Email Looms as IT Threat

AIIM survey says email's bigger than ever, and nobody's driving the train

Mary Jander, Contributor

October 11, 2006

5 Min Read
Dark Reading logo in a gray background | Dark Reading

Email is growing by leaps and bounds, both in importance and volume. So it's not good news that nobody's in the wheelhouse.

Yet that's what turned up in a survey of 1,043 email users conducted by a the Association for Information and Image Management, which calls itself the Enterprise Content Management (ECM) association (an example of what happens when you seek to modernize your name but still own a longstanding brand and URL).

Results of the industry group's online survey taken in August and September 2006 reveal that most organizations aren't managing email at all. Aside from storing it for a given time period, most respondents reported relying on end users to decide what to keep and what to throw out. (See AIIM Posts Results.)

Further, what passes for email management could raise a regulator's hackles. Forget automated policies tied to full text searches. (See Stop That Email!.) For respondents in companies of all sizes, formal policies govern things like acceptable employee use of email systems, acceptable content of messages, mailbox size, and a company's ownership of the email. When it comes to setting rules for using email to transact business, discuss human resources issues, exchange confidential information, respond to requests from regulators or lawyers, the majority of respondents reported no policies in place.

Table 1: Does your organization have any policies restricting or limiting the use of e-mail for any of the following purposes? (Percentage of 1,043 respondents)

Yes

No

Negotiating contracts and agreements

13%

68%

Discussing HR issues

19%

65%

Discussing operational or product strategies

14%

71%

Exchanging confidential or sensitive information

42%

47%

Responding to regulators

17%

59%

Answering inquiries from customers

21%

67%

Exchanging invoices, statements, and payment information

19%

65%

Filing documents with official bodies

17%

61%

Responding to litigation

22%

51%

On top of having few rules about what goes into email, organizations don't do much to protect it. Just 30 percent of respondents said they had any email encryption policy in place, and 37 percent had a policy for instant messaging -- this despite 61 percent of respondents reporting concern about theft of confidential info or intellectual property via email.

What emerges from all this is far from the landscape described by email management vendors, in which organizations are eager to adopt technology to sort and save important email.

When it comes to archiving email, nearly 60 percent of respondents said they save email as part of regular backup. A full 18 percent don't archive email at all. Just 3 percent reported outsourcing email archiving. (See Outsourcing Email Not an Easy Choice.)

Table 2: How does your company/organization archive its email? (No. and percentage of 1,043 respondents)

Email is archived as part of the backup process

439

44%

Using a commercial email archival tool

102

10%

Outsourced service

28

3%

As part of a records management program

92

9%

We don't archive email

182

18%

Using .pst files

151

15%

Mancini stresses the risks of relying on backup or leaving email management up to end users. "As anyone who has gone through an e-discovery process can attest, finding and producing relevant emails from back-up is not the same as producing them from an archive in which the content is based on the subject and relevance of the email."

On the plus side, respondents to the survey appear to be interested in some form of archiving. Just 12 percent reported that they'd continue to rely on IT's daily email server backups to manage email in the future. A full 72 percent reported interest in an email archiving solution integrated with either a records management product, an enterprise content management platform, or some other form of enterprise information platform.

For better or worse, the problems illustrated in this survey aren't likely to diminish. According to the Radicati Group consultancy, the volume of email that the average corporate user sends and/or receives every day will grow 30 percent within the next four years, from 16.4 Mbytes in 2006 to 21.4 Mbytes per day in 2010. And unless companies start taking action, Mancini implies, they'll be risking both their ability to produce relevant proof for compliance or litigation, but also their ability to benefit from increased use of email.

"Email has migrated from a proxy for conversation to a key form of organizational documentation, but most organizations have yet to make the jump to truly leverage email... Organizations largely leave the management of email up to individual employees, a precarious position at best given the critical role that email plays in documenting business decisions."

— Mary Jander, Site Editor, Byte and Switch

About the Author

Mary Jander

Contributor

Mary Jander is managing editor of UBM's Future Cities. Previously, she was executive editor of Internet Evolution, site editor of Byte and Switch, and a longtime senior editor of Light Reading. She has spent over 27 years reporting and writing on information technology and networking, including nine years on the senior editorial team of Data Communications magazine.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights