Slaying the Email Management Dragon by Getting Behind What Makes People Tick — Thinking Inside the Box

Discussion of the management of email is personal (to the user) and contentious (among vendors who claim to have a cure and IT executives who do not want to engage in an initiative riddled with risk of failure).  In my view, email management projects are sure to fail if one (legal/compliance/RIM professionals) does not address certain, key considerations.  In the interest of brevity, I will stick to a few bullet points on this very complex topic.

  • Walk before asking employees to run – Getting in place policies and procedures and applying them to paper records and legacy offsite paper inventories will help employees get used to and understand the operational benefits of RIM (efficiency and productivity). Once part of the muscle memory of the organization, and it is easy to show ROI on paper, turning to email is a conceivable option. But I always counsel in favor of breaking teeth on paper, not the sizzling hot button topic — email.

  • The slim chances of asking employees to comply – Here is a paraphrase what Bill Gates said at a summit this past May where compliance officers were gathered in Redmond to discuss the challenges of RIM and e-discovery: With regard to his own organization – “If you are telling me that employees (and I) would have to take even one extra step [in terms of dragging and dropping email into proper buckets), I would not support the initiative.”

  • Coming up with some solution – You will struggle to have effective compliance if employees are expected or given license to make all the decisions about what to keep. For that reason, in 2003-04, we designed a central repository to store a replica of all email for a limited period of time. We used open source code and a software I will mention only offline, and through journaling sent a copy of every email that crossed the fire wall to one storage platform (after de-duping). That platform allowed IT to use backup tapes for disaster recovery purposes only and the lawyers to access the separate platform (or archive) for hold management purposes. Employees could do what they wanted to do with the email on the desktop for some period of time based on business need (e.g., every 90, 120, 180 days) before the email would be removed from the Exchange Server. The ability to create PSTs is the exception, not the rule, under this process.

  • Through a basic, web-accessible interface, lawyers with permission-based access could run queries based on criteria derived from the legal or regulatory matter that required a hold.  The query process had an audit trail.  A hold, or multiple holds would attach to an email in the repository following the finalization of the query. Everything else not subject to hold had a limited shelf life in the repository and was purged periodically (e.g., every 90, 120, 180 days). The system is not perfect, but it worked.

  • Understanding why people over-retain email – One might find the key to the whole problem by taking a step back and asking “why do employees over-retain and take it so personally when I talk about messing with their email?” Employees (and we) retain email for a few reasons, but principally because: (1) the desire to CYA, (2) if you delete the email, you will never find “that” document or communication again, and (3) laziness. For the first reason, covering one’s assets, the higher up the food chain you go, the more (and greater) offenders of over-retention you will find. As a former ethics and compliance officer, I viewed the first item as a challenge – getting managers to trust their superiors and employees to trust each other and their manager. The blame game has to end. Once it does, email proving one’s innocence dissipates. Realistically, it is hard to achieve perfect harmony and trust, so folks are always free to print that exculpatory email if they so choose.   The second item is more tangible.  If people know where to find what they need when they need it, holding onto email is no longer mission critical.  This is where ECM, intranets, collaboration tools and central repositories really matter.  If documents were circulated with links, for instance, rather than attachments, many emails would not need to be retained (as long as the repository was readily accessible and searchable).

These are not perfect solutions and there are many ways to skin the email cat, but this might be some good food for thought on the hottest operational and legal issue, perhaps, facing corporations today.


2 Responses

  1. It’s a very interesting point you mention from Bill Gates in regards to avoiding implementing email management due to the fact users would have to take an extra step to add the email to a repository.

  2. […] 2007 Although acknowledging that there exist no perfect solutions, the blogger behind Datakos lists items that may help to control e-mail rention issues. Many are sensible, straightforward suggestions. In describing an open source solution (which […]

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: