Transcript Title goes here test - AIIM - The Global Community of

LEGATO Software – Messaging Solutions
Mario Duckett
Mackin Imaging Systems
Henry Yip
HSBC Bank USA
a division of EMC
1
Email Related Challenges
– Reduction in Email TCO
• Email storage demand growing 65% annually
• Typical 1000 user company consumes 140 GB/month of email storage
– Litigation Support
• Less than 20% companies have policy for handling discovery requests
• 79% of organizations accept email as written confirmation of transactions
• 24% of organizations have been involved in email-related disputes
– Regulatory Compliance
• Steep penalties for non-compliance
– Corporate Governance
• 63% of organizations do not have an email archiving policy in place
Giga Information Group, Radicati Group, Osterman Research, 2003
2
Email Related Challenges
– Survey of 2200 Records Management Professionals
• 59% of respondents said their organizations have no formal email
retention policy in place.
• 93% of respondents believe that their electronic records management
process would be important in future litigation.
Cohassett Associates, Inc. – Chicago 2004
3
The Compliance landscape is a minefield!!!!!
UK Metadata Framework
EPA
Public Records Office
NASD 3010
21 CFR Part 11
DICOM
BSI DISC PD
0008:1999
Data Protection Act of 1998
Rev. Proc 97-22
NARA Part 1234
eSign Act
SEC 17ad-7
FERC Part 125
DoD 5015.2
Freedom of Information Act of 2000

Sarbanes-Oxley
NASD 3110
ISO 15489-1
e-Government Interoperability
Framework (eGif)
DOT
SEC 17a-4
HIPAA
SEC 17a-3
> 10,000 regulations in US alone

Scope: Compliance with Federal, State, Local regulations

Depth: Industry-specific, Public corporations

Impact: Cost to comply / remediate, Penalties for noncompliance
4
Financial Regulations
Compliance with NASD and SEC regulations starts with Codes of
Conduct - NASD 2210 - Defines rules of conduct for all
communications with public (advertisements, sales literature,
correspondence)
1. Retention (SEC 17a-4, NASD 3110)
•
•
All security brokers and dealers to maintain records of business
and customer account information with easy access
Electronic storage must be in WORM format and accessible for
checking compliance
2. Supervision (NASD 3010)
•
•
Effectively monitor correspondence, show adherence to codes of
conduct.
Record supervisory activity itself
5
Best Industry Practices for SEC 17a-4
What are commonly accepted best practices for
SEC 17a-4 compliance?
 What is the scope and applicability?
 What is the required process to maintain
rules of evidence?
 What access is required by the SEC or its
designee?
Focus on Record Retention
6
Rule 17a-4 Scope

What Email?
–
Internal & external messages
–
Bloomberg
–
Instant Messaging

How long?
–
Three years
–
Six to seven years also
common

(4) … all communications received and
copies of all communications sent by
such member, broker or dealer
(including inter-office memoranda
and communications) relating to his
business as such.
(b) Every such broker and dealer shall
preserve for a period of not less than
3 years, the first two years in an
accessible place …
Routine Examination?
–
Audit Reports
–
Responsive record recovery
–
Exportable Record Sets
7
NASD Rule 3010 Compliance
The four responsibilities of the NASD Broker
Dealer are:
1.
Build a procedure
2.
Document the procedure
3.
Execute the procedure
4.
Show evidence of continuous execution
8
Scope of NASD Rule 3010
 May be more narrow than SEC Rule 17a-4
– Just registered representatives
 May include just outbound messages
– External correspondence
– Advertising
– Sales literature
 Most firms choose to address additional supervisory obligation
– Customer grievance (inbound)
– Information barrier between research & investment (internal)
9
Failures and Problems are Rarely “Little”
 Business is lost
 Companies go out of business
 Customers are dissatisfied
 Regulators respond and
penalize
10
Money is not the issue……
How much money you have or
How much the indiscretion was worth
Can still get you a vacation at
Camp Cupcake
11
The Good and Bad of Email
A Smoking Gun - “How much do we need to
pay you to screw Netscape?”
- Bill Gates email produced in Microsoft
antitrust litigation
Warner Bros
Email can rescue a company in
litigation where a “whole” picture can
be presented. Email is just as likely to
help a company as it is to hurt it
- Littler Mendelson partner Gary
Mathiason; Fortune Magazine
February 2003
Warner Bros
12
“But
Wait…. If I save almost everything, I’m only giving them
the chance to find more ‘bad’ e-mail to use against us”
 Business Record Exemption to the Hearsay Rule
– Courts allow the admission of business records that are created and
maintained in the ordinary course of business. It recognizes the fact
that corporations continue to operate long after the creator of a given
record is available to testify.
 Statement Against Interest
– Email may also be admissible even if it fails to rise to the level of a
business record. The courts reasoning: If email in your system
contains a statement detrimental to your organization, it probably is
true. Few of us are prone to documenting our self-criticism.
“Email has been crucial evidence in a lot of high-profile law suits, and
many defendants have been surprised when messages they had
deleted from their own systems come back to haunt them from other
parties’ archives”
John R Christiansen, Preston, Gates & Ellis LLP.
13
Email as a Business Record
“A record is any information-bearing medium that an organization generates or receives
and must retain and manage for business purposes”.
Gartner Group, April 2003
 Do your employees use email to negotiate, enter into, or maintain
business relationships with clients, customers, vendors, or service
providers?
 Do employees purchase services or products on behalf of the
organization via email?
 Do employees communicate with executives, supervisors, or the
HR department via email?
 Does the organization use email to receive or transmit businessrelated complaints, recommendations, problems, questions, or
inquiries?
 Is internal email used to communicate information about product
development, sales, service offerings, customer service,
marketing, or advertising?
14
Managing Costs
 Storage Costs
– Email can represent over 40% of the storage costs for an organization
– Duplication of messages are a contributing factor
– Not all email is of equal value – can’t keep everything, can’t throw
everything away
 Retrieval (Discovery) Costs
– Duplicate emails increase the amount of time required during the discovery
process
– Messages on backup tapes are difficult and costly to retrieve (cannot easily
locate emails subject to discovery request)
 Productivity and Operational Costs
– Users spend between 1 and 2.5 hours/week managing email but cannot
access archived messages or attachments
– IT spends 5-8 hours/week recovering email for end users
– Growing email volume impacting backup window and stability of
environment
15
Backup Only = High Discovery Costs

Email backups on tape is not enough

Search and retrieval of email is extremely costly

Example: Brand Name Prescription Drug Antitrust Litigation
– Discovering party (plaintiff) wished to search 30 million pages of email
stored on producing party’s (defendant’s) backup tapes for the names of
particular individuals. The producing party argued that the discovery party
should pay the cost of compiling, formatting, searching eliminating
duplicates, and retrieving requested email.
– Court found the request was not “unduly burdensome” because the
difficulty and cost of the effort was largely due to limitations in the
producing party’s software, and ordered them to undertake the retrieval at
their own expense.
16
Managing Risk
Ultimately, a court or regulatory body will measure an
organizations record keeping practices by questioning…
 Does the organization have a formal policy for record retention?
 Has the policy been communicated and employees trained?
 What auditing steps are taken to ensure compliance or correct
problems or breaches in policy?
 Is the policy consistently enforced?
 Is the archive authentic and complete?
 What precautions have been taken to ensure security and
privacy?
93% of companies believe the process by which they manage
electronic records will be important in future litigation yet
62% do not believe they could defend their own electronic
records in court.
Cohassett Associates, Inc. – Chicago 2004
17
“We delete all email after 30 days”
 Employees may download emails to portable devices, forward
them to off-site locations, or print and retain hard copies.
 At least one copy of that email will exist on a server or backup of
a third party over whom the company exercises no control.
 Systematic deletion of all emails might constitute a “material
weakness” in a companies internal financial controls under
Section 404 of Sarbanes-Oxley, this would require disclosure of
such weakness in the company’s public filings.
 Under Sarbanes-Oxley Section 802 , a court can impose criminal
penalties for the destruction of documents (deleting emails) “in
contemplation” of a federal investigation that may not yet exist.
18
Emails Have a Life of Their Own
 Not all emails are saved on your servers or in
your central archive
On the server
In a .pst or .nsf file
On a laptop
In an external personal file
19
Emails Have a Life of Their Own
 So delete does not remove them all
On the server
In a .pst or .nsf file
On a laptop
In an external personal file
 All you have done is remove your defense
20
LEGATO’s Approach to Email Management
LEGATO provides the only solution that manages email as a “Record of
Business” ensuring solution can withstand scrutiny in a court of law”

Manages email retention by value, not by
format

Retention policies enforced by the
organization reducing deliberate or accidental
alteration or deletion

Retain records in original form

Manages lifecycle from creation to destruction

Ongoing auditing and reporting of retention
policies
21
LEGATO Provides Complete Solution
EmailXtender
• Provides retention and message
management for
compliance(SEC & NASD)
• Litigation / Discovery Support
EmailXtender AE
EmailXaminer
• Enables email monitoring and supervision
• Policy based sampling rules
• Full auditing and reporting of supervisory
activity
• Reduces load and storage
required for email server
• Improves availability
• Improves PST management
• Indexing of messages &
attachments for fast access
22
EmailXtender
Email Archiving for Reduced Cost and Risk
A comprehensive, integrated system that automatically collects,
organizes, retains and retrieves email messages/attachments
•
Real-Time Capture of ALL messages and attachments
•
Full-Text Indexing of messages and attachments in their “original form”
•
Single-Instance Storage of all messages, across message servers
•
Message Shortcuts allow for transparent access to archived messages
•
Lifecycle Management – Organizes messages and attachments – together – into
volumes and assigns disposition according to organization’s policies
•
Guaranteed Message Archive to ensure all messages are captured and available
•
Auditing and Reporting of archival access, operational activity, changes to
configurations, supervisory activity
•
Multi-Environment Support – Supports MS Exchange, Lotus Notes/Domino, UNIX
Sendmail, Bloomberg Mail and Instant Messaging
23
How EmailXtender Captures Email
24
How EmailXtender Captures Email
• Microsoft
•
Exchange
Real-time Capture Mechanism – Native Journaling
• Lotus
Domino
•
Real-time Capture for Notes Listener - Custom Code – Unique to
Legato
•
Interfaces with the Domino Router – Mail.box
•
Supported Domino Platforms:
• Win32 – Win NT, Win2000
• Unix – AIX, Linux, Solaris
• AS/400
25
How EmailXtender Captures Email
• Unix
•
SendMail
Real-time Capture Only – Milter Filter
• Bloomberg
•
Mail
Real-time Capture – Bloomberg Parcer – Developed by Legato
26
EmailXtender Xtract
• Scheduled
Capture
•
Used if Real Time Capture is not Required
•
Used for Backfile Conversion of Historic Email
27
LEGATO Compliant Record Lifecycle
Creation of
email record
Archive as
legal record
User access
and discovery
Real time capture of email messages
for ensured archival of all required
records and grouped into containers
Policy-based/agency-wide
enforcement of record retention
policies
Inactivity,
archival
Disposition/
Record Deletion
@
EmailXtender
Emails removed from message
store, reducing cost and burden on
email systems
28
LEGATO Compliant Record Lifecycle
Creation of
email record
Archive as
legal record
User access
and discovery
Inactivity,
archival
Disposition/
Record Deletion
Email messages, attachments and
distribution list information stored
as part of record
EmailXtender
All components (message &
attachments) fully indexed
Duplicate messages removed,
reducing storage costs and future
discovery efforts
Records protected from accidental or
deliberate alteration or destruction
29
LEGATO Compliant Record Lifecycle
Creation of
email record
Archive as
legal record
User access
and discovery
Inactivity,
archival
Disposition/
Record Deletion
Litigation and discovery efforts
reduced via advanced search
functions
EmailXtender
Full user access to archived email
records (Native Outlook/Notes or
Web client)
Discovery results exportable to
industry standard messaging
formats
30
LEGATO Compliant Record Lifecycle
Creation of
email record
Archive as
legal record
User access
and discovery
Inactivity,
archival & DR
Disposition/
Record Deletion
Migration of inactive archives
to offsite locations or more cost
effective storage
Enterprise-class data protection
for ensured recovery
DiskXtender, EMC
Centera, NetApps
NearStore
31
LEGATO Compliant Record Lifecycle
Creation of
email record
Archive as
legal record
@
User access
and discovery
Inactivity,
archival & DR
Disposition/
Record Deletion
Removal of records from email
archive and migrated or offsite
copies
EmailXtender &
DiskXtender
32
EmailXtender - Archive Search & Access
Easy Access to Stored Messages and Attachments
Ex Client Plug-Ins leverage the power of MS Outlook or Lotus Notes
(left below) by giving archival access to administrators, supervisors, or
end-users. All administrator and supervisor access is audited.
The Ex Web Browser interface (above right) lets users quickly
access stored messages and attachments anytime, anywhere.
33
ABC Corporation
Smith, Terry
October 1, 2002
March 25, 2003
Allen, Tom
Smith, Terry
Final Contract – ABC Corporation
10/03/02 – 9:48:03 AM
3EF462227
Keech, Melany
Smith, Terry
ABC Corporation – Q2/Q3 Earnings
11/14/02 – 11:14:55 AM
2EF46EIM2
Marshal, Bob
Smith, Terry
NASDAQ Ticker – ABC Corporation
12/03/02 – 3:24:01 PM
2EF46EIM4
Sorkel, Ben
Smith, Terry
Accounts Receivables – Q2 2002
01/04/03 – 5:14:22 PM
3EF2114I2
Lowe, Anne
Smith, Terry
Order: from ABC Corporation
02/01/03 – 9:15:33 AM
4EF21910
– Granular query based on date, users and subject matter for discovery or litigation
support – across central archive
– Search includes messages and attachments for complete and accurate result set
– Single copy of message returned in result query
– Results exportable to portable format
34
“Zero training” user access
End users access their archived messages by just clicking
on the shortcuts left in their Inbox.
35
EmailXaminer: The Email Compliance Manager
EmailXaminer offers a variety of advanced surveillance capabilities
designed specifically for compliance with email regulations and
policies -- including message sampling, customizable automated
procedures, intelligent cross-mailbox searching and purging and
more.
 Monitor email content to assure compliance with organizational
policies and lower the risk of unethical, inappropriate, or illegal e-mail
use
 Samples all outgoing and incoming messages for specified groups
and aggregates results
 Lets supervisors review samples and automatically checks them
against organizational standards
 Records all supervisor actions for audits and reports to document
policy compliance
36
Why Monitor Communications????
 Legal Liability
68% rated high
 Security Concerns
60%
“
“
 Legal Compliance
50%
“
“
 Productivity Measurement
46%
“
“
 Performance Review
45%
“
“
Typical Surveillance Criteria
Industry-Specific Regulations
• Explicit sexual or scatological language 70%
• Names of current employees
18%
• Names of clients, customers, accounts
16%
• Names/addresses of vendors or suppliers
14%
• NASD 2210 – Defines Codes of Conduct
for all communications
• NASD 3010 – NASD NTM 98-11 requires
review of correspondence
• SEC Rule 17a-4, NASD 3110 –
Retention Requirements
• HIPPA – Record-Keeping Requirements
Challenge
Slide 3 of 3
37
EmailXtender – Archive Edition Comparison
38
LEGATO Solutions HELP Manage Cost –
1: Storage Costs
–
Single instance storage of messages reduces
storage by up to 80%
–
Eliminate personal archives while reducing liability
–
Consolidation of email from multiple platforms
(Exchange, Notes, Sendmail, Bloomberg and IM)
–
Reduced backup media costs
2: Operational Efficiency
–
Centralized archive ensures uniform retention
practices
–
Simplified directory/user management (alias,
distribution lists, ex-employees)
–
Reduced backup window and increased email
availability
–
Automatic disposal of email eliminates manual
intervention
A centralized
archive is both cost
effective and
productive to the
organization.
39
LEGATO Solutions HELP Manage Cost –
3: Organizational Productivity
Those who choose
to store email in a
format that tends to
conceal rather than
reveal, can bear the
burden and cost of
discovery.
–
User access to archive allows for quick search
and retrieval
–
Reduced IT burden in recovering user mailbox
data
–
Virtually unlimited on-line email storage
4: Retrieval (Discovery) Costs
–
Reduced time and cost in fulfilling discovery
requests
–
Elimination of duplicate messages reduces
costs during legal review
–
Results exported to portable format for review
by outside party
40
LEGATO Solutions HELP Manage Risk –
1: Completeness of Archive
–
Real-time capture ensures complete archive
and ensures emails are not altered
–
Guaranteed message archival via auditing
and reporting
–
Archival of all relevant messages including
email, attachments and IM
–
All user information retained including alias,
distribution list, etc.
2: Enforcement of Policy
–
Organizational control of retained and
disposed of records via policy enforcement
–
Monitoring and auditing to ensure adherence
with email use policy
It’s easy to take words
out of context completeness of
information retained,
ensures accurate
representation.
41
LEGATO Solutions HELP Manage Risk –
3: Authenticity and Evidentiary Weight
–
“Tamper-proof” archive reinforces authenticity of
records to rules of evidence
–
Auditing and reporting of archive activity by user,
supervisor and administrative
–
Fully indexed records ensure complete and
accurate discovery results
–
Records archived in “original form” ensures
“legal and true” copy
Ensuring Authentic
records and auditing
of practices help
remove doubt and
potential liability.
4: Security and Privacy
–
User restricted to view only individual email
–
Auditing of archive activity ensures clientattorney privileges
–
Delete of archived information by administrator fully
audited and protected
42
LEGATO’s Email Solution Benefits
Four Key Email Management Challenges Solved with One
Integrated Software Solution
 Email Storage Management
– Archiving = EmailXtender
– Protects server resources, single instance
storage, storage consolidation with direct user
access
 Data and Retention Management
– Archiving = EmailXtender + DiskXtender
– Full Life Cycle Management
– Adheres to rules of SEC, and retention
objectives
 Discovery/Litigation Support
– Content Indexing = EmailXtender
– Reduces discovery costs and end user time in
locating specific content
 Supervision Management
– Monitoring and Supervision = EmailXaminer
– Minimizes risk of communication abuse, and
supervision to NASD regulations
43
What about IM and P2P?
•
•
IM is the fastest growing form of communication. WSJ
IM will surpass email as the preferred method of
interpersonal messaging in the enterprise by 2006. Industry
Analyst
•
More than 31% of all corporate WEB users use IM.
Nielsen/Netratings
•
IM is in use by 46% of the largest companies today.
Forrester
•
•
•
IM usage in the workplace grew 110% to 4.9 billion
minutes in 2003. Jupiter
By the end of 2004 over 1 trillion instant messages will be
sent from the workplace. IDC
P2P networks are the new virus entry points into
organizations networks.
44
IM Integration with EmailXtender
Internet
FaceTime
IM messages
sent/received
FaceTime
IM Auditor
IM conversations
stored in DB
IMAuditor DB
Each IM conversation sent as
an email via SMTP
EX Receives email and
identifies it as IM log.
Processes accordingly.
IM messages
sent/received
IM Client
IM Auditor
Export
EX DB
EmailXtender
EX Archive
45
Why EmailXtender

Legato supports Notes, Exchange, Bloomberg, Sendmail and IM

Integrated direct management of SEC-qualified storage devices
(WORM) through Legato DiskXtender (DX).

User management using Outlook Contacts and Notes Address
Book (NAB) or LDAP query.

Search client allows naming of target users from Outlook contacts
and Notes Address Book (NAB)

Responsive messages can be saved as an PST or NSF

Batch recovery of historical or pre-existing messages from
Outlook PST or Lotus Notes NSF files.

Execution of a fully audited retention or deletion policy across Outlook
or Lotus Notes servers
46
Why EmailXtender – cont’d
 Capture of bcc: addressing.
 Capture and storage of all messages in native PST or NSF format.
Competitors may not capture distribution list info, rich text formatting, and
message properties.
 Search and recovery of messages using full text indexing of entire
message, including attachments.
 Future integration with market leaders in content management
(ApplicationXtender, Documentum) for managing all document types
 Both the SEC and NASD use EmailXtender and EmailXaminer.
47
ROI now means:
Risk of Incarceration
48