Sarah Vouga- Waterford Technologies
In the past several years, different factions within the American government have seemingly “lost emails” that would have directly implicated the senders in some way, shape or form. It’s easy to immediately assume that some sort of cover-up keeps happening when these things happen. But David Gewirtz for ZDNet Government summed it up perfectly in his article: IRS Scandal: Ludicrous claims about missing government emails? Been there, done that. “Sadly, some of the claims, in all likelihood, don’t reflect a political desire to obfuscate the truth, but instead reflect incomprehensibly bad IT management in the executive branch. They also reflect arcane archiving practices that seem insane to modern IT professionals but are de rigueur for government flunkies.”
I know I’ve written several blogs that outline the Federal Rules of Civil Procedures (FRCP) and its underhanded insinuation that email archiving was not only a necessity but could almost be argued that having it was law. I’m now beginning to draw the conclusion that technology has different standards for those of us outside of the government than the people within; something that doesn’t make any amount of logical sense to me. If it’s pertaining to the government, in my mind, would that mean that every possible security measure would be taken to preserve everything, no matter the implications? Wouldn’t by doing that, people be more prone to do the right thing rather than allowing them to fall prey to their human tendencies that may not uphold the morals that are a necessity for any government?
Based on the information that came out in 2008 during the Bush administration’s fiasco with missing emails, and the information that is now coming out about this recent IRS scandal, it appears that the government utilizes methods for retaining emails that rival my lovely grandmother attempting to still use a Polaroid camera and using AOL as her internet browser. Technology has grown, expanded and introduced more efficient and cost effective ways of managing your email server, not just for space, but for things like eDiscovery and email compliance. Why would these government agencies not be the first ones to have this type of technology?!
The best practices for ensuring that your emails are not lost, is to utilize an email archive solution. If you have an archive, you will always have a tamper proof repository of all of your emails coming into and leaving your organization.
- Define Policies Early: Establishing retention and deletion policies at the beginning will keep storage from growing to an insurmountable level. A policy that states the motives for your standards and how end users should follow the policy is satisfactory in court provided you can prove your organization abides by it. Without a policy, you will be stuck with keeping everything. Forever. In the IRS’s case, they printed and filed all emails that met a certain “in house” criteria. Which is a waste of literal space, time and resources.
- Enforce Your Policies: Once a policy is written, it must be enforced with an automated solution so as to eliminate the “human” factor of policy enforcement.
- Eliminate PSTs: PST files are created by end users to store their emails and keep them accessible. However, these files are not the best primary storage location for end users mailbox data. They expose the organization to legal risks and make it hard for you to locate emails when you need them- which usually happens with the burden to meet deadlines. With an email archiving solution, the archive becomes your central data repository where users can access their own emails easily. PST FILES ARE CORRUPTIBLE. The IRS was saving their emails to PST files and then backing up the PST files. How is this even acceptable?
- Backup Tapes Are Not Archives: Backup tapes should not be used as your central repository for emails. They capture information only from the point of backup- which will not include items that the end user deleted. They cannot capture the activity as it happens- backup tapes have no intelligence to index the email- it is just a copy. This is supposedly how the IRS lost their emails; the emails that had been backed-up had been wiped away from existence when a hard drive crashed. This is completely unacceptable. Especially when it’s coming from the IRS.