Feb 22, 2008 (07:02 PM EST)
Data Compliance: Guilty Until Proven Tamperproof

Read the Original Article at InformationWeek

1   2   3   4  
How certain are you that the electronic data your team retrieves in response to discovery requests is complete and unaltered? Recent rulings have framed electronic records as on par with audio recordings and digital photos in terms of reliability, as judges recognize that a clever cheat could modify an e-mail to remove a critical "not" before submitting it into evidence. IT groups that have yet to implement systems that store data in nonmodifiable form are behind the curve.

InformationWeek Reports

Long-term data-retention mandates are a minefield as well. Organizations covered by OSHA regs must keep physical exam records for 30 years after an employee's termination, while HIPAA requires that medical facilities retain records for 20 years or more. Just keeping copies of end-of-month or end-of-year backup tapes doesn't cut it. Even if the tape hasn't degraded, it's unlikely you'll have a drive that can read it.

Hitachi's Content Archive Platform has a unique approach
Storage vendors such as Caringo, EMC, Hitachi Data Systems, Permabit Technology, and Nexsan Technologies offer a variety of technologies to store fixed content data. These systems aren't cheap, but neither is litigation. And, as the space expands, IT will have more to choose from. We asked vendors about the latest in tamperproof content-addressable storage (CAS) and locked NAS gear, as well as services for those who don't want to maintain their own archives.

As for a business driver, if you can empower counsel to say, "This message was intercepted before the user had access to it by our e-mail archiving system, which saved it to a nonmodifiable archive at 4:02:03 p.m. on 13 February," you're a rock star.

"This e-mail sat for nine months in the user's in-box, where he could have changed it at any time," not so much.