How certain are you that the electronic data your team retrieves in response to discovery requests is complete and unaltered? Recent court rulings have framed electronic records as on par with audio recordings and digital photos in terms of reliability, as judges recognize that a clever cheat could modify an e-mail to remove a critical "not" before submitting it into evidence. IT groups that have yet to implement systems that store data in nonmodifiable form are behind the curve.
Long-term data retention mandates are a minefield as well. Organizations covered by OSHA regulations must keep pre-hiring physical exam records for 30 years after an employee's termination of employment, for example, while HIPAA requires that medical facilities retain records for 20 years or more. Simply keeping copies of end-of-month or end-of-year backup tapes doesn't cut it for long-term data retention. Even if the tape hasn't degraded physically, it's unlikely you'll still have a drive that can read it.
Because organizations facing the most restrictive regulations have had deep pockets -- at least until the sub-prime mortgage debacle -- storage vendors including Caringo, EMC, Hitachi Data Systems, Permabit Technology Corp. and Nexsan Technologies offer a variety of technologies to store fixed content data. These systems aren't cheap, but neither is litigation. And, as the space expands -- Gartner expects the e-mail archiving market to grow from $315 million in new license sales in 2007 to $1 billion by 2011 -- IT will have more to choose from. We asked vendors about the latest in tamperproof CAS (content addressable storage) and locked NAS storage gear, as well as services for those who don't want to maintain their own archives.
As for a business driver, if you can empower your counsel to say, "This message was intercepted before the user had access to it by our e-mail archiving system, which saved it to a non-modifiable archive at 4:02:03 p.m. on 13 February," you're a rock star.
"This e-mail sat for nine months in the user's inbox, where he could have changed it at any time," not so much.
We Like WORMs
Highly regulated industries like securities brokers and pharmaceutical firms have long maintained records in a non-rewriteable and non-erasable format, called write once, read many, or WORM. We believe most organizations are well advised to go this route for fixed-content archives. In fact, until EMC's 2002 release of its Centera system, magneto-optical WORM disks were the only reliable and non-modifiable storage medium. These disks should provide dependable data storage for 30 years or more. Except for occasional complaints about balky robotics on some jukeboxes, reports from real-world users indicate no trouble reading data written 10, even 15 years ago.
Besides WORM storage, you'll also need e-mail and file archiving apps to identify which data should be saved. Of course, that's easier said than done, especially in e-mail. Vendors like EMC, Symantec and Zantaz can help separate ham from spam, but expect to store some grocery lists. Other applications, like medical and check imaging, write data directly to the fixed content store.