E-discovery, compliance, regulation, liability: Storage managers are becoming nearly as expert in these topics as they are in technology. In many organizations, data growth has been matched by a surge of legislation that forces IT pros to educate themselves about the responsibilities that come with storing sensitive information.
So just what are those responsibilities? There is no easy answer. Laws about data preservation are still evolving, so what seemed to be established yesterday may not be airtight tomorrow. But industry sources have some basic tenets that might help storage pros to get into the right mindset:
Get organized. "Get your electronic house in order," was a key piece of advice from George J. Socha Jr. Esq., a lawyer and consultant who has organized a methodology for e-discovery called the Electronic Discovery Reference Model. Speaking on a virtual roundtable discussion sponsored by Symantec last month, Socha said, "The better you can do at this, the easier everything that follows will be for you, and the less expensive and lower risk everything that follows will be."
When in doubt, save it. Getting organized doesn't necessarily mean getting bogged down in self-made rules. "We don't bother to try to classify the records," admitted Gregg Davis, CIO of high-rise construction company Webcor Builders of San Mateo, Calif., during Symantec's roundtable.
In his litigious industry, Davis says there's so much that might find its way into a legal document that it doesn't make sense for IT to take the time to pick and choose. "For us to write rules and to try and automate rules, to eliminate certain things based on generic rules, it was way too broad and we could not get it narrowed down to where we were comfortable with not saving... records. We in essence save everything if it's in an email record... for us to not produce something, to say we autopurged it, the risks and penalties... are way too high... Even something like a lunch meeting may be construed as [important]."