Enterprise social network archiving and good information governance
Enterprise social networks (ESNs) are becoming an increasingly important part of the way large organizations achieve their communication and collaboration goals, but there are many challenges associated with implementation. For example, a 2014 Osterman survey found almost one in four respondents haven't rolled out an ESN because “there are too many regulatory, compliance or other issues.” How can such obstacles be overcome?
As Enterprise 2.0 takes hold, it’s useful to think of an ESN not only as a new communication tool, but as a symbol of a larger tipping point. Any large organization that's eager to roll out an ESN is probably ready to update its approach to information governance. This, in turn, necessitates careful consideration of how third-party archiving can minimize compliance risk while maximizing return on investment in an ESN. This article explores some of the critical considerations.
When an ESN isn't enough
Short deadlines and mobile workers increase the likelihood that even brief communications will occur across multiple channels. ESNs can funnel these channels into a seamless end user experience, and this is one of their key selling points. However, while this seamlessness simplifies communication for the end user, it doesn't simplify underlying archiving and compliance protocols—they only become more complex in response to this new channel being added to all the rest.
ESNs are designed to improve organizational communication and collaboration, but they also impact a company’s mission-critical objectives. When faced with a key legal, HR, or IT need, an organization shouldn't be limited by a tool that wasn't designed to meet those needs. Even the best efforts to route all communications through an ESN create significant compliance risks, not to mention other inefficiencies.
ESNs, by nature, introduce at least some amount of controlled chaos into enterprise communications. Modern archiving solutions go beyond the limitations of the paper paradigm to encompass the transient, malleable qualities of digital information. Record managers can implement automatic processes for identifying and storing content according to surgically precise criteria, allowing them to easily organize and access any content submitted to an ESN. This saves time, reduces potential for human oversight, and leaves room for policy to adapt, along with evolving organizational, compliance, and legal requirements.
Specific regulations require specific tools; approximations are insufficient. For example, while an ESN might offer an optional read-only storage option, there's no compliance value in a read-only function that can be disabled. Records must be archived in their native format, with no possibility of tampering or deletion.
Similarly, an ESN might provide monitoring tools that help community managers find ways to improve communication and collaboration, but proof of supervision in a compliance context can require depth and breadth only available through independent archiving; the ability to automate policy and permission controls helps ensure the right people are monitoring the right information according to the right standards.
Regulators aren't the only ones raising the bar for archiving standards. As social media becomes the new normal, courts expect that organizations will be able to store, locate and produce all kinds of Electronically Stored Information (ESI). While ESNs offer many search and storage features, they weren't designed around the stringent legal requirements for handling ESI.
During eDiscovery, access to archived ESI of incontestable integrity is invaluable. Proper archival also ensures the retention of all metadata. In bulk, metadata can seem overwhelming and useless; but with the ability to isolate relevant criteria, legal teams can establish context quickly and conclusively. This can be especially advantageous during early case assessment, when decision-makers need to decide, with the highest possible degree of confidence, whether to pursue action or settle. If relevant ESI is identified, a legal hold must be placed on it. Even if an ESN includes secure storage features, retention within an independent archive remains the best practice.