News Stay informed about the latest enterprise technology news and product updates.

Users rebel against e-Discovery liabilities

Tory Skyers’ post about dedupe and the law jogged my memory about recent conversations I’ve had with users about data compliance and archiving. It’s become a big topic for this industry, and as stewards of data, storage managers are part of the legal e-Discovery process.

But some storage managers are beginning to draw a line when it comes to the extent of their role in that process. A discussion about compliance only goes so far these days before frustration starts to show. Someone from a municipal government shop I met at Symantec Vision last week extolled the virtues of Symantec’s Enterprise Vault for data retention and said his organization has policies for dealing with litigation. But he was clear that his role in the process involves managing bits on disk, period. “I don’t delete anything without the department that owns it giving me explicit instructions,” he said. “It’s not up to me to decide to delete data–it’s up to me to keep the storage and backups running on whatever data departments want to keep.”

This week I spoke to a storage guy from a hospital about email management and archiving, and he told me his shop deletes all email after 60 days. “We wrote policies that say we don’t keep email very long because of the storage cost,” he said, and then added that he’d been told by some vendors pushing archiving that a short enough retention period could “make him look guilty.”

“I’m not guilty of anything,” retorted the user. “I’m an IT guy trying to keep email running.”

And he’s right. As long as a company’s retention policy is clearly defined and followed scrupulously, it can be just about any length of time.

As everybody and their uncle tries to get in on selling e-Discovery products and services, new players emerge and the competition gets fiercer. It sounds to me like this is leading some vendors to use scare tactics to push sales by exaggerating how much liability the storage people have when it comes to data compliance and retention. Analysts increasingly agree that organizations of sufficient size should dedicate a liaison between IT and corporate governance to oversee policy instead of tossing legal liability onto the shoulders of IT.

The problem is, IT people remain responsible for understanding and following policies. They also may be called upon to testify as to what those policies are. While I don’t think users should have to take on the legal burden alone, I hope they’re not being pushed too far in the opposite direction, so caught up in shrugging off false expectations that they aren’t mindful of the real ones.

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

Will you pursue a certification in cloud or desktop virtualization?
Would only do this certification if there is scope in the market for new career and job perspective.
No money to train
Too expensive
It's like we are having to pay to sell / recommend / install their products
Need cert info
The proof is in the pudding not the certification, and I have plenty of puddings to demonstrate my ability. I've met enough over qualified under experienced IT people in the past, to know that any sensible IT director or CTO wouldn't write off a solid CV based on lack of qualification. Good IT staff are too busy learning on the job, rather than a classroom.
Not sure at this time. A lot of money to have to come up with and then not sure if the employer will even appreciate the fact of pursuing certifications is worth the investment on my part.
I already have VCP 5 & MCSE & BSc. Not sure I need any more.
what worries me most is the nature of "if u don't go to class you will not take their exams" that's bad.Bringing out certifications and making it hard for people to pursue will derail the company's image and the market will reject it.
I will study about virtualization but no certification is needed for knowledge
Too expensive. I can get a lot more certifications from other vendors for less cost. I also don't have a company that will pay for them for me... I guess that's VMWares business model... get your boss to pay for it.
After researching certification it seems that they are too many doubts about its value in the current marketplace
Just researching now
Already have cloud cert
Cost is a hugh factor. ROI is too and the number of added certifications has increased.