How to Avoid High-profile Discovery "Train Wrecks"

By Thomas Schmidt

The investment management firm had a big problem on its hands.

Its infrastructure, to put it charitably, was fragmented. Each of the company’s three main locations had its own email application, directory service and phone system. Demonstrating compliance with government regulations and responding to discovery requests were eating up staff time and incurring outside costs, putting a drag on operations and profitability.

For example, responding to compliance audits and discovery motions involved the following: The company had to request the backup tapes for the relevant time period and then rebuild the original file systems, a process that could take days. Then it would print out the information and send the documents to an outside vendor, who would go through it page by page, searching for particular words and phrases or categories of information.

This procedure swallowed up resources -- including servers, disk space, network bandwidth, and most importantly, IT staff time -- that could have been dedicated to more productive uses. Moreover, manual retention and expiry processes are prone to human error, a particular problem in litigation. Demonstrating a good faith and automated system for the retention and expiry of electronically stored information can potentially protect an organization from sanctions when it is unable to produce certain data. Without this type of routine operation, the presumption is often that the respondent is acting in bad faith. The risk of sanctions can be reduced by implementing a system for document and retention management alongside an ability to immediately suspend that system in the event of anticipated litigation.

As part of a major IT initiative, the investment management firm identified email and document archiving, e-discovery and compliance as critical areas to address. It worked to deploy an enterprise solution with archiving policy covering email, instant messaging, file and print server data, and Bloomberg Professional IM. The result? A business value analysis study by an independent research group pinpointed millions of dollars in cost savings, productivity gains and cost avoidance.

This company’s experience wasn’t unique. For financial services companies everywhere, the growth in volume and variety of electronic communication is matched only by growing demands for discovery to support litigation.

This article looks at some of the key challenges these companies face when it comes to document retention and discovery. It then goes on to show how companies can improve their ability to retain and protect corporate information while reducing storage costs and simplifying management.

The data explosion
No challenge is as daunting for today’s IT departments as getting a handle on the explosive growth of business information. Take the company described above. Its volume of email has doubled every year since 2001. Other information -- databases and file-based information -- is growing nearly as fast.

At the same time, IT managers must be concerned by the proliferation of regulatory- and discovery-sensitive information that is carried on laptop computers, cell phones, PDAs, memory cards, flash drives and even consumer devices such as multimedia players.

These trends put obvious strains on any company’s storage infrastructure as well as its business continuity strategy.

As a result, IT is looking for ways to reduce the enormous amounts of duplicate data that are unnecessarily filling up expensive storage systems. And as IT departments know all too well, storage plays a significant role in creating the space, power and cooling problems that have pushed many data centers to their breaking points.

Consider Russell Investment Group. Like virtually all financial services companies, Russell views email as critical to its operations. But email volume is also increasing steadily (in Russell’s case, 60% annually).

Two years ago, Russell, headquartered in Tacoma, Wash., deployed an enterprise vault solution. The solution offloads archived email from Microsoft Exchange-based servers; it compresses messages and stores multiple instances of an attachment only once. The result has been a 45% reduction in Russell’s email store. In addition, backup and recovery times have been slashed. Russell estimates that its ability to recover email service is now 75% faster.

Avoid discovery train wrecks
The importance of taking a smart, strategic approach to email archiving and recovery can’t be emphasized enough. Consider the case of the American who flew to Europe last year even though he had tuberculosis. As InfoWorld reported last July:

“The Fulton County, Georgia, Department of Health and Wellness tried to prevent Andrew Speaker, of Atlanta, from traveling to Europe for his wedding and honeymoon in May because his drug-resistant form of TB could make him contagious to other airline passengers.

Speaker has said in media interviews that he had not been told he couldn’t fly. The Atlanta Journal-Constitution newspaper covering the case filed an open records request with Fulton County Georgia Government to disclose email messages among health officials in which Speaker’s case was discussed….‘All I basically had to do was say.... I want any emails retrieved for me that involved the name Andrew Speaker,’ said Rich Diller, email administrator for Fulton County."

Ultimately, the archiving software that Fulton County used retrieved some 200 pages of email correspondence related to Speaker’s case in just 90 minutes -- thereby sparing Fulton County any untoward publicity.

In recent years, Merrill Lynch and Co., Morgan Stanley and UBS Warburg, to name just three high-profile firms, have been penalized for various e-discovery missteps.

Conclusion
The pressure on all organizations to protect and manage data has intensified with the recent growth in unstructured data and the reliance on email to communicate and exchange documents. Email is a mission-critical application.

Thomas Schmidt writes frequently about information security topics. He has more than 15 years' experience as a writer and editor in high-tech publishing.