Posts tagged "records management"

GRC: An Introduction To Records Management

Recent events — particularly in the financial services sector — have increased the pressure on enterprise records management practitioners, as more and more companies face regulatory audits or litigation-related discovery requests. The idea of document management is easy for most people to understand. Records management, on the other hand, presents some conceptual challenges. Here's a primer.

Only recently, the U.S. Library of Congress added to the records management confusion by announcing that that they will be archiving all the tweets tweeted since Twitter’s 2006 creation. So, one might ask does this imply that tweets are business records?

Federal Records And ISO

Apparently not. In the US, the Federal Records Act provides the basis for all records-related decisions. It defines a record as,

 …recorded information, regardless of medium or characteristics, made or received by an organization that is evidence of its operations and has value requiring its retention for a specific period of time.”

Internationally, the International Standardization Organization (ISO) defines records as:

… information created, received, and maintained as evidence and information by an organization or person, in pursuance of legal obligations or in the transaction of business.”

From these two definitions we can draw three important things. A record :

  1. Provides evidence of an organization’s activities
  2. Can be in any medium
  3. Is information created in respect of legal obligations

Records Management And DoD 5015.2

Amongst vendors, the de facto standard used by both the public and private sectors for the provision of an adequate records management systems (RMS) is the Department of Defence’s 5015.2 standard.

It outlines the minimum requirements of RMSs  before they can be used by the DoD and other federal agencies and outlines what functions they must have. Included among desired features are:

  • Capture and scanning management
  • File plan management
  • Retention and disposition management
  • Access and library management
  • Storage management
  • Email management

Combined, these applications manage different aspects of electronic and physical records and come with search capabilities to locate records stored across enterprises.

The DoD 5051.2 standard acts as the starting point for the European standards (MoReq) in records management which, like the DoD standards, outline requirements of a RMS.

Record Management Considerations

So if a record is an evidential record of an enterprise's activities what do you need to take into account before deploying a RMS?

While the role of records as an evidential resource outlining enterprise activities rarely changes, the way in which different enterprises choose to deal with them is different from company to company.

This is why it is necessary to be clear as to what needs to be achieved. Areas that need to be identified include:

  • Record management roles:
    Records managers, compliance officers and IT personnel to deploy and monitor systems, content managers to identify where records will be kept.
  • Enterprise content:
    Assessment of all existing and future content and determining what content is likely to become records.
  • Outline file plan:
    Clear list of content that can be considered records and identify where they will be stored, retention periods, person responsible for them.
  • Retention schedules:
    Whether the record is still in use, when its lifecycle has come to an end and how to dispose of them
  • Records management design:
    Based on your file plan, design libraries, content types, policies, and storage locations
  • Compliance:
    As records are a key component of compliance, it is important to ensure that the records can be found and accessed easily.

Electronic Records and Physical Records

The increasing number of regulatory demands from different federal and international organizations means that enterprises now have to consider the relationship between physical records and electronic records and how best to manage both.

Retention policies under regulatory regimes like those related to the Sarbanes-Oxley Act, HIPAA, ISO Document Control and Certification, SEC and DoD 5015.2, means that some of your physical records must be retained.

However, many vendors will have taken that into account when designing their RMS. As a result they come with a number of features that will be common to both. These include:

  • Metadata: All information contained in a RMS must have metadata that describes what is contained in a particular file.
  • Retention policies: All records must be accompanied by a retention policy that outlines when a record can be destroyed.
  • Query Interface: All records must be retrievable with accuracy and speed. Instead of dual searches across indexes of physical records and electronic records, a single query interface that search both should be used.

Physical Records

While electronic records are generally stored within a central repository once relevant metadata has been applied, physical records are still kept in physical filing systems or folders.

The result is that there are individual features that are unique to physical and electronic record keeping. For enterprises that need to plan for physical records there are a number of unique features that will be needed. Amongst them are:

  • Ability to locate non-electronic information
  • User-definable physical record locator
  • User-defined record attributes including location information, contents information
  • Bar code application and reader
  • Printing abilities for container labels (labels can also be stored physically)
  • Bar code labels and bar code reader integration

Worth remembering is that when a physical record is added to the system it is generally only the information about the record that is added (the metadata). In this way users can manage the information about physical records in the same way they would information about electronic records.

Electronic Records

Because electronic records never really leave the RMS there are a number of features that can be deployed that would not be practical when trying to manage physical records. These include:

  • Automatic classification of records based on metadata
  • Automatic placement of records in context
  • Automatic application of retention rules
  • Creation of data standards for access with future technologies
  • Application of disposal policies

Records Management A Priority

Recent AIIM (news, site) research shows 37% of organizations in total are not confident their electronic records would stand up in court. It also showed that nearly 50% of companies say electronic documents and emails remain unmanaged.

However, over the course of the next year that looks like it is changing. The recent State of the ECM Indsutry report from AIIM shows that implementing electronic records management will be the top priority for enterprises looking at ECM over the course of the year.

Given the current regulatory environment and the cost of non-compliance, the pressure for companies to implement an effective records management policy is growing weekly.

But before rushing out and investing in the first system that looks like it can do the job, enterprises need to make sure they know exactly what it is they are looking for. Compliance starts with a good records management policy. Your first step is to design the policy and get it reviewed. Then start thinking about the enabling technologies which can make it a reality.

Managing Online Payment Security, Compliance with Cloud-Based Tool

PCI (Payment Card Industry) compliance standards protect personal information and ensure security when transactions are processed using a payment card. Thanks to ClearPoint Metrics new PCI compliance management solution, organizations can manage PCI compliance risk more effectively, and reduce the cost of auditing and reporting.

The new metrics-based PCI assessment application will be delivered as Software-as-a-Service (Saas) on the Amazon cloud.

Automating the PCI Compliance Process

The new solution was announced at the RSA Conference a few weeks ago and features controls designed to automate assessment, attestation and reporting for all 12 PCI requirements and operate independently of any particular security product.

These 12 requirements are as follows (as outlined by PCI Data Security Standard (DSS) that was developed to help help organizations proactively protect customer account data):

  • Build and Maintain a Secure Network

Requirement 1: Install and maintain a firewall configuration to protect cardholder data
Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters

  • Protect Cardholder Data

Requirement 3: Protect stored cardholder data
Requirement 4: Encrypt transmission of cardholder data across open, public networks

  • Maintain a Vulnerability Management Program

Requirement 5: Use and regularly update antivirus software
Requirement 6: Develop and maintain secure systems and applications

  • Implement Strong Access Control Measures

Requirement 7: Restrict access to cardholder data by business need-to-know
Requirement 8: Assign a unique ID to each person with computer access
Requirement 9: Restrict physical access to cardholder data

  • Regularly Monitor and Test Networks

Requirement 10: Track and monitor all access to network resources and cardholder data
Requirement 11: Regularly test security systems and processes

  • Maintain an Information Security Policy

Requirement 12: Maintain a policy that addresses information security.

Gathering Data, Managing Assets

Components of the ClearPoint PCI Compliance Management solution include:

  • Requirement Manager, Control Mapping and Evidence Manager allowing organizations to document their controls and manage evidence required for attestations and reporting.
  • Evidence Manager for all forms of policy documents to be gathered and monitored, including links to log files and shared documents, surveys and textual commentary as well as fact based metrics.
  • Data Gathering: Hard facts and data are collected through direct access to all qualified vulnerability scanners as well as the full complement of security applications including, firewalls, intrusion detection, antivirus, log management, event managers, encryption managers and data security products
  • Asset Manager and Profiling: takes feeds from internal asset systems and enables organizations to classify, sort and group assets by compliance scopes and risk profiles.

As well, the solution provides a complete library of scorecards, companion metrics, data connectors and control monitoring alerts. All these tools allow for organizations to continuously monitor and keep team members abreast of alerts about performance, goals and deployment.

For 30 days, PCI Compliance management solution is free of charge at PCI.clearpointmetrics.com. After that, ClearPoint's PCI Service will be available in monthly and annually renewable subscriptions. It is licensed on a per-user basis with introductory 12-user subscription sold at US$ 500 per month.

Lessons in Corporate Agility: A Records and Information Manager's Quiet Leadership

Personnel may change; business processes may change; retention periods do not. Every records culture is different. The Records and Information Manager requires the skills of an astute surveyor.

Not Your Typical Job

A Records and Information Manager for a project-driven organization is a role of implementing agility through quiet leadership. Since this environment typifies the 16% of companies that rely on in-house talent to build in-house applications, advocating proper retention decisions on electronic and hard copies equals swimming in tumultuous political waters. 

This is a tough, tough undertaking: project management companies are usually document control organizations. To develop into a sophisticated records and information management program  — which includes the categorization, retention and destruction of its records collected from a project’s lessons learned — is not typically on the list of the top three most important corporate initiatives — until this year. 

From Resource- to Results-Based

Research firm Gartner’s summary report, “Leading in Times of Transition: The 2010 CIO Agenda” claims the focus is shifting from resource-based IT to results-based IT. Applying lessons learned in this recovery, enterprises are transitioning their strategies from cost-cutting efficiency to value-creating productivity — the perfect cue for a Records and Information Manager to contribute to the health of the information technology environment. A presentation to the executive level, especially the CIO, must include facilitated discussions to decide who will financially commit to the correct, comprehensive records operations. 

The Dotted Line

en masse without further criteria applied. The holdings sit in either Tier 2—3 or offsite paper storage, which is the Records and Information Manager and Information Technology’s domain. 

Rarely is it clarified for a division head properly that once information crosses that dotted line to be declared as records, it is released into the custody of the assembled team.

 

To Inventory or Not to Inventory

It is the responsibility of the Records and Information Manager to express admiration for the CXO’s sense of ownership and firmly reassure him that he, or any of his appointed subject matter experts, will be included in the review process during the crucial moments. 

She must quell the terror against action items on any records holdings. A good response in the moment goes a long way. “What if we find The Wrong Thing?” is the common anti-inventorying war cry. “Obfuscation is not the mission of a good Records and Information Management program,” should be the appropriate response. “Worse yet: what if the company doesn’t know how to locate the record that helps?”

When Poor Morale Strikes

We live in an era in which Gartner states the CXO-level turnover is higher than ever before; the average CIO tenure is 4.4 years. Research firm Forrester claims that the cultural shift from information technology to business technology will consume 5-7 years of that department’s attention

In addition, 2010 is another year of jobless recovery. This high turnover contributes to a strange phenomenon that is a by-product of poor records practices: when best practices in records do not exist, the hours lost due to poor search and retrieval time trickles down to the analyst level and contributes to low employee morale. 

The Records Vision

Armed with the right time-study statistics, the Records and Information Manager must forge ahead with cooperation from her team of Legal, Information Technology and Compliance. She should highlight their collective vision of the culture’s records life cycle over at least the next five years.

The presentation should include commentary on improved employee productivity, decreased costs, revitalizing the organization, faster response time, minimized risk and improved asset utilization.

The denouement of the presentation is to align records management business processes to efficiencies and performance. Personnel may change; business processes may change; retention periods do not. 

All she needs is one CXO-level champion. Best practices require top executives voicing their support to activate change.

The Sweet Art of Diversion

Every records culture is different and the role requires the skills of an astute surveyor. An important moment in the life of every project is the contract — it would behoove a Records and Information Manager to contribute language that will protect her retention periods in the future. 

She should also tack on to the latest IT initiative to create business process results for the organization. The challenge is realistic expectations from all parties.

While it’s true that applying retention is as much the application of the sweet art of diversion as it is of adhering to compliance responsibilities, the path to success lies in the ability to discuss best practices with everyone, no matter their level in the organization.

 
SpringCM To Bring Government To Cloud-based Document Management

A new partnership between cloud content management provider SpringCM (site) and technology consulting company Acumen will bring cloud-based solutions to government agencies, particularly document management and workflow solutions.

The move towards cloud computing follows plans in the Fiscal Year 2010 Budget of the United States Government to introduce pilot software projects that will cut the cost of content, information and records management, and introduce on-demand case management and workflow management.

SpringCM already offers these solutions, but with the experience brought by Acumen Solutions, which already advises Federal agencies on commercial content management best practices, Steve Maier, SpringCM VP and general manager of government solutions says they should be able to align their document management solutions with government needs.

Government Cloud Adoption Difficult

However, Maier doesn’t expect the move to the cloud by government organizations to be an easy one. In an audio interview on the Fed Cloud Blog last month, he said the technology purchasing pattern of government departments, which are inextricably linked with procurement processes, will make cloud adoption difficult.

“The government is interesting because, given the size of their procurements and the things that they do, they’re a little hamstrung by the procurement process. I don’t think there’s a shortfall in desire, but the procurement process is very much tuned to the status quo,” he said.

He says that because with SaaS, users are buying services rather than assets, the procurement process will have to be reprogrammed and that this could take up to two year to do.SpringCM Platform.jpg
SpringCM Platform

SpringCM 5.4

Late last year, SpringCM released v5.4 of its SaaS-based enterprise content management system, which did much to upgrade its ability to provide secure records management.

It took records management a few steps further with several new capabilities including:

  • Setting retention period of a document using a date field inside the document
  • Automatic classification through a SpringCM Advanced Workflow

It also took reporting and dashboards two steps further with more out of the box reports and more options for dashboard customization.

On top of that users can design and deploy their own ECM applications by accessing these core services through web services, email and fax, web client and other approaches.

There is no indication of when the first results of this partnership will be visible, but there is considerable pressure across government agencies to cut IT costs so it will probably be sooner than the 24 months that Maier predicts.

Document Management Roll-up: Can't Let Go of the Paper, Has SharePoint Met Its Match?

This week there’s been a couple of wild claims doing the circuit, not least of which is the demise of SharePoint at the hands of Salesforce.com’s Chatter, while Microsoft gets social with Outlook.

Outlook Gets Social

The promised link between Microsoft Outlook and social networking has finally happened with Microsoft reporting this week that software updates between LinkedIn (site) and Outlook have just been released in beta.

Designed for Office 2010, the new set of applications that will also include email links for Facebook (site) and MySpace (site) will go on general release later this year.

The LinkedIn connection to Outlook lets people using the email program stay in tune with any changes in job status, contact information or affiliations being shared by friends at the career-focused online community.

The company says that the new connections are all about bringing, friends, family and colleagues into your inbox and enables you to communicate with them and see their social activities at the same time.

If you’ve been following us here you will be aware of the problems that managing unstructured content in emails is causing enterprises.

Likely that the same companies can hardly wait to thank Microsoft for this new Outlook ability. The test version of Outlook is available online at the Office website.

SharePoint To Be Killed By Chatter?

That Salesforce.com (site) has launched the private beta of Chatter, an enterprise collaboration tool for the cloud will stir some interest; that some of those involved in the private beta say Chatter heralds the end of SharePoint should cause more than a stir.

The end of legacy collaboration software like Microsoft SharePoint and IBM Lotus Notes is here," said Marc Benioff, chairman and CEO, salesforce.com. "Consumer Internet services like Facebook and Twitter have shown us better ways to collaborate …".

Muscle-flexing aside, Chatter does come with a number of document collaboration tools, amongst other features, that should be useful for those with document management issues.

In this respect the document sharing and security settings are of interest. With Chatter, users can instantly and securely search the Chatter feed to access, share and even download the documents and other information files via an Internet browser.

It also enables users to manage who has access to what information based on Force.com platform security settings, which decides what information can be seen by who.

If you’re interested in more, you can find out more from the website, but nothing there would seem to back up Benioff’s claim that SharePoint is on its way out!

We Can’t Leave Paper Alone

According to AIIM (site) office staff just won’t give up on paper copies, despite the wide availability of scanners and document management systems.

A recent survey by the content management organization found that 62% of important paper documents are still archived as paper. Even when documents are sent off for archive scanning, 25% are photocopied beforehand “just in case” and less than a third of the paper originals are systematically destroyed after scanning.

Despite the fact that the legal admissibility of scanned paper documents has been established for nearly 20 years and is nailed down in legislation and standards around the world, there is still this suspicion among users that they may need to produce the original paper copy at some stage, the study says.

In the survey, 70% of the respondents agreed with the statement, “Users feel that paper records are needed for legal reasons.” Even at the organizational level, in 25% of businesses the legal admissibility of scanned documents is still seen as an issue.

According to AIIM president John Mancini, we still haven’t tapped into the real potential savings of using document management software, because we just can’t let the paper go.

If you are interested in finding out more, you can download the research from the AIIM website.

How Is Your Records Management?

Something else from AIIM this week that might help companies see how effective their records management software: take AIIM’s quick, easy online assessment to find out what stage of records management competency your organization is in, and then learn more about that stage, its risks and the benefits of progressing to the next.

Participants will be asked 13 questions in order to determine their organization's Records Management competency. Once the assessment is completed, participants can download the Solution Brief for their identified stage which includes information on:

  • Current state of records management
  • The risks of your current state
  • The benefits of progressing to the next stage.

And it’s all free.

Iron Mountain Adds Archiving

We couldn’t let this week go by with some mention of the acquisition of Mimosa Systems by Iron Mountain for an estimated US$ 112 million in cash.

Iron Mountain is a major player in the information management market with this deal providing it with an on-premise content archiving solution — in this case Mimosa NearPoint — to complement their cloud based offering.

Mimosa NearPoint is an email archiving and eDiscovery solution. Version 4 was brought to market last June, offering an integrated content archive that includes not only email, but also content in blogs, wikis, documents and more. It also improved content search, case management and came with a new user interface and data capture methodology.

It's these capabilities along with being able to now capture and manage content from additional devices like desktops, laptops and systems like SharePoint that caused Iron Mountain to choose Mimosa.

How Document Management Has Evolved in SharePoint 2010

It’s always useful to get some kind of insight into the thinking behind the development of features in new software, particularly when it comes to SharePoint 2010 (site).

In a recent entry on the Microsoft Enterprise Content Management Team Blog, Adam Harmetz, Lead Program Manager for SharePoint Document and Records Management, explains how new features in SharePoint 2010 build on SharePoint 2007 and what we might expect in the future.

The first thing he says is that many of the key document management infrastructures were introduced in SharePoint 2007, which was the first time that SharePoint enabled users apply structure and management to their document libraries as opposed to using it principally as a collaborative tool.

Those features and their integration with Microsoft Office client applications enabled users to create high-value knowledge repositories that were easy to interact with and were generally positively received by users.

SharePoint 2010 document management is built off the success of that and around a number of principal ideas including:

  • Managing unstructured silos
  • Use of metadata
  • Browser as document management application

Managing unstructured silos

Looking at the way users were using document management features in 2007, Harmetz says they noticed that SharePoint was being used to pull unstructured silos into realm of enterprise content management.

Users were using traditional document management features on collaborative sites and using them to apply policy and structure as well as gathering insights from unmanaged places.

This lead to the development of many new SharePoint 2010 document management features. In this respect Harmetz cites the idea of a document set, which allows users to group related documents, share metadata, workflows, homepage and archiving processes.

The feature was designed with dual purposes:

  • To manage very rigid processes (regulatory submissions, for example)
  • Informal process management where teams need to combine a number of file types in same process.

Extending the document set feature to enable its use informally extends the SharePoint ECM value for users, Harmetz says.

Use of metadata

In establishing how metadata would be used across SharePoint 2010, they combined the use of both structured taxonomies and keywords, and applied both to SharePoint 2010 repositories.

SharePoint 2010_document management_navigation.jpg
Instead of navigating by traditional folders, a user filtered the library to the virtual folder that contains just sales materials about Contoso’s tent products.

With SharePoint 2010, users get consistent metadata management with the result that any SharePoint site can hook into that metadata with virtually no effort.

There are two key principals in the use of metadata:

  • Use and application of tags: It’s easy for a site to use enterprise wide tags and taxonomies, and easy for users to apply them.
  • How SharePoint 2010 uses tags: The document library can be configured to use metadata as a primary navigation pivot.

Combined, it means that easy metadata entry enables users to tag items which in turn drives navigation. And because users need the metadata to navigate the repository, this encourages them to tag the items.

Browser as a document management application

SharePoint 2010 pulls together two features that SharePoint is best known for:

  • Website and page creation
  • Collaboration on, and management of documents

In the interests of efficient knowledge management, SharePoint 2010 applies the principal that the browser is the key to best managing documents — not just for document downloads but also for interaction with the document.

In this respect, users will now be able to interact with the document as well as having access to document context including metadata, wikis pages related to the document and related documents.

SharePoint 2010 enables this in a number of ways including:

  • Office Web Apps: The default click for the document library can be set for automatic document upload into the browser.
  • Content Query web part: Used to roll up all the documents related to a particular topic.

The result is a combination of wiki and traditional enterprise document management repositories.

There are a lot more document management features to SharePoint 2010, but Harmetz gives some context to it and suggests that future developments will be based along the same lines. He will be addressing other features and other document management issues over the coming months.

However, if there are particular issues in relation to SharePoint 2010 and document management that you would like him to discuss, leave a message on the blog, especially if you’re one of those that have downloaded the Beta version and are having problems on the test drive.

DocFinity Document Management Adds eForms Capabilities

The recent release of Optical Image Technology’s (OIT) upgraded DocFinity adds electronic Forms to the document management software that it launched in March 2009 after a ground upwards rebuild.

The new DocFinity eForms will enable users to create, manage, distribute, process and store electronic forms that can be easily integrated with existing portals and websites.

It also comes with a fully functional designer in a Flash interface that also allows for the customization of forms while ensuring that the information held in those forms in secure.

eForms And DocFinity Suite

Now an integral part of the DocFinity suite, OIT says that it has built the eForms solution around the Suite’s central administration business process functionality to ensure that its integration into the existing software is seamless.

While the concept of eForms is not new, the selling point will be the ability to customize the forms, as well as the ability configure, administer, support and use them within a single web-based interface — which the company says is unique.

Additionally, as the majority of data captured within eForms is already indexed and categorized, it can be used straight away to instigate trigger processes or events, cutting management time.

Abilities of the eForms include:

  • Process both structured and loosely structured web-based forms
  • Access and manage online forms in a secure environment
  • Option of self-servicing forms
  • Massive reductions in processing and turn-around times
  • Cuts all costs relating to management of physical documents

DocFinity v10 Rebuild

The introduction of eForms is the first upgrade to v10 — consisting of an entire rebuild — of its document management, imaging and business process management software, DocFinity.

At the time of its release last March, the company said the entire product line had been redesigned and built from the ground up based on newly emerging technology.

Built around a J2EE server, its centralized administration makes installation easy, while the new GUI interface allows for customizable workspaces that maximizes productivity.

The entire product suite also comes with products for data capture, email management and records management. The integrated suite is fully underwritten in extensive web services that are included with the core DocFinity product as well as a URL API and “zero programming” tools.

That DocFinity does what it says it does, was underlined last November when OIT was named a finalist for KM World Magazine’s 2009 KM Promise Award. The award recognizes organizations that are implementing innovative knowledge management solutions that integrate knowledge management practices into customers’ business processes.

HP TRIM 7 Provides Records Management for SharePoint

When HP (site) bought Tower in 2008 the reason they gave for doing so was to extend their reach in the information management market. The recent upgrade of the TRIM document management software to TRIM 7 fulfills that ambition by offering an integrated, full suite of solutions for eDiscovery, compliance, records management and archiving.

In fact with TRIM 7, HP has specifically focused on upgrading the records and archiving elements. In this respect, they have created software that enables organizations transparently manage all of their Microsoft SharePoint Server records in a single environment, regardless of the source of those records.

What this means is that it can now capture Microsoft SharePoint files and even entire SharePoint workspaces. It also comes with full DoD 5015.2 v3 certification, making it particularly attractive across the eDiscovery and compliance markets.

TRIM And SharePoint

That TRIM 7 focuses specifically on integrating its records and archiving abilities with SharePoint is not a surprise.

For those unfamiliar with it, TRIM software is an enterprise document and records management system with the ability to scale across large, distributed environments. It enables users to capture, manage and secure enterprise information, from electronic to physical records and from creation to eventual disposal.

When HP bought Tower and its Total Records Information Management (TRIM) in 2008 one of the features it was buying was TRIM’s SharePoint integration capabilities. Tower’s software was based on Microsoft Technologies and was a Gold Partner for SharePoint before the takeover.

This integration enabled HP to enter into the SharePoint eDiscovery and compliance world as so many organizations with SharePoint now find themselves having to look at compliance issues and SharePoint carefully.

TRIM 7 Modules

With the two new modules, HP TRIM 7 enables users capture, search and manage of all types of physical and electronic business information across Microsoft Office SharePoint Server 2007 and the upcoming SharePoint Server 2010.

The two new modules include

  • TRIM Records Management: Provides transparent access to all SharePoint Server content from the SharePoint Server workspace
  • TRIM Archiving: Archives specific list objects in SharePoint Server, or entire SharePoint Server sites, to HP TRIM.

While TRIM’s ability to capture SharePoint records and archive them is not new, up until now the information it could manage was restricted to documents and limited to manual entry.

However, now capture policies can be defined by administrators and can include information that is contained in wikis, blog entries, blog comments, calendar entries and workflow events.

There are other advantages too. They include:

  • Increased compliance and preparation for eDiscovery
  • Apply compliance policy management across the enterprise
  • TRIM can now manage the complete information lifecycle of corporate records
  • Prove the authenticity of information with version control, access control and audit trails
  • Support long-term information access in appropriate formats
  • Support FOI requests by easily finding, redacting and rendering information for secure release
  • Enforce a security structure that governs how information is used
  • Easy-to apply text‑based search capabilities and metadata
  • Apply lifetime policies seamlessly and manage all SharePoint

Given the number of organizations that are now using SharePoint and are considering SharePoint 2010, the new HP TRIM modules are quite timely and probably not the last module we are likely to see for TRIM.

Considering SharePoint does not have DoD 5015 certification for its built in records management capabilities — in SharePoint 2007 or SharePoint 2010 — many organizations using the platform will be looking for an integrated solution such as this one from HP.

EMC Extends Exchange 2010, Adding Archiving, Retention and eDiscovery

While EMC’s (site) SourceOne suite of modular integrated software enables email management, archiving, records management, search and eDiscovery, the company says it is expanding it to enable users make a speedier and more efficient move to Microsoft Exchange 2010.

Although EMC is consistently working to improve on its information infrastructure technology, SourceOne's extension of Exchange 2010 could be a game-changer in the eDiscovery market segment. Even Gartner in its recent MarketScope for E-Discovery Software Product Vendors report has given it a thumbs up.

The result is that EMC continues lead the charge on eDiscovery technology — something it had signaled last September with the acquisition of Kazeon (site). With email management and archiving a core element of current information management, the SourceOne suite should play a central role in developing that market for them.

Easing the Upgrade to Exchange 2010

Let’s take a quick look. The first thing to say in this respect is that EMC's SourceOne is Exchange 2010-ready out of the box and extends the archiving, retention and eDiscovery features of Exchange’s email management abilities.

SourceOne has the ability to take large quantities of PSR files and emails that have been inactive for long periods of time out of both Exchange 2003 and 2007 and place them in SoureOne’s business archive before users make the move to Exchange 2010.

These files are easily accessible and can be stored with specific retention and destruction schedules. The beauty of this is that they do not need to be moved across to Exchange 2010 which greatly eases the problems of migration.

In effect, what it does is improve the performance of Exchange 2010 by applying single-instance storage for messages in the archive, by automating the migration of messages to the appropriate location and by reducing backup and recovery times.

EMC, Kazeon And SourceOne

The other element that EMC has just introduced is EMC SourceOne eDiscovery — Kazeon based on the Kazeon’s eDiscovery Fourth Generation software, which was released last May (just before EMC bought the vendor in September).

Again, focusing on email management, Kazeon provides three principal products, integrated within a single, underlying software platform, aiming to ensure a smooth workflow. They include:

  • Analysis & Review: Capabilities include patented analytics, concept extraction and search.
  • Collection & Culling: The identification of ESI based on case requirements.
  • Legal Hold Management: Fully indexed or index-less targeted collection, and a forensically sound and defensible collection from any source.

Searching through emails, SourceOne Kazeon automates the identification, collection and preservation of electronically stored information (ESI) that resides "in the wild", tags it for legal hold and places it in a protected repository under user-defined retention and destruction policies.

Already on the market, EMC says the purpose of developing the SourceOne Exchange 2010 capabilities in the first place was to enable organizations to develop complete, actionable information governance strategies with email management as one of the core elements.

If you’re concerned with rampant emails getting out of control, it might well be worth checking out.