets or department man-power time.
Sonian is here to do our part. Scalable, reliable, secure, and most importantly, affordable email archiving for all.
Get email updates:
