Archiving: It Isn’t Just for Compliance Anymore

Posted on October 10, 2012 by Mark Drobney

The benefits of having an effective and efficient email archiving solution in place cannot be understated.  For many, the primary reason for archiving may be to meet regulatory compliance standards. But, if you think the only reason to have an archiving solution in place is to ensure that all of your emails and attachments are stored in their original form to ensure that you are fully compliant with all government regulations, then you’d be wrong.

Archiving can reduce space therefore increase efficiency of your mail server.

Reasons to Archive EmailDid you know that the average corporate email account receives 18 MB of data every day?  Even with only a handful of employees that would be a lot of data, but what if your business has hundreds of employees?  The possibility that your server will become overloaded, slow down, or even crash is highly probable – especially from a performance standpoint- but that devastating possibility need not ever be realized. Having an archiving solution in place will allow you to reduce the load on your servers, allowing them to continue to run optimally and not be bogged down with loads of unnecessary data; an archiving solution can also allow you to fully restore an entire mail server should it crash if it has been archived properly.

It can improve employee efficiency by reducing search time on valuable business communications.

Have you ever asked an employee to find an email from last quarter only to wait hours for a response? Even diligent employees can have a difficult time searching through their inbox to find one specific email.  Email is a valuable business tool, but without an effective retention policy supported by an efficient archiving solution, employees can waste hours per week combing through irrelevant emails and cluttered inboxes. Email archiving allows employees the freedom to delete emails knowing that they’re still available for easy access, and provides them with a simple search and restore feature. Archiving will allow your employees to think less about which emails to save or delete and more about getting down to business.

It reduces e-discovery costs.

The retention of and access to email records in their original form is required for specific types of businesses by Sarbanes-Oxley and SEC email compliance, among others.  In some cases, the cost of electronic discovery can be so high that just settling the lawsuit is a more cost-effective option.  However, email archiving provides legal protection by guaranteeing that all email is recorded and unalterable.  An intuitive search engine allows for the quick and easy email discovery, saving thousands in legal fees.

Implementing an email archiving solution ensures that your business will increase server efficiency, improve employee efficiency and reduce e-Discovery costs all while helping your business meet regulatory compliance guidelines.

Are you currently archiving your emails? What was your motivation: maintaining compliance, improving server efficiency, something else? Let us know in the comments below!

Posted in Archiving Policies, Compliance, Corporate Policy, Email Archiving, Email Compliance Management | Tagged , , , , | Leave a comment

Avoiding E-discovery Headaches in the Cloud

Posted on October 3, 2012 by Elizabeth Dickinson

Importance of Cloud Security for E-discoveryCompanies need to be careful when selecting cloud storage providers in order to avoid unwanted e-discovery issues in the event of litigation.

Of late, many companies are choosing to leverage Software as a Service (SaaS) and other cloud solutions for their electronic information storage needs because of the myriad cost and performance benefits it provides them. Cloud usage is a sexy idea in IT right now because it allows companies to decrease the storage space they have to use on their servers, and generally provides employees with more ways to access their data. The use of cloud storage, however, creates the additional issue of how the company will respond to e-discovery requests for their electronically stored business data in the event of litigation.

When companies make a SaaS/ cloud provider responsible for storing business critical data, they introduce a third party into their storage equation which can have an inconvenient effect on the time, convenience, and cost of accessing their data to comply with requests. It is therefore important that when companies are evaluating ESI providers for their data to consider not only the upfront costs of their solution, but also the potential impact it could have on e-discovery. Companies looking to deploy a cloud storage solution for their data need to evaluate what their access is to their remote storage, as well as the provider’s policy for addressing requests for their data.

Many traditional cloud providers have yet to develop significant search and retrieval methods for their solutions, and according to CIO Magazine, “cloud computing providers have been reluctant to address the issue as it would require more customization than they say their business models are built to accommodate.” Several of the issues that can arise when a traditional cloud provider is selected included, but are not limited to the following:

  • Insufficient Access to corporate data, or multiple locations of data
  • Lack of indexing which can lengthen and complicate e-discovery processing
  • Decreased speed of retrieval resulting from the need of third party intervention as well as potential for multiple storage sites

By deploying a hybrid solution such as ArcMail’s Cloud Storage Gateway or ArcMail’s Virtual Defender, these potential issues and more can be avoided.

Access

When the Cloud Gateway or Virtual Defender is deployed, companies have total control over the location of their data, as well as the level of access each employee has to it. ArcMail allows companies to choose in which cloud their data will be stored and provides the option of backing their data up internally or in a data center of their choosing. Because ArcMail empowers users with complete control of their corporate data, it eliminates the issue of relying on their cloud provider to access the requisite files, and allows them to always know exactly which files are where.

Indexing

Because ArcMail’s solutions are built on the Defender technology platform, they employ ArcMail’s award winning technology to fully index all files, emails, or other business information that is stored with the Cloud Gateway or Virtual Defender. ArcMail’s solutions are fully scalable and customizable which allows companies to store SharePoint files, emails, instant messages (IM), Gmail, and Salesforce Chatter in the same archive and simultaneously search across all data sources from a single User Interface.  All of the information in the stored files is indexed and searchable across the organization and can be accessed and restored through the advanced search feature which supports intuitive keyword search.

Speed of Retrieval

When it comes to e-discovery, response time is critical. If a proper archiving solution has not been deployed, it can result in thousands of dollars that must be spent to locate the appropriate files, and delays can result in fines- or worse- from the court. ArcMail has industry leading search and retrieval times and is 8 to 10 times faster than their competitors. The ArcMail Cloud Storage Gateway stores the indexed metadata of all archived information on the Defender hardware, which greatly reduces the time it takes to find the files that you need, and again, the indexing of all of your data in one place, can help save time and money in the event of an e-discovery request.

The bottom line when selecting a SaaS or cloud provider is to make sure that you are choosing one that not only allows you to improve your storage costs, but one that will allow you to reduce the costs associated with litigation and e-discovery. Whether you choose ArcMail or one of the other options available, make sure you choose a partner who will help you with all of your ESI requirements, and don’t let compliance take a back seat to convenience.

Posted in Cloud Archiving, Compliance, E-discovery, Email Compliance Management | Tagged , , , | Leave a comment

How Email Archiving Can Help Save Thousands on e-Discovery Costs

Posted on September 21, 2012 by Brian Crouch

Save Money on E-Discovery with an Email Archiving ApplianceBy now, you would think we would be preaching to the choir when it comes to e-discovery information, but that is, unfortunately, not the case! Discovery is the beginning stage of litigation. This is the point where two or more parties involved in a dispute are required, not asked, to produce all documents that are related to the case. Electronic discovery, what is commonly referred to as e-discovery, was added in 2006 to the US Federal Rules of Civil Procedure that required all electronically stored information also be produced as well. Electronic information includes but is not limited to email, word documents, spreadsheets, instant message chats, audio and video. Organizations are beginning to rely heavily on electronic sources for daily business practices, especially email. As a result, an organization can easily become overwhelmed with the amount of electronic information that is taken in every single day. If the situation arises where you have to produce specific information for an e-discovery request, it is often time-consuming and incredibly expensive if you do not have sort of management system in place. Think of how tedious and stressful it would be to search through gigabytes, terabytes or even petabytes of data for an e-discovery request.

Emails = Portion of e-Discovery Requests

Emails are a valuable business tool. Emails contain correspondence, attachments, confidential data, business figures and other business related information. As a result, organizations are relying on emails to become a paperless way of archiving important material. Because of this, investigators will scrutinize every user mailbox. In 2010, Osterman Research, Inc. found that during the previous 3 years, 72% of IT organizations had to search through backup tapes to retrieve emails for legal requests. Of that group, 38% had to retrieve all employee emails as well. Osterman Research also determined that several large companies have been fined millions of dollars because they could not produce the requested emails within a certain timeline.

More Data = More Costs

There are several providers that offer e-discovery services. So if you are in a bind, you can easily contact one of these providers and they will handle the situation… for a price. There are several e-discovery cost models available but the average is about $5,000 to $30,000 per gigabyte for document review. Some organizations will fall in the gigabyte range and others will exceed this. Depending upon the amount of electronic information that your organization has, it is sometimes cheaper to just pay the legal fees and to wipe your hands of it. But it does not have to be this way!

How can you help reduce your e-discovery costs?

To keep all of this information organized and easily accessible, an email archiving program can help simplify your retention policies and can ensure that you do not lose critical information. Verify if your organization falls under any government email regulations or policies to ensure that you stay in compliance. Once you have determined if your organization falls under any specific regulations, you can appropriately set a retention policy for user emails. Legal holds are also encouraged because this guarantees that you do not delete any emails that will be needed for e-discovery purposes. Archiving solutions, such as ones provided by ArcMail Technology, provides legal protection by guaranteeing that all email is recorded and unaltered. If you receive an e-discovery request, an intuitive search engine allows for quick and easy email discovery.

E-discovery can be a stressful process, but with an email archiving solution in place, it can be very simple. What do you think? Can an email archiving solution simplify the e-discovery process or does it make it more complicated in the long run?

Posted in Compliance, E-discovery, Email Compliance Management | Tagged , , , , , | Leave a comment

What is a Retention Hold and Why do You Need It?

Posted on September 12, 2012 by Farokh Lam

Lock In Retention hold for ComplianceAs mentioned in a previous post, retention policies are a critical feature for any archiving solution which allow organizations to specify how long they will retain different classes of messages in their business communications archive.  Depending upon the retention policy and roll-off configuration, emails will be deleted from the appliance after a certain length of time based on what a company requires to maintain compliance. Retention holds are used in conjunction with retention policies when companies need to retain one or more specific messages; these are critical during any type of litigation or e-discovery requests.

Why is imperative that your archiving solution allows retention holds? In event of litigation or other e-discovery requests, it might be necessary that your company circumvent your current retention policy in order to temporarily suspend roll- offs (removal from the archive) of messages which meet a specific criteria. For example, if a disgruntled former employee chooses to file a suit against a company, it would be necessary that the company have access to all of said employee’s emails, and potentially emails relating to said employee, throughout the duration of the litigation, which might be otherwise impossible if the archiving solution employed does not allow for customized retention holds. Furthermore, if a roll-off is quickly approaching, but the company is in the middle of a large project with many associated emails, a company can temporarily put a hold on one or more messages related to that topic so that those messages are not deleted.

Holds allow organizations to specify named sets of messages that are not subject to the organization’s retention policy. Generally, once messages are subject to one or more holds, they cannot be removed from the archive until they are explicitly released from all holds. With ArcMail Defender’s customizable retention holds, these messages may be added or removed from holds all at once or incrementally over time. Holds may also be created, modified and released according to the needs of the organization. ArcMail has made retention holds even more powerful by implementing a great feature that allows holds to be a fully searchable attribute of a message as well. Messages in a hold can be searched just like any message in the appliance.

Has your company ever had need for retention holds? Do you think they are critical to business operations? Tell us your thoughts below.

Posted in Compliance, Email Archiving, Email Compliance Management, Search, Social Media and E-discovery | Tagged , , , | Leave a comment

How To: Check and Read the Status of your ArcMail Appliance

Posted on August 22, 2012 by ArcMail Tech Support

One of the great features that are included for free on your appliance is the Status Screen which allows the user to monitor the status of the appliance 24/7. With any product, you want to be aware of the health of the appliance, performance, allocated space and how it is running. We created a support screen on the defender that will inform the user of the status of the appliance. You get not one, but several graphs that display status summaries of current and historical operations on the appliance. Why is this important? Not only does this give you control over monitoring your own appliance but you also do not have to rely on others to tell you information about your company’s uptime, email usage, and other beneficial information.

First, let’s navigate to the defender.  Click ADMIN->Support->Status

Once there, you will see several graphs displayed:

So what exactly are you looking at? You will always see a status summary at the top of the screen that displays uptime in (days, hours, minutes and seconds). The uptime is the time the ArcMail appliance has been online since the last reboot or power on. The summary also displays how many messages are currently in the appliance archive.

The first graph that you see displayed is the Day Graph. This graph displays the number of messages sent and received during the last 24 hours.

The following System Load Graphs display the resource usage on the hardware components. The System Average Process Queue (Load) displays the process load during the last 24 hours. This graph is essentially measuring how much load is on the processors on the appliance.

The Traffic on etho0 displays the load on the Ethernet adapter during the last 24 hours.

The Mail Indexing Queue displays the quantity of messages in the email header indexing queue. This graph is letting you know if there are any messages building up in the email queue.

Finally, the Disk Usage Report displays the amount of disk space used by each component of the ArcMail appliance. You will see three graphs which are displaying how much free space is in the archive, how much space the log files are taking up, and the usage on your mail spool.

Being able to view the status of the appliance allows you to monitor the performance of the appliance and take note of how much free space is left for archiving.

Posted in Compliance, Email Archiving, Email Compliance Management, Technical Insights | Tagged , , | Leave a comment

How To: Work with Retention Policies and Roll-Offs

Posted on August 20, 2012 by ArcMail Tech Support

On the ArcMail appliance, a user has the option to create custom retention policies. Retention policies allow organizations to specify how long to retain different classes of messages in the archive. The administrator, whom we will refer to as the admin, also has the option to set the roll-off frequency. Roll-offs can be done daily, weekly, monthly, yearly, or never. This allows the admin to configure the maximum age of message files stored on the appliance. Messages older than the specified number of months are deleted from the appliance.

Every message is controlled by one retention policy. The default policy is set for 1000 years. However, the admin may not want to keep messages that long. The admin has the option to customize one or more policies which will apply to one or more messages. For example, the admin may decide to keep emails for vice presidents for five years and managers for three years.

First, we must create the retention policy for employees:

Select RETENTION->  Create a New Retention Policy

Next, we will create the policy rules for the vice presidents and managers:

Select RETENTION->  Create a New Rule for the Specified Policy

Once you have set up your retention policies, you must then create the rule search parameters which will determine who or what applies to vice presidents or managers. By default, the default policy will apply to all messages. To modify a rule policy:

Select the rule you wish to edit. For our example, we will say that Penelope Gorley and Joe Dean are vice presidents and Allan Heister is a manager.

You are officially finished with the retention policies. Finally, the admin must decide how often they want to roll-off messages. For this example, we will say that the admin has decided to roll-off messages every month and that they also want to back up the rolled-off messages to an external storage as well.

Select ADMIN -> Roll-Off Configuration

You have successfully completed a retention policy that will retain all mail from vice presidents Joe and Penelope for five years and all mail from manager Allan for three years. Messages older than the designated time will be rolled-off every month but they will also be backed up to a designated storage device.

If you have any additional questions about configuring your retention policies on your ArcMail Defender archiving appliance, please contact our support team.

Posted in Archiving Policies, Email Archiving, Email Compliance Management, Technical Insights | Tagged , , , , | Leave a comment

Importance of Effective Retention Policies and Roll-Offs

Posted on August 9, 2012 by Brian Crouch

In today’s business world, most companies have to decide when and how to implement an email retention policy. However, before they can implement one, they must first evaluate the purpose of implementing a retention policy. A few important questions to ask before establishing a policy are:

    • Is your company subject to Sarbanes-Oxley, SEC 17a-3/4, NASD 3010, HIPAA, or other regulations?
    • Does your company frequently use email to communicate with customers?
    • Does your company frequently use email to discuss company decisions, ideas, policies, or other private information?
    • Does your company want to be prepared for litigation?

These are just a few reasons why a company might need archive business critical electronic information. And after implementing an archive and retention policy, not only can a company stay in compliance with legal requirements; you also reduce storage costs, improve server performance, improve email management, and drastically improve email search time.

On the ArcMail appliance, a user has the option to create custom retention policies. Retention policies allow organizations to specify how long to retain different classes of messages in the archive. Every message is controlled by one retention policy. There is a default policy that will keep all emails indefinitely. However, the administrator, whom we will refer to as the admin, may find that it is not necessary to retain certain emails that long. The admin has the option to customize one or more policies which will apply to one or more messages. For example, an admin may decide to keep emails from the CEO for seven years, managers for five years, and all other employees for three years.

The admin also has the option to create a custom roll-off frequency. Roll-offs can be done daily, weekly, monthly, yearly, or never. This allows the admin to configure the maximum age of message files stored on the appliance. Messages older than the specified time are deleted from the appliance. Are you concerned that you may need an email after it has been rolled-off? There is no need to worry. The ArcMail appliance allows you to back up rolled-off emails to a storage device of your choice so you should never worry about losing any emails permanently.

With the ArcMail Defender, you can start archiving in less than 30 minutes. Not only will you get more done, you will improve email server performance, keep data secure, significantly reduce email discovery costs, stay in compliance, and protect your businesses from a crash. With comprehensive retention policies and desired roll-off frequencies in place, a company will be well prepared for legal or operation situations that occur. Our next blog will give you detailed information on how to configure the retention policies, if you already own your own ArcMail archiving appliance.

Posted in Archiving Policies, Compliance, Corporate Policy, Email Archiving, Email Compliance Management | Tagged , , , | Leave a comment

How You Can Protect Yourself During the “Social Olympics”

Posted on August 2, 2012 by Edward Dunn

This summer, millions of individuals from around the globe will be cheering on their countries’ teams as they compete for gold in London’s 2012 Olympic Games.  Already dubbed by some the first “social Olympics,” this year’s games are expected to break records in terms of sharing on popular social media sites such as Facebook, Twitter, Google+ and Pinterest.  While the majority of us will be searching the Internet for news about our country’s latest results, legitimate news outlets and marketers will not be the only ones hoping to generate clicks to their sites. This year’s Olympics will also present a major vehicle for data thieves to conduct fraudulent activity.  Their target, as always, is your personal data, but we have a few tips to help you protect your personal information.

Data Thieves Hope to Generate Clicks Too

Angel Grant, senior manager of anti-fraud solutions for security and risk-management company RSA, recently sat down with Mashable and provided two tips for avoiding having your data stolen by cyber criminals during this summer’s games.

1. Avoid clicking links in emails, posts or tweets that appear to be sent from a site directly.

Instead of clicking these links directly, type the URL into your browser in order to reach the desired site. Data thieves attempt to generate links that appear to come from legitimate sources and major media sites- social or otherwise- that hide their malicious intent.

2. Avoid directly responding to email alerts that appear to come from Facebook, Twitter and other social media sites.

Phishing emails have always been one of the most popular and successful means for cyber criminals to steal data.  Whether it is an email from a foreign royal telling you that you’ve inherited millions or an email informing you that you have won a $1,000 dollar gift certificate from a national retailer, if it sounds too good to be true, it usually is.  One method that has already seen success is an email notifying recipients that they have won tickets to this year’s games.  In response, the official site of the games, www.London2012.com, has already created a Ticket Checker where fans can check the URL of the site on which they are consider buying tickets to determine if it is real, as well as a list of known fraudulent ticket sites.

Let the Games Begin!

In our increasingly interconnected world, there will always be nefarious individuals looking to take advantage of the unsuspecting, but that by no way means that we should disconnect and disengage.  All it takes is an informed audience to reduce the chances of data being stolen.  Now that you are more aware of two of the main methods by which thieves will be attempting to gain access to your data, you can share this information with family and friends so that everyone can tweet, post and share all of the excitement of Team U.S.A. bringing home the gold in this year’s Summer Olympics.

Posted in Announcements, CTO Insights, Social Media and E-discovery | Tagged , , , | Leave a comment

An Acronym to Help Create your Data Retention Policies

Posted on July 24, 2012 by Elizabeth Dickinson

Forbes recently published an article from guest author Dan Ruffman of FTI Consulting entitled “Data Deluge: The Problem is You Can’t Keep Everything,” which provided many helpful suggestions for IT departments struggling with data retention and destruction policies for the vast amounts and types of data currently being generated. He provided valuable insights to show how proactive policies can help companies save money and time when it comes to implementing retention policies for industry compliance and e-discovery probes, and a few tips for creating them. I would like to further extrapolate on this by providing you with an acronym that can benefit any IT department regardless of industry and will help your IT department keep all of your policies and procedures organized and in check.

DAMMIT.

Yes, you read that right: DAMMIT. It’s an acronym to help create effective IT procedures that will save time and effort while improving efficiency across all functions. This system was adapted by Josh Friedman, IT Director of Red Ball Oxygen, Inc. who has to oversee IT functionality across 18 stores in 3 states. I want to show you how you can apply this specifically to improve your corporate policy for data retention by first listing Josh’s definition of each step, and then applying it to creating effective retention policies.

Document: Record every procedure required to ensure smooth operation of the organization in a clear and detailed manner.  Use lists, tables, charts, graphs, or any other visualization method required to convey the information.

When you are creating a policy to meet retention needs for regulatory compliance or to protect your company in the event of an e-discovery inquiry, make sure that you document the goals and requirements of your policy. Note which documents and electronic business communications you need to archive or backup, and for how long you need to keep them. Make a list of who will have access and to what degree they will have access.

Automate: Commonly repeated tasks should all be automated in some form or another.  If you find yourself doing anything repeatedly, find a way that you can make it happen with minimal administrator involvement.

Using a third party solution for archiving which can automatically save an unalterable copy of all of your relevant business communication will ensure that nothing gets missed in manual backups. When companies rely on employees to determine which data and communications are important, they risk failing to meet compliance standards, as well as potentially the inability to produce critical supporting data in an e-discovery inquiry.

Maintain:  Schedule maintenance for all hardware and software systems.  Updates, cleanup, and manual health checks are critical to the continued operation of any system.

Even when you have a policy in place, it is important to make sure you keep all of the pieces in tip top shape. This means that in addition to just having the policy, you need to stay abreast of any changes in legislation or industry regulations, and make sure that your policy reacts accordingly.

Monitor:  All systems can be monitored in some fashion or another.  Ensure that these notifications reach the correct eyes, and that they are appropriate and not overwhelming, so as to avoid important notifications getting lost in a sea of email.

Many archiving solutions now offer scheduled reports and health checks built into their product offerings. Make sure that you know that the solution that you have in place is updated and working on a regular basis, and that if updates or upgrades are available, it is important to know that your system is running at the highest level of functionality.

Innovate:  Always seek out new technologies and methodologies to apply to your existing working model.  If you are not improving, you are stagnating.

This could be as simple as moving from a PST system to a full scale enterprise data solution, or merely just deploying an archiving solution for mission critical business communications. ArcMail now offers solutions to fully archive and index emails, instant messages, Gmail, Salesforce.com chatter, and even SharePoint. It could also mean moving your storage from on premise archiving or backup to a cloud based archive or even a data center. This can improve your server speed and efficiency, and in most cases, reduce your overhead costs, while allowing you to maintain compliance.

Train:  The user experience is where the rubber meets the road with technology in business – if the user doesn’t know how to use it, then all it amounts to is a consumer of financial and human resources without benefit to the organization.  Hold regular training courses for the user base, and create user-friendly documentation that users can access easily on their own time, using images and step-by-step instructions for basic use and troubleshooting.

Make sure that no matter what option you chose for your corporate retention/ destruction policies, your employees know where and how to access the information they need. Ensure that the employees who will have to execute requests for your data know their role in the hierarchy, and know what will be expected from them in the event of a records request.

So there you have it- when you are looking for six simple steps to outline your IT procedures, remember “DAMMIT.” It will help you organize, manage, and report on any and all policies within your company.

What do you think of our policy to help you create procedures for your company? Are you currently using any acronyms that you think could help us out? Please let us know in the comments below!

Posted in Archiving Policies, Compliance, Corporate Policy, E-discovery, Email Compliance Management | Tagged , , , , , | Leave a comment

Should You Regulate Employees’ Personal Social Media Usage?

Posted on July 19, 2012 by Farokh Lam

Free image courtesy of FreeDigitalPhotos.netThe pros and cons to consider before deciding where you stand on this debate.

As we’ve discussed in recent blogs, many companies restrict employees from accessing social media sites during work hours or from work devices in order to help keep their teams productive.  But, some organizations are now attempting to regulate how employees use their personal social media accounts outside of work. Why is this happening? Is this in violation of an employee’s rights? Let’s examine both the arguments for and against regulating personal social media below.

An Argument For:  It’s An Extension of Your Current Behavioral Standards

It’s common for companies and educational institutions to instate behavioral conduct policies that help maintain appropriate communication boundaries in the workplace and protect the organization from liability (i.e., no harassing jokes, discriminatory statements or sexual innuendos).  In these cases, extending the same boundaries to the kinds of messages or pictures posted on Facebook, that can be seen by co-workers or students, could be considered a reasonable (and legal) request – depending on what exactly the policy included.

As an example, the Board of Education is currently reviewing a social media policy that would restrict all employees of the Manchester Public School system in Connecticut from engaging in personal social media use that:

  1. interferes with the work of the school district;
  2. harasses coworkers or other members of the school community;
  3. creates a hostile work environment;
  4. breaches confidentiality obligations of school district employees;
  5. disrupts the work of the school district;
  6. harms the goodwill and reputation of the school district in the community; or
  7. violates the law, board policies and/or other school rules and regulations.

The superintendant of the school system defended this policy by stating, “This is not a question of free speech, and it is a question of protecting the integrity of the district. It’s about protecting students.”

The superintendant of the school system defended this policy by stating, “This is not a question of free speech, it is a question of protecting the integrity of the district. It’s about protecting students.”

An Argument Against: It Violates Your Employees’ Rights

While most of the bullets above seem reasonable, restricting what an employee says about your company via their personal social media accounts has proven to be a slippery slope. Bullet #6, in particular, could fall into this category).

In 2010, Hispanics United of Buffalo (HUB) fired employees for social media posts after an argument broke out between them on Facebook that included disparaging public remarks about working conditions at the company.  The company fired them on the basis that the comments constituted “harassment” of an employee mentioned in the post. However,a National Labor Relations Board judge ruled the firing was illegal. Since the posts were about terms and conditions of employment, the ruling stated that HUB was guilty of “interfering with, restraining, and coercing employees in the exercise of rights” guaranteed by the National Labor Relations Act.

Is There a Fair, Legal Balance?

I think there can be, if the restrictions on personal use are fairly limited. For example:

  • restricting access of personal social media accounts during work hours/from work devices.
  • requiring employees to follow the same behavioral guidelines required for face-to-face or email communications with co-workers, students, parents, etc. to social media postings.
  • restricting communications about confidential/proprietary information.
  • restricting employees from claiming or implying that they are speaking on the company’s behalf.

Does Your Company Regulate Personal Social Media Usage Now?

If so, how strict are your policies? If not, do you plan to in the future?  Please share your comments and opinions below.

To find out more about how ArcMail helps you meet all social media and email compliance regulations, please visit the compliance management section of our website.

Posted in Compliance, Corporate Policy, Social Media and E-discovery | Tagged , , | Leave a comment