News Stay informed about the latest enterprise technology news and product updates.

The e-mail trail and corporate liability

Sifting through the publicly released e-mails of scandal-plagued Enron, it's clear that bad accounting wasn't the only problem the energy company had. Experts say it's a lesson on how not to manage corporate messaging.

The first e-mail Roger Matus opened said, "So … you were looking for a one night stand after all?"

When the Federal Energy Regulatory Commission made public more than 1.3 million e-mails seized

"… e-mail, as it ages, becomes more of a liability than an asset."

Rob Enderle, analyst,

Enderle Group

from Houston-based Enron, Matus used them to test a spam filter to see how many contained inappropriate content.

The CEO of Audiotrieve LLC found plenty of material that could open a business up to a plethora of liability issues. So, where will your organization stand when your corporate e-mails are made public?

With the introduction of HIPAA, Gramm-Leach-Bliley and Sarbanes-Oxley, among others, enterprises now must walk a delicate line between e-mail that's private and protected and e-mail that's a corporate liability. Health and financial records, as well as many business records, cannot be destroyed. How will these messages be weeded through to save what must be saved and delete what is simply taking up valuable storage?

"The same people who are involved in the antispam fight and who are involved in the antivirus fight are going to have to change their focus from inbound mail to outbound mail, and they're going to have to look into putting the tools and manage the outbound flow the same way they manage the inbound flow," said Matus, whose software company is based in Boxboro, Mass.

The burden falls on administrators

In his research, Matus found that 90% of employees admit to using company e-mail for personal use, and another 60% send or receive e-mail with adult content. What does this mean for the enterprise and the IT administrators who must sort through and store the countless e-mails that go in and out every day?

"The administrators are going to have to be the ones to manage and implement the policies," Matus said. "They're going to have to make sure that the tools are in place, whether

For more information

Who's archiving and who's not


E-mail policy dos and don'ts

software tools or monitoring tools. They're the ones that are going to have to make it easy for the compliance officer, security officer or HR professional to get the information the way that they need to get it."

Not knowing what's in your system can create further problems. Rob Enderle, principal analyst with the Enderle Group, San Jose, Calif., said enterprises must retain messages that could someday be subpoenaed.

"In today's world, you can't be in a position where the documentation you have can only be used against you," Enderle said. "Given the way memories jumble and the way employees move, e-mail, as it ages, becomes more of a liability than an asset.

"It's best just not to have it around unless you have to by law."

Matus agreed.

"No one should deliberately or intentionally destroy evidence, but if it has nothing to do with the business, then you're just taking up storage space," he said. "You might as well delete those types of things."

Dig Deeper on Exchange Server setup and troubleshooting

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.