Email management - don't leave it to your staff

And you thought being stingy with the size of those inboxes was a good idea?

Organisations these days have to be able to archive and retrieve email - which is a problem for those who simply won't or can't do it, says new research.

The importance of email management is now well known by IT vendors - witness the acquisition of UK email archiving specialist KVS by Veritas yesterday for $225m - but for user organisations there are obvious drivers: the need to fight legal battles based on old employee correspondence or prove to regulators that dealings have been above board. Often these are related.

"Compliance is the great driver," said Mike Davis, senior research analyst at Butler Group and author of a new report on email management. "With paper, we know what to do - we manage it. Email is the corporate memory but we don't [manage] it well."

Unlike some other applications, email has typically grown up within organisations in a piecemeal fashion. Extra hard drives have been added, different systems have sat side by side and old technology is often at the heart of this most important form of communication.

Butler Group's Davis points out many organisations are still running email off old Windows NT4 boxes, commonly supporting many more end users than was first intended.

A common tactic, even at well-known companies, is employees being made to delete old emails, even though they may well be needed in the long term and extra storage would be cheap to bolt on.

These things - NT4 use and poor IT policies - will have to change but it isn't always easy (in many senses) for a company to rip out old email systems and replace them with a shiny new one. Instead, a strategic approach to information lifecycle management, or ILM - a current buzzword for vendors such as EMC, StorageTek or Veritas - is required, the experts say, one that doesn't rely on employees managing their email.

"Companies are affected by issues such as Sarbanes-Oxley or the Data Protection Act in the UK," added Davis. "But regulators aren't going to come down as hard on those trying to meet [regulatory] requirements."