en-us
There are four pillars supporting collaboration: Messaging, Real Time Collaboration, Team Collaboration, and Social Networking. Collaboration can be compared to a house. A house has many uses, similar to the many reasons you might collaborate. You may also pick and choose which rooms and which activities you will perform in each room. Each pillar supports the house but can be used individually.

Each Pillar addresses a different aspect of collaboration.
* Messaging: Enables teams and individuals to communicate and manage their interactions in a formal, auditable manner. This includes email, calendaring, scheduling, and contact management.
* Real Time Collaboration: More focused on ad-hoc communications providing the team with the capability to easily initiate a real-time conversation between one or more individuals. This includes instant messaging, Web conferencing, and unified communications capabilities
* Team Collaboration: provides the content management services that collect, store, and manage the documents that are pertinent to the team’s activity. This can include document management, ad-hoc workflow, and basic project management.
* Social Networking: Represents the newest pillar in the collaboration house. This pillar provides a way for teams and individuals to share knowledge not only within the team, but to be able to reach out to an extended group for their input and feedback. Technologies in the pillar can include blogs, wikis, RSS, and tagging.

It often takes capabilities from multiple pillars to address all of your collaboration needs. Taken together, the tools can generate a greater ROI than the individual parts.

Of course, any successful project, collaboration included, begins with good business requirements.

The power of the various collaboration tools comes from their fit to your particular needs. In other words, the end goal defines the tools that you may use. For example, imagine a group of people that need to organize a meeting. Many activities need to happen to do this. One person will find and reserve a meeting space. Another will create an agenda, while another will send invitations, and so on. During this entire process, you may use phone, email, instant messaging, a team space, and even social networking tools to find the right speaker. You create value when you use a combination of these tools. A collaboration vendor also provides value by providing tools that interact well together.

Based on an original Web-exclusive article for Infonomics, 4 Pillars of Successful Collaboration, by Michael Porter (Principal, Portal and Collaboration), Michael.Porter@Perficient.com, and Alan Weintraub (Principal, ECM Solutions) alan.weintraub@perficient.com, both of Perficient. Read the original article at http://www.aiim.org/infonomics/4-pillars-successful-collaboration.aspx.'
]]>Wed, 23 Feb 2011 15:29:19 GMT

• http://dlm-network.org/moreq2
• http://ec.europa.eu/transparency/archival_policy
  

As a noun, “e-mail” is usually used to refer to a document that contains the complete data of a single e-mail transmission. However, although RFC 2822 defines the syntax for e-mail transmissions, there are no standards that define the data format that should be used when e-mail transmissions are captured as documents.

In other words, even though e-mail applications from different suppliers can freely transmit messages (because they observe the e-mail protocols defined in RFC 2821/ RFC 2822) it is not possible to capture an e-mail from one application as a document and be sure that another e-mail application will be able to read it back. Each e-mail supplier uses its own proprietary format(s) for capturing e-mail. For this reason, accurate automated extraction of metadata from messages cannot be guaranteed.

Use and issues
e-Mail is used for sending documents (in the form of messages and as attachments) within and between organisations. The characteristics of e-mail management software (in particular the lack of standardisation for formats explained above), combined with user attitudes towards e-mail, can make it difficult to apply records management functionality to e-mail. Organisations need to be able to enforce procedures and management controls to:

• capture all inbound and outbound e-mails and attachments;
  and/or to:
• capture e-mails and attachments according to pre-defined rules;
  and/or to:
• provide users with the capability of capturing selected e-mails and attachments
  

In some countries the legal ownership of e-mail is unclear, and in some situations automatic capture of e-mails into an ERMS may be inappropriate. Where this is the case, the latter two options should be considered during configuration.
Furthermore, e-mail has become the default means of communication for many organisations and an important one for others. In some organisations, much e-mail traffic is ephemeral. Each organisation needs to decide which of the above alternatives represents the most appropriate compromise for its situation:

• The first option results in the capture of any ephemeral e-mails as well as those that are meaningful records;
• The second option relies on successfully configuring appropriate rules and filters;
• The third option requires the users to assess the relevance and importance of items and there is a risk that they will not all do so reliably.
  

MoReq2 allows for ERMS support for all three approaches. The procedures and management controls are beyond the scope of MoReq2.

Ref 6.1.1
Requirement - Whenever an e-mail is captured, the ERMS must by default capture it in a format that retains its header information.
Test - Y

Ref 6.3.2
Requirement - The ERMS must support the capture of e-mails in an integrated way, such that the capture can be performed by a user from within the e-mail application, without the user needing to switch to the ERMS.
Test - Y

Close integration is essential for effective use of an ERMS. For example the user should be able to “drag and drop” from the e-mail client into the ERMS, choose a “capture” command from within the e-mail client or the e-mail client should indicate which e-mails have been captured into the ERMS. The essence of this requirement is that the user must not have to switch to the ERMS application to capture e-mails.

MoReq2 also permits, but does not require, the capture of e-mails in other, less closely integrated, ways.

Ref 6.3.3
Requirement - It must be possible to configure the ERMS at configuration time so that it operates in one of the following ways when a user sends an e-mail:

• it automatically captures the e-mail;
• it determines whether to capture the e-mail according to pre-defined rules;
• iit automatically prompts the user, giving the user an option to capture the e-mail;
• it takes no action (and thus relies on the user to initiate a capture if appropriate).
  Test - Y
  

Regardless of which way is chosen, it is acceptable for the ERMS to require the user to classify records manually and enter some metadata manually.

Ref 6.3.4
Requirement - It must be possible to configure the ERMS at configuration time so that it operates in one of the following ways when an ERMS user receives an e-mail:

• it automatically captures the message, unless it has already been captured;
• it determines whether to capture the e-mail according to pre-defined rules;
• if the e-mail has not already been captured it automatically prompts the user, giving the user an option to capture it;
• it takes no action (and thus relies on the user to initiate a capture if appropriate).
  Test - Y
  

Regardless of which way is chosen, it is acceptable for the ERMS to require the user to classify the record manually and enter metadata manually.

Ref 6.3.5
Requirement - The ERMS must support automated assistance in the capture of outgoing and incoming e-mails, with and without attachments, as records, by automatically extracting the following metadata from them:

• e-mail date sent (and in some settings, time);
• recipient(s);
• any copy recipient(s);
• subject line (title);
• sender;
• embedded electronic signature;
• certification service provider;
  to the extent that these are present.
  Test - P
  

This requirement specifies the capture of “sender” for e-mail messages. This is not always the same as the author, for example when a secretary sends a message on behalf of an executive. The capture of “sender” is specified here as a conscious compromise, it being impossible to reliably capture the author automatically. Organisations should consider the need for manual procedures to ensure the correctness of the author metadata.

Appendix 9 provides guidance on the interpretation of e-mail metadata.

Ref 6.3.6
Requirement - Users should be able to capture an e-mail record to a sub-file, file or class by dragging it from an e-mail client (technically, a Mail User Agent) to a specified sub-file, file or class in the ERMS.
Test - Y

The sub-file, file or class can be represented in the e-mail client window or in a separate window.

Ref 6.3.7
Requirement - The ERMS must allow a user to choose how to capture an e-mail message with attachment(s) as:

• the e-mail message only, without attachment(s);
• the e-mail with its attachment(s), as one record made of linked components;
• the attachment(s) only, each or any as individual records.
  Test - Y
  

This applies to sent and received messages.

The last of these three options results in attachment(s) being captured without the context of the e-mail with which they were transmitted.

Ref 6.3.8
Requirement - Where an e-mail and its attachment(s) are captured at the same time but as separate records, the resultant records should be linked automatically by the ERMS.
Test - Y

The ERMS should allow a user to navigate the cross-reference link between the records so as to discover each of the attachment records from the e-mail record and the e-mail record from any of the attachment records.

Ref 6.3.9
Requirement - Whenever an attachment is captured as a separate record, the ERMS must require appropriate record metadata values to be captured and/or entered for it.
Y

Ref 6.3.10
Requirement - When capturing an e-mail message, the ERMS must by default populate the Title metadata with the “subject” field of the message.
Test - Y

Appendix 9 provides guidance on the interpretation of e-mail metadata.

Ref 6.3.11
Requirement - The ERMS must allow a user who is capturing an e-mail message to edit the record title.
Test - Y

This is intended to allow users to correct inappropriate or to clarify imprecise e-mail titles, or to make the titles more meaningful.

The e-mail title is separate from the subject line (title) of the e-mail; the latter will remain as part of the message regardless of the content of the e-mail title.

Ref 6.3.12
Requirement - If a user captures an e-mail delivery status notification report (where these are supported) for an e-mail which has been captured as a record, the ERMS should be able to link the two automatically.
Test - Y

Examples of delivery status notifications are non-delivery reports and delivery confirmations. The link should allow a user to navigate between the records so as to discover each of the notifications from the e-mail record and the e-mail record from any of the notifications.

Ref 6.3.13
Requirement - The ERMS must enable the automatic capturing of metadata belonging to e-mails and their attachments as outlined in the MoReq2 metadata model.
Test - Y

Ref 6.3.14
Requirement - The ERMS must allow “date sent” and “date received” metadata to be entered manually.
Test - Y

This is to allow for situations in which the dates held in the e-mail message are not appropriate for the business setting (see introduction to this section for explanation of how this may occur). A configuration option to disable this facility will be acceptable.

Ref 6.3.15
Requirement - A user must be able to capture into the ERMS, in a single operation, several manually-selected e-mails as:

• one record;
  or as
• a set of records, one per e-mail;
  at the user’s option.
  Test - Y
  

Ref 6.3.16
Requirement - The ERMS should be able to identify automatically and capture all the e-mails related to an e-mail specified by a user, in a single operation, capturing them as:

• one record;
  or as
• a set of records, one per e-mail;
  at the user’s option.
  Test - Y
  

RFC 2822 Section 3.6.4. “Identification fields” describes how the optional SMTP header fields “References:” and “In-Reply-To:” can be used in conjunction with the “Message-ID:” field to identify related e-mail messages, sometimes referred to as the ‘thread of the discussion.’

Ref 6.3.17
Requirement - The ERMS must allow a user who is capturing an e-mail message in a proprietary format to save it in multiple, including open, formats
Test - Y

It may be useful for an ERMS to enforce e-mail saving criteria based on the retention and disposition schedule. The e-mail contents of files with a short retention period could be stored in a proprietary format, but those with longer schedules could be saved into an open format.

Ref 6.3.18
Requirement - Whenever address fields captured from an e-mail header appear in the metadata of an e-mail record, the ERMS must ensure that it captures the optional “display name” (if present) of any mailbox listed as well as the “address-spec” address; for example, ‘Jan Schmidt’ rather than ‘js97@xyz.int’.
Test - Y]]>Tue, 01 Mar 2011 17:38:29 GMT
Very few documents on the edge are true business records. These few business records that do make it out to the edge typically are copies of documents already in repositories—so why care? While the edge has few records, it does have many, many documents that may contain significant amount of discoverable or sensitive information. What is out there, and your inability to find it quickly, can hurt you. These documents are subject to litigation discovery, regulatory discovery (yes, regulators can request you produce non-records), and some can contain private or other sensitive information.

1. Map your devices (don’t be in denial)
If you believe your employees have only a few access paths to the edge, you’re most likely wrong. Employees have a variety of tricks for accessing the edge, including “unapproved” cell phones with email (especially iPhones), utilizing proxy servers, creating separate archive-only Gmail accounts, etc. There are many devices that you don’t control that can connect to your system if you open access for some devices.

Map those devices and all the creative ways employees can access the edge. Be honest—while you may have a corporate policy restricting employees to one type of cell phone, how many carry a second “personal” phone, which still accesses the corporate email server? How common are USB drives?

2. Capture is half the battle
Half of the battle for managing the edge is finding documents already there. Litigators are often fearful of missing something during discovery, and know that many of these reside on the edge. Therefore it is not atypical during document discovery for companies to impound and search cell phones, laptops, and even home PCs. Regardless of whether what you find is helpful or hurtful, often the cost of discovery on the edge is in itself the most burdensome. Many organizations are capturing and copying emails, text messages, instant messages, and other information as it moves out of control, often synchronizing these with existing document repositories. These repositories then represent the copy of record, and any discovery can be performed against them. There is no need to chase down someone’s laptop, because a copy already exists in your repository. Unfortunately, often the ability to capture documents requires purchasing someone’s software. However, many newer messaging systems, such as those for in-house instant messaging (IM), for example, have logging capability built in.

3. If you can’t stop it monitor it
Once a message or document is created, it is often difficult to stop or control it. Often the best way to stop hurtful information passing over the edge is to make employees wary of ever sending it in the first place. We have found that if employees know their communications are being monitored, they are much more likely to send more appropriate, less hurtful information. Increasingly many organizations are logging information at the edge, and retaining this for some indefinite period of time (usually a few months). This information is available for review by their manager or HR. Even if these documents are rarely reviewed, the threat that they might be often is enough to curb bad practices. This review need not be limited to just email messages, but also other media including IM, text messages, wikis, etc.

4. Instant messaging: your biggest risk?
Measured on a per-message basis, instant messages (IM) represent more risk than almost any other medium. Employees send IMs quickly, often without considering either what they’re saying or whether it’s appropriate. They view these messages as ephemeral and disposable. IM is neither. Regulators and courts take a very different view, allowing the opposing side to discover this information wherever it may reside.

Companies are taking two distinct paths for IM. One group says shut it down. They are prohibiting employees from using IM, and blocking access to IM providers through their firewalls. They believe in heading off trouble at the pass. If you believe that your blocking efforts will be successful, this may be a viable option.

Another group is taking a different tact, fearful that blocking IMs will only lead to employees sending work-related messages from their personal accounts using cell phones. In the words of one litigator, “The biggest thing I fear about instant messages is when I don’t know what might be out there.” The approach of this second group is to bring IM in-house and force employees only to use these internal systems. With the right systems, some purposely auto-delete messages quickly, preventing the employee from accumulating or archiving them. Others save all messages from IM, treating them like email and reviewing them for inappropriate language or content. Either of these approaches will work if executed consistently.

5. Eliminate (mobile) personal archives, but provide a centralized alternative
Documents outside a centralized archive— such as PST files or files copied to USB drives are by definition out of your control and on the edge. To re-assert control, many organizations are eliminating these “personal” archives. For example, many companies are prohibiting offline email PST files. Some are taking it a step further through the use of Data Loss Protection (DLP) software, preventing the use of USB drives and other devices, but providing SharePoint sites instead. You want to make it hard enough for employees to save information the wrong way, so that they will use the right archives.

6. Train, train, train
It’s easy to become cynical about employees and their over-the-edge tactics. To be fair, often they don’t understand the risks and are just trying to do their jobs. The key to any edge-control strategy is training. Employees have an interest in avoiding risk, both for the organization and themselves. When they understand the real risks of documents on the edge, they tend to be much more careful about what and how they send it. Good training should include a discussion on proper email usage, the discoverability of documents, as well as clearly separating business from personal communication. It almost must discuss acceptable alternatives for sharing and transmitting information.

Adapted from On Edge, an article by Mark Diamond, president and CEO for Contoural, a consulting firm for storage issues, that originally appeared in the May/June 2009 issue of Infonomics. http://www.aiim.org/infonomics/on-edge.aspx
]]>Mon, 12 Apr 2010 16:45:50 GMT
1. Expand the Role of Records Management to Include Documents
Update the old limits that defined business records. Often the first discussion around preserving email revolves around whether a particular email constitutes a business record. Is this distinction important? You may not consider a business document such as an email to be something that needs to be managed, stored, and discovered, but the courts and the regulators do. They also care about instant messages, SMS, database records, and many other types of electronically stored information. Therefore, the role of record management must flexibly grow to include an ever-expanding array of electronic document types.

This change alone will easily triple the number of record types with which records managers have to contend, and certainly does not settle the debate about what constitutes a record (which by the way is recorded information, regardless of form, made or received by an organization and may have fiscal, legal, evidential, or historical value). But there is no longer any reason to exclude them from the discussion. And if records managers do exclude some record types, you can bet someone either in IT or Legal will wind up with responsibility for their management.

This is not to say that all data constitutes a corporate record, however. Modern information systems often have many redundant copies of each piece of data, so a large volume of stored data can be eliminated from the discussion immediately. This includes copies for backup, test and development, disaster recovery, and "caches" for performance. Much electronic information can be considered a transitory record and thus, disposable information. Although computers often store records of works in progress in the form of automatic saves and temporary files, it is not clear at what point these become records. At the end of the day, management of electronic records becomes less an issue of retention, but rather one of control.

2. Sell the Other Stakeholder's on the Wins for Them
Teaching others about the benefits of record management can seem Quixotic, but this approach works! Good records and document management should bring windfalls for everyone and windmills for the Quixotic few among us. Better control and management gives end users more access to their information. More legally defensible records management and e-discovery programs make Legal happy. What IT wants most are clear requirements for managing and expiring data. Ongoing deletion of older, unneeded data drives down costs and makes the business units happy. Rather than trying to communicate the entirety of records management, focus on the benefits it provides to each stakeholder. Consider their pain points and the risks inherent in their daily work and propose individual benefits provided by better management of records. If you find your records project stalled, take a step back. "Sell" them on the benefits, not the process. Inform and engage instead of directing. Often something interesting happens. Projects start rolling forward, and gaining momentum. Companies are more likely to fund initiatives. It gets easier. Finally, stakeholders are selling you on records management.

3. Focus on Real-world Approaches That Can Be Executed
Good records management processes need not be overly complex. In fact, a simple retention schedule or classification policy that is more broadly applicable will normally be more effective than a minutely detailed one that cannot or will not be implemented with the time and technology at hand. Most retention policies are developed in response to regulations or legal considerations. Although the thicket of retention times can be difficult to navigate, most require retention of data for at least a certain amount of time. Rather than trying to classify every record type against every single compliance requirement from the start, recognize the ubiquitous nature of electronic records-define broader retention buckets that enable simpler retention categories. Good record retention schedules and processes for electronic documents and records are simpler and hence easier to execute. This not only satisfies the requirements of each record but is also simple to implement given the technology available for classification and data protection. This one retention target might encompass a higher percentage of a given organization's records, allowing greater focus on the outliers.

For example, records that must be retained for at least twelve months, or eighteen months, and two years could all be lumped together in the "two year" retention schedule. In this example, saving some of the records either six or twelve months longer than "required" may bug some people. It's admittedly an emotional issue. However, a records policy and schedule that is not followed is worse and puts the organization at greater risk than having no policy whatsoever. It may be required to make some compromises in the interest of actually doing what your policy says you will do.

4. Take an Active Role in E-discovery
It is a fact of today's business environment that most companies are going to get sued, and electronic records are increasingly the focus of discovery in these lawsuits. The courts have recognized that electronic data is a form of business record, which requires special handling. As a result of this recognition, the Federal Rules of Civil Procedure have been amended to include electronically stored information (ESI). Since these new FRCP amendments require companies to produce information in a very timely manner, records managers must take an active role in preparing for e-discovery. We believe that preservation, identification, classification, and management of documents relevant to litigation are fundamentally record management tasks. So why not have these done by a record manager?

Companies and public entities in general, and records managers in particular, must take a more active role in preparing for e-discovery, Implement modern data archives for frequently-sought records like email and office files with capabilities for search, legal hold, and continuous recording of information without gaps. Classification is also critical-records must be identified, classified, and retained according to organizational policies to avoid adverse judgments and potential sanctions. Sounds a lot like a records management function.

5. Limit Manual Processes for Electronic Documents
Gone are the days when manual processes could handle the comparatively small number of paper records created on a daily basis. Today, the average employee spends nearly eighty hours per month reading and creating email, and office workers spend much of the rest of their days creating other forms of electronic records such as presentations, documents, and spreadsheets. No manual process could keep up with this volume of records, and even the best is bound to lapse or fail on occasion, as in the example of the systems administrator mentioned above. Therefore, records managers must push for automated processes to the greatest extent possible to classify, retain, and defensibly dispose of information.

The addition of automated retention and data classification systems will lead to increased consideration of both the rules that can be used to classify records and the underlying policies that are used in their creation. Thus, the process of applying automated record retention systems to electronic records will naturally bring the records manager into contact with a wide variety of people and situations, enabling better records management overall.

6. Embrace Technology
Opportunities for advancing records management lie at the forefront of the high technology world, with massive development effort being poured into ever-better systems to digitize, categorize, search, and store electronic data. It remains to be seen exactly which of these technologies will win the day, but records managers must keep their eyes ahead as the picture unfolds. Don't let organizations pigeonhole the records manager as a paper-centric function.

As mentioned above, manual processes are ripe for error and negligence. Technological systems, however imperfect, are far more consistent. The addition of technology to the records management equation presents an opportunity to finally implement the best concepts of the field, including complete categorization and automatic reorganization as needs change. As the field of data storage becomes more focused on content management, ever more fine-grained management of records will become possible.

7. Don't Let Perfect Be the Enemy of Good
Often record retention programs-particularly those for electronic documents-get stuck. To the greatest extent possible, they want to create the perfect policy, the perfect schedule, the perfect process, etc. And they hold off executing record management programs until they achieve the perfect policy. Record retention, litigation holds, and e-discovery are all inherently imperfect processes. Furthermore, the courts and the regulators do not expect perfection. Instead, they expect reasonable efforts. Specifically, they expect:

• Do you have a policy and schedule
• Are you following it?
• Do you have a legal hold process?
• Is it reasonably complete and defensible?
• Do you audit compliance with your program?
  

Organizations that achieve the above, however imperfectly, are much more compliant, have lower risk, and reduce costs than those who are still waiting to launch their initiatives.

Adapted from the article by Mark Diamond and Stephen Foskett, Does Records Management (and Do Records Managers) Matter?, in the March/April 2008 issue of Infonomics. Mark is founder, president, and Stephen is director of the Data Practice for Contoural , a business and technology consulting firm for record and data policy development. Does Records Management Matter?]]>Wed, 07 Sep 2011 18:49:37 GMT