This analyst white paper discusses best practices for archiving file-based content and offers some recommendations about how organizations should manage the increasing growth of files.

1. WHITE PAPER
File Archiving: The Next
Big Thing or Just Big?
ON An Osterman Research White Paper
Published December 2012
SPONSORED BY
sponsored
SPON
sponsored by
Osterman Research, Inc.
P.O. Box 1058 • Black Diamond, Washington • 98010-1058 • USA
Tel: +1 253 630 5839 • Fax: +1 253 458 0934 • info@ostermanresearch.com
www.ostermanresearch.com • twitter.com/mosterman

2. File Archiving: The Next Big
Thing or Just Big?
EXECUTIVE SUMMARY
Although many organizations still do not archive email, email archiving has become
an accepted best practice at the majority of mid-sized and large organizations.
Because email contains the primary record of communications and collaboration for
most organizations, archiving this rich source of content is essential for compliance
with regulatory obligations, legal requirements, data mining and other purposes.
Interestingly, however, email is not the primary source of electronic content in most
organizations. Instead, files – word processing documents, spreadsheets,
presentations and a wide variety of user-generated content – are the most pervasive
type of content retained in the typical organization.
Volume of Electronic Content in the Typical Organization by Location
Email is not the
primary source
of electronic
content in most
organizations.
Instead, files –
word processing
documents,
spreadsheets,
presentations and
a wide variety of
user-generated
Source: Osterman Research survey, October 2012
content are the
most pervasive
type of content
KEY TAKEAWAYS
• Organizations are at serious risk if they do not archive electronic content in retained in the
compliance with regulatory, legal and industry best practices. typical
• In some respects, file content is more difficult to archive than email because it organization.
can be created and stored in a large number of venues, both within and outside
of IT’s control. The Bring Your Own Device (BYOD) phenomenon, coupled with
rapid growth in the amount of file content being stored, is exacerbating the
problem.
• Files, as the largest single source of archivable, electronic content within most
organizations should be a top priority for retention in conjunction with email.
ABOUT THIS WHITE PAPER
This white paper discusses best practices for archiving file-based content and offers
some recommendations about how organizations should manage the increasing
growth of files. This document also provides a brief overview of the sponsor of this
paper, EMC, and the company’s relevant solutions.
©2012 Osterman Research, Inc. 1

3. File Archiving: The Next Big
Thing or Just Big?
DRIVERS FOR ARCHIVING ELECTRONIC
CONTENT
While the reasons for and benefits from archiving will be different for IT than they
will be for legal, compliance or other functions within an organization, archiving and
related issues should be top of mind for every function that creates and/or manages
electronic content. For example, IT may not be concerned about the specific legal
obligations that an organization has to preserve content, but they must preserve it.
Legal may not care about the specific archiving technologies in place, but their focus
must be on the legal reasons behind content preservation. Similarly, users may not
care about the legal obligations or technologies, but they must be involved in
preserving relevant content.
LEGAL CONSIDERATIONS
Virtually every business will eventually become involved in a lawsuit, either as a
plaintiff, a defendant or as an involved third party. According to a survey on litigation
trends by the law firm Fulbright & Jaworskii, more than four out of five US companies
surveyed are involved in litigation, while about one-half as many companies surveyed
initiated at least one lawsuit. Consequently, the likelihood of facing an eDiscovery
request is quite high.
When litigation is reasonably anticipated, an organization has an affirmative duty An organization
under the Federal Rules of Civil Procedure (FRCP) to preserve relevant evidence, such has an
as emails, files, databases and other content that may be necessary to produce
during the litigation process. This duty to preserve generally commences when a affirmative duty
party knows, or reasonably should have known, that litigation may be forthcoming. under the
When a legal hold is necessary, it is imperative that an organization retain all relevant
data, such as all email sent from senior managers to specific individuals or clients, Federal Rules of
word processing documents that may contain corporate policy statements, and so Civil Procedure
forth.
(FRCP) to
Significant consequences can result from a failure to preserve possibly relevant preserve relevant
evidence. Courts have discretion to impose a variety of sanctions, including fines,
additional costs for third parties to review or search for data, or even criminal evidence, such as
charges. For example, a court found that Samsung, in its recent litigation with Apple, emails, files,
had a duty to impose a legal hold on relevant email beginning in August 2010.
However, Samsung did not disable its email system’s auto-delete capability and so databases and
was not able to produce relevant email that Apple had requested, which could have other content
resulted in an adverse inference instruction to the jury in the case. However, the
Court determined that Apple had also acted badly, and so did not provide this
that may be
instruction for either party. necessary to
As another example, in the case of Pension Comm. of Univ. of Montreal Pension Plan
produce during
v. Banc of Am. Sec., LLC, 685 F. Supp. 2d 456, 470 (S.D.N.Y. 2010), the court the litigation
awarded an adverse inference sanction because a party acted with gross negligence
(as opposed to willfulness) in failing to preserve electronic documents. The court
process.
reasoned that ‘‘contemporary standards’’ of discovery rendered the failure to preserve
and collect electronic files ‘‘grossly negligent’’ and therefore worthy of the severe
sanction of an adverse inference, even without proof of intentional misconduct. At a
minimum, an organization that cannot produce data when required will suffer a
damaged corporate reputation.
Another consideration for archiving electronic content from a legal or regulatory
perspective involves senior management’s and/or legal counsel’s ability to conduct
more formal early case assessments in response to concerns about employee
behavior, allegations of wrongdoing, and the like. Having all relevant electronic
content – files, emails, instant messages, etc. – enables reviewers to investigate
issues of concern quickly and easily before the litigation process begins and may save
time and money en route to the situation’s most logical business conclusion – defend
or settle.
©2012 Osterman Research, Inc. 2

4. File Archiving: The Next Big
Thing or Just Big?
Similarly, an archiving capability for all relevant electronic content enables the
development of early insight into a case on an informal basis. For example, if an
organization suspects that it might be involved in litigation at some point in the
future, senior managers, legal counsel or even departmental managers can conduct a
preliminary form of early case assessment to determine if there are issues about
which to be concerned. In the absence of a robust archiving capability, conducting
this sort of analysis would be difficult, if not impossible. While many organizations
have an archiving capability that enables this sort of activity for email, fewer have the
capability to do so for files.
REGULATORY COMPLIANCE
Electronic records that pertain to an organization’s business activity are subject to
regulatory compliance obligations, which vary widely by industry and jurisdiction.
These regulations require the retention of content like financial documents, email,
instant messaging and social correspondence and employee and client records. In
fact, the Supreme Courts of both Arizona and Washington State have ruled that even
metadata must be retained as part of the record of information archived.
Among the most heavily regulated industries worldwide is the financial services
industry, particularly broker-dealers and investment advisers. In the United States,
regulations issued by the Securities and Exchange Commission (SEC) and the
Financial Industry Regulatory Authority (FINRA) require members of national
securities exchanges, brokers and dealers to preserve securities transaction records Consequences to
for a minimum of six years, the first two years in an easily accessible place. The new
Dodd-Frank regulations related commodities/swaps and hedge funds will create financial services
similar content management requirements. firms for failing
As but one example of the need to archive files, NASD Rule 2210(1)(b) requires that to comply with
advertisements and sales literature be filed with FINRA’s Advertising Regulation retention
Department – best practice dictates that this content also be archived internally, as
well. Underscoring the importance of retaining this content, the firm Hedge Fund obligations can
Capital Partners, LLC and one of its registered principals were sanctioned for, among be severe and
other things, failing “to retain institutional sales materials”ii.
typically involve
In Canada, records of purchase and sell orders of securities must be retained for the imposition of
seven years, the first two years in an easily accessible location. In the United
Kingdom, investment service and transaction records must be retained for a minimum significant
of five years. financial
Consequences to financial services firms for failing to comply with retention
penalties.
obligations can be severe and typically involve the imposition of significant financial
penalties. For example, FINRA imposed a $700,000 fine on brokerage firm Piper
Jaffray in May 2010 when the firm failed to produce 4.3 million emails sent and
received between 2002 and 2008.
Brian L. Rubin, a member of the law firm Sutherland Asbill & Brennan LLP and former
FINRA deputy chief counsel for enforcement, expects FINRA to maintain its attention
on brokerage firms’ content retention processes and strengthen its examination
process of brokerage firms that fail to follow up on glitches in their retention systems.
It is important to note that while much of the attention from regulators focuses on
email and other forms of communication, files that contain business records – such as
advertising literature – are also subject to retention by regulators.
Also heavily regulated is the healthcare industry. For example, under the “privacy
rule” of the Health Insurance Portability and Accountability Act of 1996 (HIPAA),
health care providers are required to protect patients’ electronic health information
from unauthorized users and to retain such information for six years. Noncompliance
with these HIPAA requirements could result in fines of up to $50,000 per violation, or
criminal penalties of $250,000 and up to 10 years in prison for violations based on
intent or malice. Here again, files are just as important a consideration for retention
and privacy as emails and other forms of communication.
©2012 Osterman Research, Inc. 3

5. File Archiving: The Next Big
Thing or Just Big?
IMPROVED IT MANAGEMENT
An organization need not have billions of files to experience significant electronic
content storage growth. Because content growth is increasing at roughly 25% per
yeariii, a terabyte of content today will swell to more than three terabytes within five
years at this growth rate. This creates enormous problems for IT administrators who
must manage the growth and make the content accessible across the organization,
often for long periods of time. Problems in managing such enormous growth of
content include more time devoted to storage management, longer backup windows,
longer restores after a server crash, and a greater proportion of the IT budget
devoted to storage and storage management.
The rapid growth in storing and managing files has also rendered the simple tape
backup an outmoded method for meeting legal discovery and regulatory retention
requirements and gaining access to electronic content stored in a typical
organization’s file system. Moreover, backups are more difficult to manage because
they require greater IT staff involvement and create long periods of server downtime
in the event of a server crash or other technical problem.
The costs of sifting through content stored on backup tapes can average $500 to The rapid growth
$1,000 per gigabyteiv, which could amount to a six- or seven-figure cost for even in storing and
small organizations that could generate several terabytes of such data. Reviewing
information on backup tapes is no easy task. For example, a compressed LTO-3 tape managing files
can hold 750 gigabytes of email, or approximately 56 million printed pages of text. has also rendered
Given these inherent limitations of backup tapes, organizations today require a more
suitable solution for satisfying electronic content retention obligations. the simple tape
backup an
END USER SELF SERVICE
The vast majority of IT staff members would agree that end-user requests for
outmoded
recovering missing or deleted electronic content is among the least pleasant aspects method for
of their work. Other than the difficulty associated with recovering such content, the
time it takes for IT staff to complete those tasks takes away from other tasks that
meeting legal
they could be performing to enhance the organization’s productivity. In some cases, discovery and
the job of IT staff is made even more difficult when content is not stored in a
centralized repository. During difficult economic times, IT departments are even
regulatory
more overworked and have even fewer people to handle these types of requests. retention
A content archiving system that is accessible to end users can help them to recover
requirements and
their own missing content, alleviating IT from this burden and making IT staff more gaining access to
productive. electronic
THE PAINS OF eDISCOVERY FOR IT content stored in
Searching and restoring electronic files from various sources (PCs, servers, and a typical
backup tapes) can be a difficult and cumbersome process. Every time an
organization faces a lawsuit or regulatory request for information, its IT staff must go organization’s
through multiple steps to preserve and extract electronic content. These steps include file system.
initiating a litigation hold, then finding, restoring, cleansing and de-duplicating
electronic content residing within every content source. These steps must be
repeated for every file, backup tape, .PST file, etc. – for each discovery request. This
is especially burdensome since even a relatively small organization can face one or
more e-discovery requests each month.
FILES ARE A GROWING PROPORTION OF MOST
ORGANIZATIONS’ CONTENT
NEARLY ONE-HALF OF CONTENT IS ON FILE SERVERS
An Osterman Research survey of small, mid-sized and large organizations conducted
during October and early November 2012 found that nearly one-half of the typical
organization’s electronic content is stored on file servers (used to store electronic
©2012 Osterman Research, Inc. 4

6. File Archiving: The Next Big
Thing or Just Big?
files, such as documents, videos, images, databases, etc.), while another 35% of
content is stored in email systems, as shown in the following figure.
Distribution of Electronic Content in the Typical Organization
While the
majority of files
in most
companies are
stored on IT-
managed file
FILES ARE STORED IN A VARIETY OF LOCATIONS servers, many
While the majority of files in most companies are stored on IT-managed file servers,
many files are created and stored “in the wild” – i.e., on devices and in applications files are created
that are not always under the direct control of IT. These file-generating sources and stored “in
include company-supplied mobile devices like smartphones and tablets, personally
owned smartphones and tablets, social media sites and the like. Moreover, a the wild” – i.e.,
significant percentage of many organizations’ files reside in repositories that are on devices and in
deployed and managed by individual users, such as Dropbox, Box.net, Skydrive,
Google Drive, Google Docs and other cloud-based repositories. For example, an applications that
Osterman Research study of the BYOD phenomenon found that a large proportion of are not always
users employ personally owned mobile devices for work-related purposes, and that
many employees use cloud-based repositories without IT’s blessing, as shown in the under the direct
following table and figure. control of IT.
Penetration of Cloud-Based Applications by Organization Size
As a % of Organizations
Up to 99 100-999 1,000+
Tools Status of Use Employees Employees Employees
Dropbox Used w/IT’s blessing 40% 21% 14%
Used w/o IT’s blessing 32% 49% 44%
Not used 28% 30% 42%
Google Used w/IT’s blessing 24% 12% 10%
Docs Used w/o IT’s blessing 19% 39% 42%
Not used 57% 48% 48%
YouSendIt Used w/IT’s blessing 18% 8% 4%
Used w/o IT’s blessing 14% 17% 22%
Not used 67% 75% 73%
©2012 Osterman Research, Inc. 5

7. File Archiving: The Next Big
Thing or Just Big?
Use of Personally Owned Mobile Devices for Work-Related Purposes
by Organization Size (As a % of Organizations)
62% of
organizations
permit their users
to store content –
primarily files –
MOST FILES ARE ONLY PARTIALLY MANAGED
locally, such as
Another serious problem facing virtually every organization is that many files are only on their desktop
partially managed. For example, an Osterman Research survey conducted in
November 2012 found that 62% of organizations permit their users to store content –
or laptop
primarily files – locally, such as on their desktop or laptop computer hard disk. computer hard
However, only 33% of these local content sources are backed up to a central location disk. However,
where they are accessible to the entire organization on a long-term basis. Other
problems in managing files include: only 33% of these
• In most organizations, there is no practical means to classify files or the content
local content
within them, meaning that there are few clues available about the relevance or sources are
importance of content without searching through each document. backed up to a
• Most organizations have not implemented a cost-effective means to sift central location
important files from “junk” content. where they are
• Most organizations have no or little insight into the number of duplicate items in accessible to the
their file repositories. entire
• Once important files are identified, there is typically no efficient means of organization.
tracking and controlling files moving forward.
• While file servers are normally backed up for purposes of restoring their content
in the event of an application or hardware failure, only about one-third of
organizations actually archives their file content.
In short, most organizations do not manage files properly in three critical respects:
• Files are not archived so that their content is discoverable for legal, regulatory or
other purposes.
• Files are not classified so that decision makers can determine their relevance.
• Files are not de-duplicated so that storage management can be optimized.
©2012 Osterman Research, Inc. 6

8. File Archiving: The Next Big
Thing or Just Big?
THE RISKS OF NOT MANAGING FILES
PROPERLY
TANGIBLE CONSEQUENCES
eDiscovery requests pose a significant challenge to an organization because the FRCP
requires the production of all relevant electronic records, regardless of how
backdated this content might be. The completeness and availability of requested
records and the time required to extract them depends to a large extent on the
organization’s archival capabilities and how they manage storage.
Required electronic content can be located in many different places within an
organization, including file servers, desktop machines, laptops and, increasingly, on
smartphones and tablets. The longer it takes an organization’s IT staff to extract the
required content, the longer it takes its legal counsel to access and review the
content. With less time to get full command of the facts in a particular case, an
organization runs the risk of the court imposing sanctions on the organization for
missed deadlines or production of only a portion of the information requested.
Any files produced may also have limited evidentiary weight if legal counsel cannot
establish its authenticity. In fact, the litigation costs associated with eDiscovery can
be so great that as many as one in five businesses have settled a case simply to Among the more
avoid searching through and retrieving email.
tangible and
WITHHOLDING EVIDENCE quantifiable
Among the more tangible and quantifiable consequences of not managing files
properly is inadvertently withholding evidence because of the inability to find all
consequences of
relevant files and other information necessary to satisfy an eDiscovery order or a not managing
request during a regulatory audit. This can lead to a number of consequences,
including fines, sanctions, reversal of jury verdicts, higher legal costs and other
files properly is
serious problems. inadvertently
Four important cases to consider in the context of consequences that can occur if all
withholding
relevant electronic content is not available: evidence because
• In the aforementioned case of Pension Committee of University of Montreal
of the inability to
Pension Plan v. Banc of America Securities, LLCv, the Court issued sanctions find all relevant
against the parties that were not able to preserve their electronic content in a files and other
manner that met the court’s requirements.
information.
• In another important case underscoring the importance of managing electronic
content properly, Green v. Blitz U.S.A.vi, the Court sanctioned the defendant for a
variety of failures, including their representative who did not place a legal hold
on relevant data, did not coordinate his work with the defendant’s IT
department, and did not perform keyword searches. These actions resulted in
relevant documents not being produced. After key documents were not
discovered in this case, but were discovered in another case one year later, the
judge a) issued a $250,000 civil contempt sanction against Blitz, b) ordered the
company to inform plaintiffs from the past two years about the sanction, and c)
to include a copy of the sanction memorandum in every case in which it will be
involved during the next five years.
• In the case of Scentsy v. Chase et alvii, Scentsy followed a policy to delete emails
after 60 days, but permitted files on desktops, laptops and shared storage
systems to be retained until employees deleted them. Moreover, the company
did not have a rigorous litigation hold policy in place, merely requesting that
employees not delete potentially relevant content.
• In the case of Orrell v. Motorcarparts of America, Inc.viii, the court ordered the
forensic examination of a plaintiff’s home computer because it contained
information that allegedly had been wiped from the plaintiff’s company-supplied
©2012 Osterman Research, Inc. 7

9. File Archiving: The Next Big
Thing or Just Big?
laptop computer. As shown in the figure above, while only 2% of corporate
content is stored on employees’ home computers, storing files outside of IT’s
control can lead to serious consequences.
LESS TANGIBLE CONSEQUENCES
In addition to sanctions, fines and other tangible consequences arising from the
inability to produce files and other electronic content are a number of less tangible
and more difficult to quantify problems. These include loss of corporate reputation
when word of sanctions or fines hits the press or the investor community, damage to
an organization’s brand, loss of future revenue opportunities, and a general loss of
goodwill among customers, business partners and others.
A SENSIBLE APPROACH TO FILE ARCHIVING
Osterman Research recommends a four-step approach to implementing an
appropriate file-archiving capability. As we recommend for email archiving, the initial
steps need to focus on the non-technical aspects of solving the problem:
understanding the legal and regulatory landscape, getting advice from legal counsel,
and establishing appropriate retention policies. After these steps have been
completed, we recommend implementing a robust file-archiving capability as Osterman
discussed below.
Research
1. UNDERSTAND FILE RETENTION OBLIGATIONS recommends a
All of the key stakeholders in an organization – IT decision makers, recommending four-step
influencers, legal counsel, and others – need to stay current on legal decisions
focused on the organization’s electronic data retention obligations, including the types approach to
of electronic records that should be retained, how long such records should be implementing an
retained and so forth. While many organizations focus on email archiving, the focus
really needs to be on content archiving – email, files, audio files, video files and any appropriate file-
other relevant content that might need to be produced. archiving
Organizations that face a large number of statutory obligations or that are closely
capability. As we
monitored by regulators, such as broker-dealers, need to understand their regulatory recommend for
retention obligations thoroughly. Financial services organizations operating in the
United States, for example, must fully comply with SEC and FINRA requirements for
email archiving,
electronic data retention, supervision of content and other requirements. Energy- the initial steps
related companies must comply with Federal Energy Regulatory Commission (FERC)
requirements. Healthcare organizations must comply with HIPAA, Medicare and other
need to focus on
requirements. the non-technical
Those with well-coordinated electronic content retention policies will be better
aspects of solving
positioned to weather the storms of litigation with minimal legal risk and harm. An the problem.
organization without a coherent and thorough retention policy could find itself paying
significant penalties during the eDiscovery process if it produces electronic content
later found to have been altered, or if it destroys information it should have retained.
2. MITIGATE RISK THROUGH SOUND LEGAL ADVICE
The next phase in the process of developing an organization’s electronic content
retention policies is for a cross-functional team that includes IT, legal, records
management, and compliance staff to establish electronic data retention policies and
functions like indexing, searching, litigation holds and data immutability. IT staff, in
particular, need to establish a dialogue with legal counsel and business functional
user representatives to determine the latter’s needs.
3. IMPLEMENT RETENTION POLICIES
Every organization, regardless of their size or industry, should have as their goal the
establishment of robust and thorough electronic content retention policies. One
relatively easy way for decision-makers to do this is to establish content retention and
deletion periods for major categories of content that will need to be retained and
©2012 Osterman Research, Inc. 8

10. File Archiving: The Next Big
Thing or Just Big?
managed over several years. Different types of files will be subject to different data
retention periods. For example, when records need only be retained for very short
time periods, the need to implement and strictly enforce policies to delete those
records can be as important as implementing policies to retain them. Therefore,
retention periods should be sufficiently granular to accommodate all possible
retention requirements.
An organization should set minimum and maximum retention periods for files and
other content to avoid over-retention, since preserving data too long can also be
risky. To determine these periods, cross-functional teams can define specific
maximum retention periods for each category, or establish a general policy permitting
the deletion of retained data when the minimum retention period expires.
After archival retention periods have been established, an organization should clearly
communicate them to all users of electronic data and retention periods should be
executed automatically. No matter how well informed users are about retention
periods, organizations still run the risk of user error in compliance with retention
period guidelines and policies. Fortunately, file archiving solutions today are capable
of automatically managing content retention periods, with little to no user
involvement.
A well-designed
As a final step, IT and legal counsel should periodically revisit retention and deletion
policies so they reflect changing regulatory requirements, organizational rules, and
classification
user needs for archival information. system that
4. DEPLOY A ROBUST FILE-ARCHIVING CAPABILITY
enables users to
Osterman Research recommends that any file-archiving solution should have several tag content based
key capabilities, or at the very least, organizations should be on-track to implement on its sensitivity,
these capabilities as their needs warrant:
confidentiality or
• Classification other parameters
All files, emails and other content have varying degrees of sensitivity. Some
content is highly sensitive and should never be sent outside of an organization or – or that
stored on internal systems without being encrypted or access-controlled, while automatically
other information contains no sensitive or confidential information of any sort.
All files have a level of sensitivity that should be managed in accordance with does so based on
corporate policies. corporate policies
A well-designed classification system that enables users to tag content based on – can provide any
its sensitivity, confidentiality or other parameters – or that automatically does so organization with
based on corporate policies – can provide any organization with a number of
useful benefits in addition to just improving archival capabilities: a number of
useful benefits.
o Accidental leaks of sensitive data can be reduced dramatically.
o Users become more aware of corporate policies and their obligations to
protect data for purposes of legal or regulatory compliance.
o Systems designed to prevent loss of data can operate more efficiently and
effectively simply because they have more information to use in classifying
files.
However, because of the large volume of content that most organizations
manage, it is important to use a tagging system that can auto-categorize content
in conjunction with users/record handlers tagging content manually.
• Tracking
It is also essential to be able to track files across their entire lifecycle in terms of
who has access to them, where they are sent, where they are stored, how they
are modified and the like. Tracking content is important on a number of levels,
©2012 Osterman Research, Inc. 9

11. File Archiving: The Next Big
Thing or Just Big?
not least of which is the ability to demonstrate how files were changed when
presented for purposes of eDiscovery or regulatory compliance.
• Control
The ability to control file content is also an essential element of any file archiving
solution. Both workflow processes and technologies should enable files to be
held in place for purposes of legal holds, and/or should enable these files to be
moved to a centralized archive for further processing or review.
• Disposition
Finally, a proper file archiving strategy should include the ability to dispose of
superfluous content in order to preserve only what is needed for long term
retention. Miscellaneous files, such as temporary drafts, memos that do not
contain business records, business records that have reached their retention
period and the like should be disposed of in a pre-determined manner. Although
the immediate benefit of having the ability to dispose of unneeded content is
reduced storage, eliminating older content can also mitigate risk by deleting
content that may prove harmful to the organization, and it reduces costs by
eliminating content that needs to be searched during future eDiscovery activities
or regulatory audits.
• Minimize user involvement
File creators and users are constantly under pressure to respond to the business
demands placed on them. Regardless of how well educated users are about
content retention policies, they are prone to error when manually deciding to
keep or delete every file with which they interact. That is why an organization
should invest in a file archiving solution that automatically manages its content
retention policies. The primary benefit of such a capability is that it requires little
or no user involvement, thereby increasing end-user productivity and minimizing
the opportunity for mistakes and violations of corporate policy.
• Tamper-proofing files
A file archiving solution must secure stored electronic data with safeguards, such
as Write-Once Read Many (WORM) storage and, where required by law or
dictated by best practice, encrypting content. It must also be tamper-proof and
capable of protecting electronic records from loss, damage or misuse. As noted
above, if content from the archive is accessed, the system will ideally provide an
audit trail that tracks who accessed the content and when it was accessed.
SPONSOR OF THIS WHITE PAPER
EMC is the market leader in backup, recovery, and archive transformation helping our
customers address their most pressing challenges -- relentless data growth,
constrained budgets, compliance, and discovery. We do this through backup and
archiving solutions that help organizations insure recoverability and accessibility of !
data, improve resource efficiency, and increase the agility of their backup and archive
infrastructure. Unlike any of other vendor, EMC offers application solutions to www.emc.com
address the unique requirements of backup and archiving while enabling our
twitter.com/EMCcorp
customers to leverage a consolidated IT infrastructure for their backup and archive
workloads. +1 866 438 3622
!
EMC SourceOne is a highly scalable archiving software platform enabling
organizations to manage the lifecycle of corporate information, inclusive of all content
types, according to consistent policies based on the content’s business value. EMC
SourceOne solutions are designed to scale to meet large enterprise needs, yet offer a
simple footprint for mid-sized customers.
Our holistic but modular approach also provides organizations of all sizes a 'start
anywhere - go anywhere' solution to address their most pressing archiving and
discovery challenges – delivering immediate business benefit – and then expanding
©2012 Osterman Research, Inc. 10

12. File Archiving: The Next Big
Thing or Just Big?
over time. EMC makes archiving and discovery actionable by enabling proactive,
consistent and repeatable management of retention and disposition policies, and as
appropriate, long-term preservation based on the value of the content.
Additional information about EMC can be found at www.EMC.comarchiving
© 2012 Osterman Research, Inc. All rights reserved.
No part of this document may be reproduced in any form by any means, nor may it be
distributed without the permission of Osterman Research, Inc., nor may it be resold or
distributed by any entity other than Osterman Research, Inc., without prior written authorization
of Osterman Research, Inc.
Osterman Research, Inc. does not provide legal advice. Nothing in this document constitutes
legal advice, nor shall this document or any software product or other offering referenced herein
serve as a substitute for the reader’s compliance with any laws (including but not limited to any
act, statue, regulation, rule, directive, administrative order, executive order, etc. (collectively,
“Laws”)) referenced in this document. If necessary, the reader should consult with competent
legal counsel regarding any Laws referenced herein. Osterman Research, Inc. makes no
representation or warranty regarding the completeness or accuracy of the information contained
in this document.
THIS DOCUMENT IS PROVIDED “AS IS” WITHOUT WARRANTY OF ANY KIND. ALL EXPRESS OR
IMPLIED REPRESENTATIONS, CONDITIONS AND WARRANTIES, INCLUDING ANY IMPLIED
WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, ARE
DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE DETERMINED TO BE
ILLEGAL.
CITATIONS
i
http://www.fulbright.com/litigationtrends
ii
Source: Disciplinary and Other FINRA Actions, Reported for July 2012
iii
Source: Osterman Research surveys
iv
http://www.informationweek.com/software/information-management/e-discovery-how-
to-avoid-death-by-backup/224400402
v
2010 WL 184312 (S.D.N.Y. Jan. 15, 2010)
vi
http://civilprocedure.dbllaw.com/2011/08/past-eDiscovery-errors-result-in-sanctions/
vii
2012 WL 4523112 (10/12/12 D. Idaho)
viii
2007 WL 4287750 (W.D.N.C. Dec. 5, 2007)
©2012 Osterman Research, Inc. 11