SlideShare une entreprise Scribd logo

Messaging best practices for 2011

Actiance, Inc.
Actiance, Inc.

This document provides best practices for messaging in 2011 based on an Osterman Research white paper. Key takeaways include that corporate policies need to be detailed, thorough, and updated regularly to address risks from new technologies and legal/regulatory changes. Content archiving is necessary for e-discovery, compliance, and storage management. Encryption is also important to protect intellectual property and comply with regulations. Social networking needs close monitoring and archiving. Cloud services should be used across business functions. Overall, organizations must develop layered defenses from endpoints to gateways and focus on policy development and compliance.

TechnologieBusiness
1  sur  14
Télécharger pour lire hors ligne
Messaging Best Practices for 2011 by An Osterman Research White Paper Published December 2010 SPONSORED BY ( ( ( ! ! ! ! ! ! ! ! ! ! ! ! ! !"#$!#%&'()*( Osterman Research, Inc. • P.O. Box 1058 • Black Diamond, Washington 98010-1058 Tel: +1 253 630 5839 • Fax: +1 253 458 0934 • info@ostermanresearch.com www.ostermanresearch.com • Twitter: @mosterman !
Messaging Best Practices for 2011 Executive Summary Despite many pundits’ forecasts that email and other forms of messaging are being replaced by social media, email continues to reign supreme as the single most important application for most business users. To be sure, email is evolving to incorporate social media and other content sources, but email is where users spend more time than anywhere. For example, an Osterman Research survey found that the typical user spends 134 minutes per day working in their email client, dramatically more than the telephone, instant messaging or social media combinedi. The key question that IT decision makers must ask in the context of email and overall messaging management is this: is every practice a best practice? That is: • Will your practices minimize your risk of data loss, brand damage, reputation damage, legal risks and regulatory risks? • Will they help you lower costs and deliver more functionality to your end users? • Will they keep you current with new external drivers and technology developments? • Will they enable your users to become more mobile so that they will have access to all of their communication, collaboration and data assets when they work from home, from a hotel room or from an airport? Because technology, threats and risks change continually, it is important to remember that a best practice in 2010 might not still be “best” in 2011. Therefore, we have summarized in this analyst brief best practices around the key issues of email and Web security, content archiving, encryption, and social networking. KEY TAKEAWAYS Key takeaways from this analyst brief include: • Corporate policies need to be detailed and thorough enough and must be updated as often as necessary – in response to changes in technology, to the latest legal decision or to changes in regulatory requirements. These policies should focus on every communication vehicle used in your organization, including email, Web surfing, and Web 2.0 applications like social media. They must focus on how content is generated, managed and retained, and so should include detailed policies on archiving, encryption and compliance. While this advice may seem obvious, many organizations do not have sufficiently detailed policies. • As iPads, Twitter and other consumer-focused tools are introduced into the corporate network, the network perimeter is disappearing. Consequently, the advice to develop a layered defense strategy from the endpoint through the gateway and the cloud has never been more critical than it is today. ©2010 Osterman Research, Inc. 1
Messaging Best Practices for 2011 Thoroughness of Various Types of Corporate Communication Policies Source: Osterman Research, Inc. • Archiving electronic business content is no longer an option, and you must do so with litigation support, application efficiency, storage management, and compliance considerations in mind. • Encryption is vital on a number of levels, including the protection of intellectual property, compliance with regulatory obligations, and enablement of new business opportunities. Don’t focus on whether encryption is necessary or not (it definitely is), but focus on how it can best be implemented as an aid to content protection and compliance. • Social networking provides a number of benefits, but it must be closely monitored and managed, and its content archived. • Focus on how the cloud can be used in every aspect of your business. ABOUT THIS ANALYST BRIEF This brief is an adjunct to a Webinar that was conducted by Osterman Research in early November 2010. It provides some guidelines that we feel are important for organizations to follow in the context of how they manage their messaging environments. It offers our point of view based on the extensive research that we ©2010 Osterman Research, Inc. 2
Messaging Best Practices for 2011 conduct on an ongoing basis with IT decision makers and influencers. It has been sponsored by DataMotion, Actiance and Global Relay. First Things First: Focus on Policies UNDERSTAND YOUR RISKS A first step in approaching best practices focused on messaging is to understand the risks your organization faces. Many decision makers underappreciate these risks because they are too busy, they don’t have budget (particularly over the past couple of years), or they have not focused sufficiently on the growing number of risks they face. While every organization has limitations in its IT resources, that is not an excuse to fail to identify key risks. Also, once you have identified those risks, you can prioritize them based on highest to lowest and your current level of preparedness to face these risks. This is a great exercise to identify key projects and initiatives or “gaps-to-plug” through various means like technologies, education, training and improved policy development. For example, some of the risks that an organization faces in the context of how communication tools are used include the following: • Email, social media, text messaging or other communication tools that are not monitored can be used by employees to send sexually harassing or racially offensive content, leading to significant legal risks for an organization that does not monitor this content. The most famous such case is one in which Chevron Corporation paid $2.2 million to settle a case of sexual harassment by four female employees who had received numerous, offensive emails from co-workersii. • When sensitive or confidential content is sent in clear text, it can result in a serious data breach and very expensive consequences. For example, an employee of Rocky Mountain Bank of Wyoming sent an email to a representative of a customer at the latter’s request. However, the employee sent the email to the wrong address and mistakenly included an attachment with account information and Social Security numbers for 1,325 bank customersiii. All of those customers had to be notified at the bank’s expense. • Content that is not archived when it should be can lead to sanctions or fines for a failure to comply with regulatory obligations. For example, in May 2010 Piper Jaffray was fined $700,000 by FINRA for failing to retain 4.3 million emails during the six- year period ending December 2008iv. • Similarly, an inability to produce email or other electronic content when required can lead to adverse inference instructions (the instruction to a jury that they may consider an inability to produce evidence as indicative that such evidence could be incriminating). For example, in the case of Optowave Co., Ltd. v. Nikitinv, an adverse inference instruction was given to the jury resulting from the destruction of internal emails prior to litigation. ©2010 Osterman Research, Inc. 3
Messaging Best Practices for 2011 • Unmanaged Web surfing can also lead to significant problems for any organization, either by the nature of the content or by allowing malware to enter an organization. An example of the former is the case of Mrs. Rea Moonsar v. Fiveways Express Transport Ltd.vi, in which male employees downloaded pornographic content in the presence of a female employee, resulting in a judgment against the employer because they did not have policies in place forbidding this practice. Communication Tools for Which Organizations Have Implemented Policies Source: Osterman Research, Inc. COMMON PRACTICE THE NEXT STEP IS TO DEVELOP IT policies that are non-existent, POLICIES too general and that focus only Next, it is critical to develop detailed and on silos of technology. thorough corporate policies. We find that while organizations need to strengthen their policies for BEST PRACTICE 2011, they are doing so from a position of Understanding the role of relative weakness. The policies most proactive policy development organizations have today are inadequate, and across all departments within the many times do not cut across departmental organization, keeping policies boundaries. We find that in most organizations current, making them sufficiently the policies are too general, they don’t keep pace detailed, and adapting with changing technology, or are not updated technology strategies to meet the with sufficient frequency. needs of today’s policies. ©2010 Osterman Research, Inc. 4
Messaging Best Practices for 2011 Further, the enforcement of a weak or ill-defined policy is much more difficult than when dealing from a position of strength through a well thought-out and up-to-date policy. The bottom line is that a policy that is too general may not provide any level of defense in court or before a regulator, and it may not prevent employee behavior that could lead to quite serious ramifications. As your organizations look forward to 2011 and updating its policies, they should be sure to focus on critical applications like email, Web surfing, Web 2.0 applications, social media, data retention, compliance and legal issues. Archive Any and All Content That Must be Retained One of the most important considerations in the process of selecting an archiving solution is to first justify the need for archiving to senior decision makers, since not everyone agrees that email and other content archiving is a sound business practice. Justification of email and other content archiving will vary depending on the industry in which an organization operates, the number of users it has, its corporate culture and other factors, but the following should be considered: • Archiving can save an organization millions of dollars While archiving may not be a critical requirement to a particular organization on a day-to-day basis, a single e-discovery exercise or regulatory audit in which data can be rapidly gathered and assembled using an archiving system can save an organization from significant financial harm. For example, in June 2005 AMD filed suit against Intel and requested that email for a small number of Intel employees be preserved. The Intel employees in question were to copy the requested email to their hard drives. However, some employees did not follow instructions properly, resulting in the loss of email that should have been part of the discovery effort over a period of more than three months. The Wall Street Journal reported that Intel spent $3.3 million to process tapes to recover the necessary emails. While Intel can clearly absorb this cost easily, a smaller company could have been bankrupted by just one such incident. • Archiving can boost user productivity By automatically migrating content in the email store to an archiving system, employees can avoid the estimated 30 to 60 minutes per week they spend on staying under their mailbox-size quota limitations. This can save an estimated 25 to 50 hours per year per employee or $900 to $1,800 in employee productivity costs annually. • Think long term Email archiving provides a range of capabilities that may or may not be required today, but that could be useful in the future. For example, an organization may decide it needs to archive email primarily for e-discovery purposes. However, by implementing an email archiving system specifically for this purpose from a vendor ©2010 Osterman Research, Inc. 5
Messaging Best Practices for 2011 that provides extensibility of the system, the organization has also implemented a storage management capability that it will need two years into the future. STEPS TO JUSTIFYING ARCHIVING As IT managers and others evaluate email and other content archiving options, it is useful to relate the requirements of business units, departments and individual users to various types of archiving capabilities. We recommend the following approach: • Survey internal users to determine the specific applications for archiving and the applications for which archiving will be used. For example, an internal survey in a financial services company should reveal a very high emphasis placed on email archiving for regulatory compliance and legal discovery purposes, and much less importance placed on data mining and storage management. • Plot these requirements graphically on a radar chart to create a map that shows the importance of various features relative to others. The chart will also reveal how “complete” a solution must be in order to satisfy that organization’s requirements. • We then recommend mapping the capabilities of each solution under review, also on a 1 to 5 scale, where 1 might be “not at all satisfactory” and 5 is “very satisfactory”, and superimposing it on the map of capabilities to determine how well each solution fits the requirements of the organization. • Any number of criteria can be added to the radar chart, including scalability, message throughput per hour, and the like. The goal of this type of analysis is two-fold: • First, it is important to establish a common set of criteria on which archiving solutions are COMMON PRACTICE evaluated. Each vendor will often have its Many organizations, particularly own set of evaluation criteria and product those outside of heavily performance specification – comparing these regulated industries like financial can be difficult and very time consuming. services, pharmaceutical or energy do not archive content, • Second, a graphical representation that instead relying on backup tapes shows functional requirements mapped for e-discovery, early case directly against each solution’s capabilities assessment or related activities. can be helpful in speeding the elimination process for solutions that simply will not BEST PRACTICE satisfy an organization’s archiving needs. Every organization should archive content for purposes of e- As part of the process for evaluating various discovery, regulatory compliance, archiving solutions, a more detailed set of storage management, decision requirements, questions and criteria should be support, data mining and established for the needs of particular maintaining a corporate digital departments or functions, but the analysis heritage. discussed above provides a good starting point ©2010 Osterman Research, Inc. 6
Messaging Best Practices for 2011 for evaluating competing solutions. ARCHIVING IS NOT ABOUT IF, BUT ABOUT HOW MUCH Content archiving is not an option: important business records stored electronically, whether in email, on file servers, on users desktops, in databases, in Web 2.0 applications or in collaboration systems – must be retained. An email and content management system is a long-term investment that will yield benefits for many years in the context of e-discovery, its ability to satisfy regulatory audits, improving storage management, and the like. As a result, it is critical for decision makers to consider the impact of an archiving system on these requirements for many years into the future. For example, an email archiving system implemented today will be able to satisfy e- discovery requirements imposed upon an organization seven years from now. The same archiving system may allow an organization to reduce its storage requirements by just 10% per year, but with a cumulative impact of reducing storage requirements by 77% during the same seven-year period. In short, unlike an email system that may be replaced every three or four years, an archiving system will have longer term and more cumulative impacts on an organization. Encrypt Outbound Communications CONSIDER ENCRYPTION AS PART OF YOUR SECURITY STRATEGY Any organization should take a holistic view of their encryption requirements by viewing them as part of their overall security infrastructure. This requires that encryption not be viewed as a standalone technology or activity, but as integral with an organization’s control of viruses, worms, spam, data leaks, etc. A key part of this effort should identify who in an organization has the greatest need for encryption and where the deployment of encryption would enable the creation of business processes not currently available to them. The roles that could benefit most from encryption might include legal counsel, human resources, finance and other groups that regularly send sensitive or confidential information to others inside and outside the organization. However, Osterman Research has found that users who might not consider themselves as users of encryption often could make good use of it. For example, some roles/applications that could use encryption frequently include marketing managers when sharing new logo or product designs, analyst relations staff when sharing embargoed presentations, or public relations staff when distributing announcements to the press. Most often, these roles do not use make regular use of encryption technology despite the fact that they share sensitive data on at least a somewhat regular basis. YOU HAVE OBLIGATIONS TO PROTECT DATA It is also important to examine your obligations to encrypt sensitive communications and data based on state, provincial, federal and international levels, as well as other requirements that may not be regulatory in nature. For example, there are a variety of regulatory obligations to protect customer and other sensitive information in transit and at rest; each of which carries with it penalties for breaching this data. There may also ©2010 Osterman Research, Inc. 7
Messaging Best Practices for 2011 be business partner requirements and generally accepted industry standards to protect data to which an organization must adhere. It is also important to examine the reach of obligations that may not necessarily apply to an organization today but that could impact it in the future. For example, the “new” HIPAA expands the obligations that used to apply only to covered entities to all of those entities’ business partners. That means that attorneys, benefits administrators, accountants and others that work with healthcare-related organizations and have in their possession PHI are now subject to the same obligations for data privacy. Status of Adopting Data Breach Notification Laws in the United States (as of October 12, 2010) CONSIDER YOUR DEPLOYMENT OPTIONS You should also evaluate the various deployment options and scenarios that are available and that might be useful. For example, deployment models range from completely on-premise solutions using servers or appliances to completely hosted/SaaS- based solutions. An organization may opt for policy-based encryption that takes the decision about encrypting individual emails out of the hands of users, they may opt to allow only manual encryption that is completely under the control of users, or use a combined approach. Encryption could occur at the gateway so that content remains unencrypted behind the firewall, or an organization could opt for desktop-to-desktop encryption. ©2010 Osterman Research, Inc. 8
Messaging Best Practices for 2011 It is also important to consider the deployed encryption’s impact on email and other electronic COMMON PRACTICE content archiving. Because organizations are Encryption is performed only on obligated to preserve electronic business records the most sensitive content and for legal and regulatory purposes, the decision often inconsistently – a about encryption technologies will have an significant proportion of sensitive impact on how content is archived and how it is content is sent in the clear. searched and accessed in the future. BEST PRACTICE Further, content encryption should be viewed Enable encryption for all sensitive holistically in the context of every application in communication leaving the which it should be used: for email, real-time corporate firewall for purposes of communications, backup tapes, USB sticks, compliance, protection of laptops, smartphones, etc. intellectual property and mitigation of risk. It is important It is also important to view encryption as a to use layered encryption so that “green” solution because of its ability to securely sensitive data will automatically send and track content, and thereby eliminate a be encrypted if employees fail to significant amount of overnight courier use. For do so manually. This can also example, if encrypted email could replace just help to better train employees 1% of the leading overnight courier’s 3.3 million about what to encrypt by daily package deliveries, that would result in the sending them or their managers elimination of 8.6 million package deliveries a notice. annually. Manage Social Networking Content EVALUATE THE CORPORATE REQUIREMENT FOR SOCIAL NETWORKING Decision makers should understand how and why social networking is used in their organization. IT should conduct a thorough audit of how social networking is used, which tools are used, why they are used and so forth. This audit should also include a forward-looking focus on how these tools might be used in the future, how competing firms are using these tools, and new capabilities that might be employed in the future. There may be a significant disconnect between what IT perceives as a legitimate application of social networking and what individual users or business units perceive as legitimate. The goal, of course, is to balance the competing interests of both groups and derive the greatest benefit from the use of social networking while still remaining compliant with corporate policies and security requirements, which could include: UNDERSTAND WHAT CAN HAPPEN IF SOCIAL MEDIA IS UNMANAGED It is important to understand the consequences that can result when social networking content is not monitored, when business records in social networking posts are not retained, and so forth. It would be appropriate at this phase of the evaluation process to understand the potential consequences associated with not managing social networking use adequately. For example: ©2010 Osterman Research, Inc. 9
Messaging Best Practices for 2011 • If business records are sent via social networking tools, management’s decision to purge this content could be seen as spoliation of evidence in a lawsuit. For example, if management decides not to preserve sexually harassing direct messages sent using Twitter, a party offended by this content that takes legal action may be entitled to access the archives of these posts as part of an e-discovery exercise and could claim spoliation in their absence. As with email or any other form of electronic content, the ramifications of spoliation can be substantial and include fines and sanctions imposed by the court, the requirement to pay the prevailing party’s legal fees, attorneys’ costs for additional motions, and other serious consequences. • Employers cannot interfere with the communications of employees who want to discuss work conditions or complain about their benefits according to rules codified in the National Labor Relations Act. This means that employers must tread a fine line between monitoring and blocking social networking for inappropriate use or sharing of content in an inappropriate way and preserving the rights of employees to share information. • Investment advisers cannot be the beneficiary of a testimonial or recommendation on LinkedIn because of the potential violation of Rule 206(4) of the Investment Advisers Act of 1940vii. This rule makes it illegal for an investment adviser to publish or benefit from an advertisement or testimonial that deals with their conduct as an adviser. • Registered representatives are subject to scrutiny when they post content on social networking sites, including monitoring of their posts and retention of their communications. TECHNOLOGY IS KEY TO MANAGING SOCIAL MEDIA Finally, any organization should deploy technologies that will do the following: • Employee posts should be monitored on every social networking protocol that might COMMON PRACTICE be used. This monitoring may be after the Most decision makers do not fact, such as sampling employee posts to think that social media provides check for inappropriate content; or it might value to their organizations, but be in real time to monitor posts before they they do little or nothing to leave the organization. Osterman Research manage it. has found that while many IT decision makers oppose the use of specific social networking BEST PRACTICE tools or at least find them not to be legitimate Understand the benefits and risks for use in a business context, far fewer of social media, implement actually do anything to prevent their use. policies focused on how it should be used, and deploy technology • All relevant content that might constitute a that will monitor, manage and business record and that might need to be archive social media content. retained should be logged and archived. It is generally easier to simply archive or log all social networking content than take the risk that some important content might slip ©2010 Osterman Research, Inc. 10
Messaging Best Practices for 2011 through and not be retained, but this will depend to a large extent on the industry in which an organization operates and other factors. A key part of content logging is to ensure that the identity of the individuals who use social networking tools is clear and that content can be tied back to their corporate identity. • Most organizations will want to integrate their social networking archive with their primary electronic content archive. This makes legal holds, as well as searching across all electronic content during early case assessment and e-discovery, much easier and less time-consuming. • Threats that can enter an organization through social networking tools must be blocked. This is particularly important given the widespread use of short URLs that offer the user no visual cues about the veracity of the link, and the fact that many social networking tools can display content provided by individuals to whom users have not given permission to display posts. Summary Messaging and communications are absolutely vital to the way that organizations and users work, but current practice is lacking in several key areas: • Policies focused on use of email, the Web, Web 2.0 applications and other communication tools are often too general or, in some cases, non-existent. • Many organizations are not archiving their electronic content in a manner that will reduce their risk or their costs of managing storage. • Many organizations are not using encryption nearly to the extent that they should. • Most organizations are not yet managing social media appropriately. It is critical, therefore, for organizations of all sizes and in all industries to improve their practices focused on these key areas in order to reduce risk, reduce cost and make their organizations more efficient. ©2010 Osterman Research, Inc. 11
Messaging Best Practices for 2011 Sponsors of this White Paper ! DataMotion™, Inc. is a leading provider of information delivery solutions that enable businesses to safely and easily transact with partners and customers. DataMotion solutions leverage your existing IT infrastructure ! resulting in rapid deployment and a quick DataMotion return on investment, saving as much as $5 35 Airport Road for every $1 spent. Core applications of the Suite 120 DataMotion suite include encrypted e-mail, file Morristown, NJ 07960 transfers, electronic forms and programmatic APIs for integration. Solutions are available +1 800 672 7233 as hosted services or on-premise software. www.datamotion.com DataMotion’s unified platform provides visibility, security, management and reporting to all data exchanges - helping customers streamline business workflow and achieve regulatory compliance. For more than ten years leading healthcare, insurance, pharmaceutical, financial services and government agencies have trusted DataMotion for safe data delivery. For additional information and a free trial account, visit www.datamotion.com. Actiance enables the safe and productive use of Unified Communications, collaboration and Web 2.0, including blogs and social networking sites. Formerly FaceTime Communications, Actiance, Inc. Actiance’s award-winning platforms are used 1301 Shoreway by 9 of the top 10 US banks and more than Suite 275 1600 organizations globally for the security, Belmont, CA 94002 management and compliance of unified USA communications, Web 2.0 and social media +1 888 349 3223 channels. Actiance supports all leading social networks, unified communications providers 400 Thames Valley Park Drive and IM platforms, including Facebook, Thames Valley Park LinkedIn, Twitter AOL, Google, Yahoo!, Skype, Microsoft, IBM and Cisco. Reading, RG6 1PT United Kingdom For more information about Actiance’s award +44 (0) 1189 637 469 winning platform, please visit http://www.actiance.com. www.actiance.com ©2010 Osterman Research, Inc. 12
Messaging Best Practices for 2011 Global Relay's Hosted Email Archiving & Messaging Services provide businesses with easy-to-use professionally-managed, email archiving, email continuity and email security solutions. The Message Archiver, Global Relay's core email Global Relay Communications Inc. archiving technology, seamlessly 220 Cambie Street, 2nd Floor integrates with all email and instant Vancouver, BC messaging systems to deliver the fastest V6B 2M9 online search, retrieval and monitoring Canada capabilities on the market today. Its +1 866 484 6630 enterprise-class, web-based email www.globalrelay.com archiving tools address the demands of regulatory compliance, audit and eDiscovery, while alleviating the burden of data management, email archiving, storage, security and business continuity, including migration of historical data. Built on a reputation of customer service, technical expertise and compliance excellence, Global Relay has delivered Hosted Email Archiving & Messaging Services for over ten years and has never lost a message, nor had a security breach. We help our customers stay organized, competitive, compliant and in control. © 2010 Osterman Research, Inc. All rights reserved. No part of this document may be reproduced in any form by any means, nor may it be distributed without the permission of Osterman Research, Inc., nor may it be resold or distributed by any entity other than Osterman Research, Inc., without prior written authorization of Osterman Research, Inc. Osterman Research, Inc. does not provide legal advice. Nothing in this document constitutes legal advice, nor shall this document or any software product or other offering referenced herein serve as a substitute for the reader’s compliance with any laws (including but not limited to any act, statue, regulation, rule, directive, administrative order, executive order, etc. (collectively, “Laws”)) referenced in this document. If necessary, the reader should consult with competent legal counsel regarding any Laws referenced herein. Osterman Research, Inc. makes no representation or warranty regarding the completeness or accuracy of the information contained in this document. THIS DOCUMENT IS PROVIDED “AS IS” WITHOUT WARRANTY OF ANY KIND. ALL EXPRESS OR IMPLIED REPRESENTATIONS, CONDITIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE DETERMINED TO BE ILLEGAL. i Osterman Research survey conducted during November and December 2010 ii http://www.nytimes.com/1995/02/22/us/chevron-settles-sexual-harassment-charges.html iii http://commonlaw.findlaw.com/2009/09/personal-data-an-email-error-security-breach-notification-laws.html iv http://www.finra.org/Newsroom/NewsReleases/2010/P121506 v Optowave Co., Ltd. v. Nikitin, 2006 U.S. Dist. LEXIS 81345 vi http://www.bailii.org/uk/cases/UKEAT/2004/0476_04_2709.html vii http://newrulesofinvesting.com/2009/03/22/adviser-use-of-linkedin-may-violate-sec-rules/ ©2010 Osterman Research, Inc. 13

Recommandé

Amie- Unit 1 P6 and M2
Amie- Unit 1 P6 and M2Amie- Unit 1 P6 and M2
Amie- Unit 1 P6 and M2AmieBodkin
 
Goldbricking
GoldbrickingGoldbricking
GoldbrickingGAURAV. H .TANDON
 
Proofpoint Outbound/DLP Survey Results
Proofpoint Outbound/DLP Survey ResultsProofpoint Outbound/DLP Survey Results
Proofpoint Outbound/DLP Survey Resultsshapetech
 
Measuring Success with Google Analytics - which traffic sources are more like...
Measuring Success with Google Analytics - which traffic sources are more like...Measuring Success with Google Analytics - which traffic sources are more like...
Measuring Success with Google Analytics - which traffic sources are more like...NetSquared Vancouver
 
More than words, The changing face of reading | The advent of algorithmic & c...
More than words, The changing face of reading | The advent of algorithmic & c...More than words, The changing face of reading | The advent of algorithmic & c...
More than words, The changing face of reading | The advent of algorithmic & c...Thomas Wong
 
Apresentação Tony Anscombe
Apresentação Tony AnscombeApresentação Tony Anscombe
Apresentação Tony AnscombeAVG Brasil
 
Creating Clarity and Conviction in the Mind of Your Customer
Creating Clarity and Conviction in the Mind of Your CustomerCreating Clarity and Conviction in the Mind of Your Customer
Creating Clarity and Conviction in the Mind of Your CustomerJames O'Gara
 
A marketing strategy
A marketing strategyA marketing strategy
A marketing strategyJBee44
 

Recommandé

Amie- Unit 1 P6 and M2
Amie- Unit 1 P6 and M2Amie- Unit 1 P6 and M2
Amie- Unit 1 P6 and M2AmieBodkin
 
Goldbricking
GoldbrickingGoldbricking
GoldbrickingGAURAV. H .TANDON
 
Proofpoint Outbound/DLP Survey Results
Proofpoint Outbound/DLP Survey ResultsProofpoint Outbound/DLP Survey Results
Proofpoint Outbound/DLP Survey Resultsshapetech
 
Measuring Success with Google Analytics - which traffic sources are more like...
Measuring Success with Google Analytics - which traffic sources are more like...Measuring Success with Google Analytics - which traffic sources are more like...
Measuring Success with Google Analytics - which traffic sources are more like...NetSquared Vancouver
 
More than words, The changing face of reading | The advent of algorithmic & c...
More than words, The changing face of reading | The advent of algorithmic & c...More than words, The changing face of reading | The advent of algorithmic & c...
More than words, The changing face of reading | The advent of algorithmic & c...Thomas Wong
 
Apresentação Tony Anscombe
Apresentação Tony AnscombeApresentação Tony Anscombe
Apresentação Tony AnscombeAVG Brasil
 
Creating Clarity and Conviction in the Mind of Your Customer
Creating Clarity and Conviction in the Mind of Your CustomerCreating Clarity and Conviction in the Mind of Your Customer
Creating Clarity and Conviction in the Mind of Your CustomerJames O'Gara
 
A marketing strategy
A marketing strategyA marketing strategy
A marketing strategyJBee44
 
Corporate Messaging Development and Delivery Assessment for 2015
Corporate Messaging Development and Delivery Assessment for 2015Corporate Messaging Development and Delivery Assessment for 2015
Corporate Messaging Development and Delivery Assessment for 2015OnMessage
 
30 Tips and Tweets
30 Tips and Tweets30 Tips and Tweets
30 Tips and TweetsOnMessage
 
Business Messaging - Trends and Practice
Business Messaging - Trends and PracticeBusiness Messaging - Trends and Practice
Business Messaging - Trends and PracticeArthur Lo
 
Internal Communications Excellence: Engaging Middle Management
Internal Communications Excellence: Engaging Middle ManagementInternal Communications Excellence: Engaging Middle Management
Internal Communications Excellence: Engaging Middle ManagementBest Practices
 
Phased Approach- How to Conduct an Effective Veteran Hiring Initiative
Phased Approach- How to Conduct an Effective Veteran Hiring InitiativePhased Approach- How to Conduct an Effective Veteran Hiring Initiative
Phased Approach- How to Conduct an Effective Veteran Hiring InitiativeAdam O'Toole
 
Executing Product Positioning, Messaging, and Social Storytelling - David But...
Executing Product Positioning, Messaging, and Social Storytelling - David But...Executing Product Positioning, Messaging, and Social Storytelling - David But...
Executing Product Positioning, Messaging, and Social Storytelling - David But...ProductCamp Boston
 
Chapter 4. segmentation, targeting, positioning
Chapter 4. segmentation, targeting, positioningChapter 4. segmentation, targeting, positioning
Chapter 4. segmentation, targeting, positioningJags Jagdish
 
Positioning, Messaging, and B2B Social Product Marketing
Positioning, Messaging, and B2B Social Product MarketingPositioning, Messaging, and B2B Social Product Marketing
Positioning, Messaging, and B2B Social Product MarketingAIPMM Administration
 
Steal This Idea: Brand Messaging
Steal This Idea: Brand Messaging Steal This Idea: Brand Messaging
Steal This Idea: Brand Messaging Liquid Agency
 
S&OP Implementation Roadmap
S&OP Implementation RoadmapS&OP Implementation Roadmap
S&OP Implementation RoadmapAnand Subramaniam
 
The Content Strategy of Thought Leadership
The Content Strategy of Thought LeadershipThe Content Strategy of Thought Leadership
The Content Strategy of Thought LeadershipStacey King Gordon
 
Messaging is Eating the World (by Edith Yeung)
Messaging is Eating the World (by Edith Yeung)Messaging is Eating the World (by Edith Yeung)
Messaging is Eating the World (by Edith Yeung)Edith Yeung
 
How to Develop Strategic Messaging and Positioning
How to Develop Strategic Messaging and PositioningHow to Develop Strategic Messaging and Positioning
How to Develop Strategic Messaging and PositioningMyk Pono
 
Modern marketing organizational structure @kaykas - jascha kaykas-wolff
Modern marketing organizational structure @kaykas - jascha kaykas-wolffModern marketing organizational structure @kaykas - jascha kaykas-wolff
Modern marketing organizational structure @kaykas - jascha kaykas-wolffJascha Kaykas-Wolff
 
Why You Need to Consider Cloud-Based Security in 2012
Why You Need to Consider Cloud-Based Security in 2012Why You Need to Consider Cloud-Based Security in 2012
Why You Need to Consider Cloud-Based Security in 2012Osterman Research, Inc.
 
Web Archiving Whitepaper
Web Archiving WhitepaperWeb Archiving Whitepaper
Web Archiving Whitepapergforcejc
 
The Concise Guide to E-Discovery
The Concise Guide to E-DiscoveryThe Concise Guide to E-Discovery
The Concise Guide to E-DiscoveryOsterman Research, Inc.
 
Making File Transfer Easier, Compliant and More Secure
Making File Transfer Easier, Compliant and More SecureMaking File Transfer Easier, Compliant and More Secure
Making File Transfer Easier, Compliant and More SecureOsterman Research, Inc.
 
Why you need to focus on social networking in your company
Why you need to focus on social networking in your companyWhy you need to focus on social networking in your company
Why you need to focus on social networking in your companyActiance, Inc.
 
Enterprise 2.0: social networks behind the firewall
Enterprise 2.0: social networks behind the firewallEnterprise 2.0: social networks behind the firewall
Enterprise 2.0: social networks behind the firewallRandy Woods
 
The Critical Need to Secure the Web in Your Company
The Critical Need to Secure the Web in Your CompanyThe Critical Need to Secure the Web in Your Company
The Critical Need to Secure the Web in Your CompanyOsterman Research, Inc.
 
Social networks and social media analysis in the context of the enterprise
Social networks and social media analysis in the context of the enterpriseSocial networks and social media analysis in the context of the enterprise
Social networks and social media analysis in the context of the enterpriseRamez Al-Fayez
 

Contenu connexe

En vedette

Corporate Messaging Development and Delivery Assessment for 2015
Corporate Messaging Development and Delivery Assessment for 2015Corporate Messaging Development and Delivery Assessment for 2015
Corporate Messaging Development and Delivery Assessment for 2015OnMessage
 
30 Tips and Tweets
30 Tips and Tweets30 Tips and Tweets
30 Tips and TweetsOnMessage
 
Business Messaging - Trends and Practice
Business Messaging - Trends and PracticeBusiness Messaging - Trends and Practice
Business Messaging - Trends and PracticeArthur Lo
 
Internal Communications Excellence: Engaging Middle Management
Internal Communications Excellence: Engaging Middle ManagementInternal Communications Excellence: Engaging Middle Management
Internal Communications Excellence: Engaging Middle ManagementBest Practices
 
Phased Approach- How to Conduct an Effective Veteran Hiring Initiative
Phased Approach- How to Conduct an Effective Veteran Hiring InitiativePhased Approach- How to Conduct an Effective Veteran Hiring Initiative
Phased Approach- How to Conduct an Effective Veteran Hiring InitiativeAdam O'Toole
 
Executing Product Positioning, Messaging, and Social Storytelling - David But...
Executing Product Positioning, Messaging, and Social Storytelling - David But...Executing Product Positioning, Messaging, and Social Storytelling - David But...
Executing Product Positioning, Messaging, and Social Storytelling - David But...ProductCamp Boston
 
Chapter 4. segmentation, targeting, positioning
Chapter 4. segmentation, targeting, positioningChapter 4. segmentation, targeting, positioning
Chapter 4. segmentation, targeting, positioningJags Jagdish
 
Positioning, Messaging, and B2B Social Product Marketing
Positioning, Messaging, and B2B Social Product MarketingPositioning, Messaging, and B2B Social Product Marketing
Positioning, Messaging, and B2B Social Product MarketingAIPMM Administration
 
Steal This Idea: Brand Messaging
Steal This Idea: Brand Messaging Steal This Idea: Brand Messaging
Steal This Idea: Brand Messaging Liquid Agency
 
The Content Strategy of Thought Leadership
The Content Strategy of Thought LeadershipThe Content Strategy of Thought Leadership
The Content Strategy of Thought LeadershipStacey King Gordon
 
Messaging is Eating the World (by Edith Yeung)
Messaging is Eating the World (by Edith Yeung)Messaging is Eating the World (by Edith Yeung)
Messaging is Eating the World (by Edith Yeung)Edith Yeung
 
How to Develop Strategic Messaging and Positioning
How to Develop Strategic Messaging and PositioningHow to Develop Strategic Messaging and Positioning
How to Develop Strategic Messaging and PositioningMyk Pono
 
Modern marketing organizational structure @kaykas - jascha kaykas-wolff
Modern marketing organizational structure @kaykas - jascha kaykas-wolffModern marketing organizational structure @kaykas - jascha kaykas-wolff
Modern marketing organizational structure @kaykas - jascha kaykas-wolffJascha Kaykas-Wolff
 

En vedette (14)

Corporate Messaging Development and Delivery Assessment for 2015
Corporate Messaging Development and Delivery Assessment for 2015Corporate Messaging Development and Delivery Assessment for 2015
Corporate Messaging Development and Delivery Assessment for 2015
 
30 Tips and Tweets
30 Tips and Tweets30 Tips and Tweets
30 Tips and Tweets
 
Business Messaging - Trends and Practice
Business Messaging - Trends and PracticeBusiness Messaging - Trends and Practice
Business Messaging - Trends and Practice
 
Internal Communications Excellence: Engaging Middle Management
Internal Communications Excellence: Engaging Middle ManagementInternal Communications Excellence: Engaging Middle Management
Internal Communications Excellence: Engaging Middle Management
 
Phased Approach- How to Conduct an Effective Veteran Hiring Initiative
Phased Approach- How to Conduct an Effective Veteran Hiring InitiativePhased Approach- How to Conduct an Effective Veteran Hiring Initiative
Phased Approach- How to Conduct an Effective Veteran Hiring Initiative
 
Executing Product Positioning, Messaging, and Social Storytelling - David But...
Executing Product Positioning, Messaging, and Social Storytelling - David But...Executing Product Positioning, Messaging, and Social Storytelling - David But...
Executing Product Positioning, Messaging, and Social Storytelling - David But...
 
Chapter 4. segmentation, targeting, positioning
Chapter 4. segmentation, targeting, positioningChapter 4. segmentation, targeting, positioning
Chapter 4. segmentation, targeting, positioning
 
Positioning, Messaging, and B2B Social Product Marketing
Positioning, Messaging, and B2B Social Product MarketingPositioning, Messaging, and B2B Social Product Marketing
Positioning, Messaging, and B2B Social Product Marketing
 
Steal This Idea: Brand Messaging
Steal This Idea: Brand Messaging Steal This Idea: Brand Messaging
Steal This Idea: Brand Messaging
 
S&OP Implementation Roadmap
S&OP Implementation RoadmapS&OP Implementation Roadmap
S&OP Implementation Roadmap
 
The Content Strategy of Thought Leadership
The Content Strategy of Thought LeadershipThe Content Strategy of Thought Leadership
The Content Strategy of Thought Leadership
 
Messaging is Eating the World (by Edith Yeung)
Messaging is Eating the World (by Edith Yeung)Messaging is Eating the World (by Edith Yeung)
Messaging is Eating the World (by Edith Yeung)
 
How to Develop Strategic Messaging and Positioning
How to Develop Strategic Messaging and PositioningHow to Develop Strategic Messaging and Positioning
How to Develop Strategic Messaging and Positioning
 
Modern marketing organizational structure @kaykas - jascha kaykas-wolff
Modern marketing organizational structure @kaykas - jascha kaykas-wolffModern marketing organizational structure @kaykas - jascha kaykas-wolff
Modern marketing organizational structure @kaykas - jascha kaykas-wolff
 

Similaire à Messaging best practices for 2011

Why You Need to Consider Cloud-Based Security in 2012
Why You Need to Consider Cloud-Based Security in 2012Why You Need to Consider Cloud-Based Security in 2012
Why You Need to Consider Cloud-Based Security in 2012Osterman Research, Inc.
 
Web Archiving Whitepaper
Web Archiving WhitepaperWeb Archiving Whitepaper
Web Archiving Whitepapergforcejc
 
Making File Transfer Easier, Compliant and More Secure
Making File Transfer Easier, Compliant and More SecureMaking File Transfer Easier, Compliant and More Secure
Making File Transfer Easier, Compliant and More SecureOsterman Research, Inc.
 
Why you need to focus on social networking in your company
Why you need to focus on social networking in your companyWhy you need to focus on social networking in your company
Why you need to focus on social networking in your companyActiance, Inc.
 
Enterprise 2.0: social networks behind the firewall
Enterprise 2.0: social networks behind the firewallEnterprise 2.0: social networks behind the firewall
Enterprise 2.0: social networks behind the firewallRandy Woods
 
The Critical Need to Secure the Web in Your Company
The Critical Need to Secure the Web in Your CompanyThe Critical Need to Secure the Web in Your Company
The Critical Need to Secure the Web in Your CompanyOsterman Research, Inc.
 
Social networks and social media analysis in the context of the enterprise
Social networks and social media analysis in the context of the enterpriseSocial networks and social media analysis in the context of the enterprise
Social networks and social media analysis in the context of the enterpriseRamez Al-Fayez
 
PATEO - Automobile Artificial Intelligence (AI) in China, a Digital Marketing...
PATEO - Automobile Artificial Intelligence (AI) in China, a Digital Marketing...PATEO - Automobile Artificial Intelligence (AI) in China, a Digital Marketing...
PATEO - Automobile Artificial Intelligence (AI) in China, a Digital Marketing...Kate Gilchrist
 
Blueprint for intranet success: Professional Advantage presentation
Blueprint for intranet success: Professional Advantage presentation Blueprint for intranet success: Professional Advantage presentation
Blueprint for intranet success: Professional Advantage presentation Deloitte Australia
 
E commerce: Expanding Business Online
E commerce: Expanding Business OnlineE commerce: Expanding Business Online
E commerce: Expanding Business OnlineJanette Toral
 
Digital IR Communications
Digital IR CommunicationsDigital IR Communications
Digital IR CommunicationsComprend
 
Digital IR Communications
Digital IR CommunicationsDigital IR Communications
Digital IR CommunicationsComprend
 
ERIM REPORT SERIES RESEARCH IN MANAGEMENT ERIM Repor.docx
ERIM REPORT SERIES RESEARCH IN MANAGEMENT ERIM Repor.docxERIM REPORT SERIES RESEARCH IN MANAGEMENT ERIM Repor.docx
ERIM REPORT SERIES RESEARCH IN MANAGEMENT ERIM Repor.docxYASHU40
 
Web-based business models in 2014
Web-based business models in 2014Web-based business models in 2014
Web-based business models in 2014Eduardo Larrain
 
Social Media for Business - Soton MBA
Social Media for Business - Soton MBASocial Media for Business - Soton MBA
Social Media for Business - Soton MBALisa Harris
 
Case study-IT Outsourcing in Denmark
Case study-IT Outsourcing in DenmarkCase study-IT Outsourcing in Denmark
Case study-IT Outsourcing in DenmarkEnes Bolfidan
 
Intranets evolved presentation apr 2011
Intranets evolved presentation apr 2011Intranets evolved presentation apr 2011
Intranets evolved presentation apr 2011View Strategic PLC
 

Similaire à Messaging best practices for 2011 (20)

Why You Need to Consider Cloud-Based Security in 2012
Why You Need to Consider Cloud-Based Security in 2012Why You Need to Consider Cloud-Based Security in 2012
Why You Need to Consider Cloud-Based Security in 2012
 
Web Archiving Whitepaper
Web Archiving WhitepaperWeb Archiving Whitepaper
Web Archiving Whitepaper
 
The Concise Guide to E-Discovery
The Concise Guide to E-DiscoveryThe Concise Guide to E-Discovery
The Concise Guide to E-Discovery
 
Making File Transfer Easier, Compliant and More Secure
Making File Transfer Easier, Compliant and More SecureMaking File Transfer Easier, Compliant and More Secure
Making File Transfer Easier, Compliant and More Secure
 
Why you need to focus on social networking in your company
Why you need to focus on social networking in your companyWhy you need to focus on social networking in your company
Why you need to focus on social networking in your company
 
Enterprise 2.0: social networks behind the firewall
Enterprise 2.0: social networks behind the firewallEnterprise 2.0: social networks behind the firewall
Enterprise 2.0: social networks behind the firewall
 
The Critical Need to Secure the Web in Your Company
The Critical Need to Secure the Web in Your CompanyThe Critical Need to Secure the Web in Your Company
The Critical Need to Secure the Web in Your Company
 
Social networks and social media analysis in the context of the enterprise
Social networks and social media analysis in the context of the enterpriseSocial networks and social media analysis in the context of the enterprise
Social networks and social media analysis in the context of the enterprise
 
PATEO - Automobile Artificial Intelligence (AI) in China, a Digital Marketing...
PATEO - Automobile Artificial Intelligence (AI) in China, a Digital Marketing...PATEO - Automobile Artificial Intelligence (AI) in China, a Digital Marketing...
PATEO - Automobile Artificial Intelligence (AI) in China, a Digital Marketing...
 
Blueprint for intranet success: Professional Advantage presentation
Blueprint for intranet success: Professional Advantage presentation Blueprint for intranet success: Professional Advantage presentation
Blueprint for intranet success: Professional Advantage presentation
 
E commerce: Expanding Business Online
E commerce: Expanding Business OnlineE commerce: Expanding Business Online
E commerce: Expanding Business Online
 
Digital IR Communications
Digital IR CommunicationsDigital IR Communications
Digital IR Communications
 
Digital IR Communications
Digital IR CommunicationsDigital IR Communications
Digital IR Communications
 
ERIM REPORT SERIES RESEARCH IN MANAGEMENT ERIM Repor.docx
ERIM REPORT SERIES RESEARCH IN MANAGEMENT ERIM Repor.docxERIM REPORT SERIES RESEARCH IN MANAGEMENT ERIM Repor.docx
ERIM REPORT SERIES RESEARCH IN MANAGEMENT ERIM Repor.docx
 
Web-based business models in 2014
Web-based business models in 2014Web-based business models in 2014
Web-based business models in 2014
 
Social Media for Business - Soton MBA
Social Media for Business - Soton MBASocial Media for Business - Soton MBA
Social Media for Business - Soton MBA
 
Case study-IT Outsourcing in Denmark
Case study-IT Outsourcing in DenmarkCase study-IT Outsourcing in Denmark
Case study-IT Outsourcing in Denmark
 
Introduction
IntroductionIntroduction
Introduction
 
Estrategies intro
Estrategies introEstrategies intro
Estrategies intro
 
Intranets evolved presentation apr 2011
Intranets evolved presentation apr 2011Intranets evolved presentation apr 2011
Intranets evolved presentation apr 2011
 

Plus de Actiance, Inc.

Compliance Guide for NFA-Registered Firms
Compliance Guide for NFA-Registered FirmsCompliance Guide for NFA-Registered Firms
Compliance Guide for NFA-Registered FirmsActiance, Inc.
 
The case for social media management and archiving
The case for social media management and archivingThe case for social media management and archiving
The case for social media management and archivingActiance, Inc.
 
Actiance whitepaper-ost-federal-unified-communications
Actiance whitepaper-ost-federal-unified-communicationsActiance whitepaper-ost-federal-unified-communications
Actiance whitepaper-ost-federal-unified-communicationsActiance, Inc.
 
The impact of the new FRCP amendments on your business
The impact of the new FRCP amendments on your businessThe impact of the new FRCP amendments on your business
The impact of the new FRCP amendments on your businessActiance, Inc.
 
The impact of new communication tools for financial services firms
The impact of new communication tools for financial services firms The impact of new communication tools for financial services firms
The impact of new communication tools for financial services firms Actiance, Inc.
 
Compliance implications of social media
Compliance implications of social mediaCompliance implications of social media
Compliance implications of social mediaActiance, Inc.
 
Importance of social media in Pharmaceutical industry
Importance of social media in Pharmaceutical industryImportance of social media in Pharmaceutical industry
Importance of social media in Pharmaceutical industryActiance, Inc.
 
How do you quantify ROI on social media?
How do you quantify ROI on social media?How do you quantify ROI on social media?
How do you quantify ROI on social media?Actiance, Inc.
 
IDC event flash on Socialite launch
IDC event flash on Socialite launchIDC event flash on Socialite launch
IDC event flash on Socialite launchActiance, Inc.
 
Social Media Guidelines for Insurance Industry
Social Media Guidelines for Insurance Industry Social Media Guidelines for Insurance Industry
Social Media Guidelines for Insurance Industry Actiance, Inc.
 
Enterprises are upgrading from Microsoft OCS to Lync
Enterprises are upgrading from Microsoft OCS to LyncEnterprises are upgrading from Microsoft OCS to Lync
Enterprises are upgrading from Microsoft OCS to LyncActiance, Inc.
 
True Compliance for Social Media
True Compliance for Social MediaTrue Compliance for Social Media
True Compliance for Social MediaActiance, Inc.
 
Social Media and Litigation are Outlining eDiscovery Issues
Social Media and Litigation are Outlining eDiscovery IssuesSocial Media and Litigation are Outlining eDiscovery Issues
Social Media and Litigation are Outlining eDiscovery IssuesActiance, Inc.
 
Handbook on Interpreting FINRA Regulatory Notices 10-06 and 11-39 and Using S...
Handbook on Interpreting FINRA Regulatory Notices 10-06 and 11-39 and Using S...Handbook on Interpreting FINRA Regulatory Notices 10-06 and 11-39 and Using S...
Handbook on Interpreting FINRA Regulatory Notices 10-06 and 11-39 and Using S...Actiance, Inc.
 
Actiance handbook-interpreting finra-10-03_and_11-39_for_using_social_media
Actiance handbook-interpreting finra-10-03_and_11-39_for_using_social_mediaActiance handbook-interpreting finra-10-03_and_11-39_for_using_social_media
Actiance handbook-interpreting finra-10-03_and_11-39_for_using_social_mediaActiance, Inc.
 

Plus de Actiance, Inc. (15)

Compliance Guide for NFA-Registered Firms
Compliance Guide for NFA-Registered FirmsCompliance Guide for NFA-Registered Firms
Compliance Guide for NFA-Registered Firms
 
The case for social media management and archiving
The case for social media management and archivingThe case for social media management and archiving
The case for social media management and archiving
 
Actiance whitepaper-ost-federal-unified-communications
Actiance whitepaper-ost-federal-unified-communicationsActiance whitepaper-ost-federal-unified-communications
Actiance whitepaper-ost-federal-unified-communications
 
The impact of the new FRCP amendments on your business
The impact of the new FRCP amendments on your businessThe impact of the new FRCP amendments on your business
The impact of the new FRCP amendments on your business
 
The impact of new communication tools for financial services firms
The impact of new communication tools for financial services firms The impact of new communication tools for financial services firms
The impact of new communication tools for financial services firms
 
Compliance implications of social media
Compliance implications of social mediaCompliance implications of social media
Compliance implications of social media
 
Importance of social media in Pharmaceutical industry
Importance of social media in Pharmaceutical industryImportance of social media in Pharmaceutical industry
Importance of social media in Pharmaceutical industry
 
How do you quantify ROI on social media?
How do you quantify ROI on social media?How do you quantify ROI on social media?
How do you quantify ROI on social media?
 
IDC event flash on Socialite launch
IDC event flash on Socialite launchIDC event flash on Socialite launch
IDC event flash on Socialite launch
 
Social Media Guidelines for Insurance Industry
Social Media Guidelines for Insurance Industry Social Media Guidelines for Insurance Industry
Social Media Guidelines for Insurance Industry
 
Enterprises are upgrading from Microsoft OCS to Lync
Enterprises are upgrading from Microsoft OCS to LyncEnterprises are upgrading from Microsoft OCS to Lync
Enterprises are upgrading from Microsoft OCS to Lync
 
True Compliance for Social Media
True Compliance for Social MediaTrue Compliance for Social Media
True Compliance for Social Media
 
Social Media and Litigation are Outlining eDiscovery Issues
Social Media and Litigation are Outlining eDiscovery IssuesSocial Media and Litigation are Outlining eDiscovery Issues
Social Media and Litigation are Outlining eDiscovery Issues
 
Handbook on Interpreting FINRA Regulatory Notices 10-06 and 11-39 and Using S...
Handbook on Interpreting FINRA Regulatory Notices 10-06 and 11-39 and Using S...Handbook on Interpreting FINRA Regulatory Notices 10-06 and 11-39 and Using S...
Handbook on Interpreting FINRA Regulatory Notices 10-06 and 11-39 and Using S...
 
Actiance handbook-interpreting finra-10-03_and_11-39_for_using_social_media
Actiance handbook-interpreting finra-10-03_and_11-39_for_using_social_mediaActiance handbook-interpreting finra-10-03_and_11-39_for_using_social_media
Actiance handbook-interpreting finra-10-03_and_11-39_for_using_social_media
 

Dernier

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesBoston Institute of Analytics
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 

Dernier (20)

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 

Messaging best practices for 2011

  • 1. Messaging Best Practices for 2011 by An Osterman Research White Paper Published December 2010 SPONSORED BY ( ( ( ! ! ! ! ! ! ! ! ! ! ! ! ! !"#$!#%&'()*( Osterman Research, Inc. • P.O. Box 1058 • Black Diamond, Washington 98010-1058 Tel: +1 253 630 5839 • Fax: +1 253 458 0934 • info@ostermanresearch.com www.ostermanresearch.com • Twitter: @mosterman !
  • 2. Messaging Best Practices for 2011 Executive Summary Despite many pundits’ forecasts that email and other forms of messaging are being replaced by social media, email continues to reign supreme as the single most important application for most business users. To be sure, email is evolving to incorporate social media and other content sources, but email is where users spend more time than anywhere. For example, an Osterman Research survey found that the typical user spends 134 minutes per day working in their email client, dramatically more than the telephone, instant messaging or social media combinedi. The key question that IT decision makers must ask in the context of email and overall messaging management is this: is every practice a best practice? That is: • Will your practices minimize your risk of data loss, brand damage, reputation damage, legal risks and regulatory risks? • Will they help you lower costs and deliver more functionality to your end users? • Will they keep you current with new external drivers and technology developments? • Will they enable your users to become more mobile so that they will have access to all of their communication, collaboration and data assets when they work from home, from a hotel room or from an airport? Because technology, threats and risks change continually, it is important to remember that a best practice in 2010 might not still be “best” in 2011. Therefore, we have summarized in this analyst brief best practices around the key issues of email and Web security, content archiving, encryption, and social networking. KEY TAKEAWAYS Key takeaways from this analyst brief include: • Corporate policies need to be detailed and thorough enough and must be updated as often as necessary – in response to changes in technology, to the latest legal decision or to changes in regulatory requirements. These policies should focus on every communication vehicle used in your organization, including email, Web surfing, and Web 2.0 applications like social media. They must focus on how content is generated, managed and retained, and so should include detailed policies on archiving, encryption and compliance. While this advice may seem obvious, many organizations do not have sufficiently detailed policies. • As iPads, Twitter and other consumer-focused tools are introduced into the corporate network, the network perimeter is disappearing. Consequently, the advice to develop a layered defense strategy from the endpoint through the gateway and the cloud has never been more critical than it is today. ©2010 Osterman Research, Inc. 1
  • 3. Messaging Best Practices for 2011 Thoroughness of Various Types of Corporate Communication Policies Source: Osterman Research, Inc. • Archiving electronic business content is no longer an option, and you must do so with litigation support, application efficiency, storage management, and compliance considerations in mind. • Encryption is vital on a number of levels, including the protection of intellectual property, compliance with regulatory obligations, and enablement of new business opportunities. Don’t focus on whether encryption is necessary or not (it definitely is), but focus on how it can best be implemented as an aid to content protection and compliance. • Social networking provides a number of benefits, but it must be closely monitored and managed, and its content archived. • Focus on how the cloud can be used in every aspect of your business. ABOUT THIS ANALYST BRIEF This brief is an adjunct to a Webinar that was conducted by Osterman Research in early November 2010. It provides some guidelines that we feel are important for organizations to follow in the context of how they manage their messaging environments. It offers our point of view based on the extensive research that we ©2010 Osterman Research, Inc. 2
  • 4. Messaging Best Practices for 2011 conduct on an ongoing basis with IT decision makers and influencers. It has been sponsored by DataMotion, Actiance and Global Relay. First Things First: Focus on Policies UNDERSTAND YOUR RISKS A first step in approaching best practices focused on messaging is to understand the risks your organization faces. Many decision makers underappreciate these risks because they are too busy, they don’t have budget (particularly over the past couple of years), or they have not focused sufficiently on the growing number of risks they face. While every organization has limitations in its IT resources, that is not an excuse to fail to identify key risks. Also, once you have identified those risks, you can prioritize them based on highest to lowest and your current level of preparedness to face these risks. This is a great exercise to identify key projects and initiatives or “gaps-to-plug” through various means like technologies, education, training and improved policy development. For example, some of the risks that an organization faces in the context of how communication tools are used include the following: • Email, social media, text messaging or other communication tools that are not monitored can be used by employees to send sexually harassing or racially offensive content, leading to significant legal risks for an organization that does not monitor this content. The most famous such case is one in which Chevron Corporation paid $2.2 million to settle a case of sexual harassment by four female employees who had received numerous, offensive emails from co-workersii. • When sensitive or confidential content is sent in clear text, it can result in a serious data breach and very expensive consequences. For example, an employee of Rocky Mountain Bank of Wyoming sent an email to a representative of a customer at the latter’s request. However, the employee sent the email to the wrong address and mistakenly included an attachment with account information and Social Security numbers for 1,325 bank customersiii. All of those customers had to be notified at the bank’s expense. • Content that is not archived when it should be can lead to sanctions or fines for a failure to comply with regulatory obligations. For example, in May 2010 Piper Jaffray was fined $700,000 by FINRA for failing to retain 4.3 million emails during the six- year period ending December 2008iv. • Similarly, an inability to produce email or other electronic content when required can lead to adverse inference instructions (the instruction to a jury that they may consider an inability to produce evidence as indicative that such evidence could be incriminating). For example, in the case of Optowave Co., Ltd. v. Nikitinv, an adverse inference instruction was given to the jury resulting from the destruction of internal emails prior to litigation. ©2010 Osterman Research, Inc. 3
  • 5. Messaging Best Practices for 2011 • Unmanaged Web surfing can also lead to significant problems for any organization, either by the nature of the content or by allowing malware to enter an organization. An example of the former is the case of Mrs. Rea Moonsar v. Fiveways Express Transport Ltd.vi, in which male employees downloaded pornographic content in the presence of a female employee, resulting in a judgment against the employer because they did not have policies in place forbidding this practice. Communication Tools for Which Organizations Have Implemented Policies Source: Osterman Research, Inc. COMMON PRACTICE THE NEXT STEP IS TO DEVELOP IT policies that are non-existent, POLICIES too general and that focus only Next, it is critical to develop detailed and on silos of technology. thorough corporate policies. We find that while organizations need to strengthen their policies for BEST PRACTICE 2011, they are doing so from a position of Understanding the role of relative weakness. The policies most proactive policy development organizations have today are inadequate, and across all departments within the many times do not cut across departmental organization, keeping policies boundaries. We find that in most organizations current, making them sufficiently the policies are too general, they don’t keep pace detailed, and adapting with changing technology, or are not updated technology strategies to meet the with sufficient frequency. needs of today’s policies. ©2010 Osterman Research, Inc. 4
  • 6. Messaging Best Practices for 2011 Further, the enforcement of a weak or ill-defined policy is much more difficult than when dealing from a position of strength through a well thought-out and up-to-date policy. The bottom line is that a policy that is too general may not provide any level of defense in court or before a regulator, and it may not prevent employee behavior that could lead to quite serious ramifications. As your organizations look forward to 2011 and updating its policies, they should be sure to focus on critical applications like email, Web surfing, Web 2.0 applications, social media, data retention, compliance and legal issues. Archive Any and All Content That Must be Retained One of the most important considerations in the process of selecting an archiving solution is to first justify the need for archiving to senior decision makers, since not everyone agrees that email and other content archiving is a sound business practice. Justification of email and other content archiving will vary depending on the industry in which an organization operates, the number of users it has, its corporate culture and other factors, but the following should be considered: • Archiving can save an organization millions of dollars While archiving may not be a critical requirement to a particular organization on a day-to-day basis, a single e-discovery exercise or regulatory audit in which data can be rapidly gathered and assembled using an archiving system can save an organization from significant financial harm. For example, in June 2005 AMD filed suit against Intel and requested that email for a small number of Intel employees be preserved. The Intel employees in question were to copy the requested email to their hard drives. However, some employees did not follow instructions properly, resulting in the loss of email that should have been part of the discovery effort over a period of more than three months. The Wall Street Journal reported that Intel spent $3.3 million to process tapes to recover the necessary emails. While Intel can clearly absorb this cost easily, a smaller company could have been bankrupted by just one such incident. • Archiving can boost user productivity By automatically migrating content in the email store to an archiving system, employees can avoid the estimated 30 to 60 minutes per week they spend on staying under their mailbox-size quota limitations. This can save an estimated 25 to 50 hours per year per employee or $900 to $1,800 in employee productivity costs annually. • Think long term Email archiving provides a range of capabilities that may or may not be required today, but that could be useful in the future. For example, an organization may decide it needs to archive email primarily for e-discovery purposes. However, by implementing an email archiving system specifically for this purpose from a vendor ©2010 Osterman Research, Inc. 5
  • 7. Messaging Best Practices for 2011 that provides extensibility of the system, the organization has also implemented a storage management capability that it will need two years into the future. STEPS TO JUSTIFYING ARCHIVING As IT managers and others evaluate email and other content archiving options, it is useful to relate the requirements of business units, departments and individual users to various types of archiving capabilities. We recommend the following approach: • Survey internal users to determine the specific applications for archiving and the applications for which archiving will be used. For example, an internal survey in a financial services company should reveal a very high emphasis placed on email archiving for regulatory compliance and legal discovery purposes, and much less importance placed on data mining and storage management. • Plot these requirements graphically on a radar chart to create a map that shows the importance of various features relative to others. The chart will also reveal how “complete” a solution must be in order to satisfy that organization’s requirements. • We then recommend mapping the capabilities of each solution under review, also on a 1 to 5 scale, where 1 might be “not at all satisfactory” and 5 is “very satisfactory”, and superimposing it on the map of capabilities to determine how well each solution fits the requirements of the organization. • Any number of criteria can be added to the radar chart, including scalability, message throughput per hour, and the like. The goal of this type of analysis is two-fold: • First, it is important to establish a common set of criteria on which archiving solutions are COMMON PRACTICE evaluated. Each vendor will often have its Many organizations, particularly own set of evaluation criteria and product those outside of heavily performance specification – comparing these regulated industries like financial can be difficult and very time consuming. services, pharmaceutical or energy do not archive content, • Second, a graphical representation that instead relying on backup tapes shows functional requirements mapped for e-discovery, early case directly against each solution’s capabilities assessment or related activities. can be helpful in speeding the elimination process for solutions that simply will not BEST PRACTICE satisfy an organization’s archiving needs. Every organization should archive content for purposes of e- As part of the process for evaluating various discovery, regulatory compliance, archiving solutions, a more detailed set of storage management, decision requirements, questions and criteria should be support, data mining and established for the needs of particular maintaining a corporate digital departments or functions, but the analysis heritage. discussed above provides a good starting point ©2010 Osterman Research, Inc. 6
  • 8. Messaging Best Practices for 2011 for evaluating competing solutions. ARCHIVING IS NOT ABOUT IF, BUT ABOUT HOW MUCH Content archiving is not an option: important business records stored electronically, whether in email, on file servers, on users desktops, in databases, in Web 2.0 applications or in collaboration systems – must be retained. An email and content management system is a long-term investment that will yield benefits for many years in the context of e-discovery, its ability to satisfy regulatory audits, improving storage management, and the like. As a result, it is critical for decision makers to consider the impact of an archiving system on these requirements for many years into the future. For example, an email archiving system implemented today will be able to satisfy e- discovery requirements imposed upon an organization seven years from now. The same archiving system may allow an organization to reduce its storage requirements by just 10% per year, but with a cumulative impact of reducing storage requirements by 77% during the same seven-year period. In short, unlike an email system that may be replaced every three or four years, an archiving system will have longer term and more cumulative impacts on an organization. Encrypt Outbound Communications CONSIDER ENCRYPTION AS PART OF YOUR SECURITY STRATEGY Any organization should take a holistic view of their encryption requirements by viewing them as part of their overall security infrastructure. This requires that encryption not be viewed as a standalone technology or activity, but as integral with an organization’s control of viruses, worms, spam, data leaks, etc. A key part of this effort should identify who in an organization has the greatest need for encryption and where the deployment of encryption would enable the creation of business processes not currently available to them. The roles that could benefit most from encryption might include legal counsel, human resources, finance and other groups that regularly send sensitive or confidential information to others inside and outside the organization. However, Osterman Research has found that users who might not consider themselves as users of encryption often could make good use of it. For example, some roles/applications that could use encryption frequently include marketing managers when sharing new logo or product designs, analyst relations staff when sharing embargoed presentations, or public relations staff when distributing announcements to the press. Most often, these roles do not use make regular use of encryption technology despite the fact that they share sensitive data on at least a somewhat regular basis. YOU HAVE OBLIGATIONS TO PROTECT DATA It is also important to examine your obligations to encrypt sensitive communications and data based on state, provincial, federal and international levels, as well as other requirements that may not be regulatory in nature. For example, there are a variety of regulatory obligations to protect customer and other sensitive information in transit and at rest; each of which carries with it penalties for breaching this data. There may also ©2010 Osterman Research, Inc. 7
  • 9. Messaging Best Practices for 2011 be business partner requirements and generally accepted industry standards to protect data to which an organization must adhere. It is also important to examine the reach of obligations that may not necessarily apply to an organization today but that could impact it in the future. For example, the “new” HIPAA expands the obligations that used to apply only to covered entities to all of those entities’ business partners. That means that attorneys, benefits administrators, accountants and others that work with healthcare-related organizations and have in their possession PHI are now subject to the same obligations for data privacy. Status of Adopting Data Breach Notification Laws in the United States (as of October 12, 2010) CONSIDER YOUR DEPLOYMENT OPTIONS You should also evaluate the various deployment options and scenarios that are available and that might be useful. For example, deployment models range from completely on-premise solutions using servers or appliances to completely hosted/SaaS- based solutions. An organization may opt for policy-based encryption that takes the decision about encrypting individual emails out of the hands of users, they may opt to allow only manual encryption that is completely under the control of users, or use a combined approach. Encryption could occur at the gateway so that content remains unencrypted behind the firewall, or an organization could opt for desktop-to-desktop encryption. ©2010 Osterman Research, Inc. 8
  • 10. Messaging Best Practices for 2011 It is also important to consider the deployed encryption’s impact on email and other electronic COMMON PRACTICE content archiving. Because organizations are Encryption is performed only on obligated to preserve electronic business records the most sensitive content and for legal and regulatory purposes, the decision often inconsistently – a about encryption technologies will have an significant proportion of sensitive impact on how content is archived and how it is content is sent in the clear. searched and accessed in the future. BEST PRACTICE Further, content encryption should be viewed Enable encryption for all sensitive holistically in the context of every application in communication leaving the which it should be used: for email, real-time corporate firewall for purposes of communications, backup tapes, USB sticks, compliance, protection of laptops, smartphones, etc. intellectual property and mitigation of risk. It is important It is also important to view encryption as a to use layered encryption so that “green” solution because of its ability to securely sensitive data will automatically send and track content, and thereby eliminate a be encrypted if employees fail to significant amount of overnight courier use. For do so manually. This can also example, if encrypted email could replace just help to better train employees 1% of the leading overnight courier’s 3.3 million about what to encrypt by daily package deliveries, that would result in the sending them or their managers elimination of 8.6 million package deliveries a notice. annually. Manage Social Networking Content EVALUATE THE CORPORATE REQUIREMENT FOR SOCIAL NETWORKING Decision makers should understand how and why social networking is used in their organization. IT should conduct a thorough audit of how social networking is used, which tools are used, why they are used and so forth. This audit should also include a forward-looking focus on how these tools might be used in the future, how competing firms are using these tools, and new capabilities that might be employed in the future. There may be a significant disconnect between what IT perceives as a legitimate application of social networking and what individual users or business units perceive as legitimate. The goal, of course, is to balance the competing interests of both groups and derive the greatest benefit from the use of social networking while still remaining compliant with corporate policies and security requirements, which could include: UNDERSTAND WHAT CAN HAPPEN IF SOCIAL MEDIA IS UNMANAGED It is important to understand the consequences that can result when social networking content is not monitored, when business records in social networking posts are not retained, and so forth. It would be appropriate at this phase of the evaluation process to understand the potential consequences associated with not managing social networking use adequately. For example: ©2010 Osterman Research, Inc. 9
  • 11. Messaging Best Practices for 2011 • If business records are sent via social networking tools, management’s decision to purge this content could be seen as spoliation of evidence in a lawsuit. For example, if management decides not to preserve sexually harassing direct messages sent using Twitter, a party offended by this content that takes legal action may be entitled to access the archives of these posts as part of an e-discovery exercise and could claim spoliation in their absence. As with email or any other form of electronic content, the ramifications of spoliation can be substantial and include fines and sanctions imposed by the court, the requirement to pay the prevailing party’s legal fees, attorneys’ costs for additional motions, and other serious consequences. • Employers cannot interfere with the communications of employees who want to discuss work conditions or complain about their benefits according to rules codified in the National Labor Relations Act. This means that employers must tread a fine line between monitoring and blocking social networking for inappropriate use or sharing of content in an inappropriate way and preserving the rights of employees to share information. • Investment advisers cannot be the beneficiary of a testimonial or recommendation on LinkedIn because of the potential violation of Rule 206(4) of the Investment Advisers Act of 1940vii. This rule makes it illegal for an investment adviser to publish or benefit from an advertisement or testimonial that deals with their conduct as an adviser. • Registered representatives are subject to scrutiny when they post content on social networking sites, including monitoring of their posts and retention of their communications. TECHNOLOGY IS KEY TO MANAGING SOCIAL MEDIA Finally, any organization should deploy technologies that will do the following: • Employee posts should be monitored on every social networking protocol that might COMMON PRACTICE be used. This monitoring may be after the Most decision makers do not fact, such as sampling employee posts to think that social media provides check for inappropriate content; or it might value to their organizations, but be in real time to monitor posts before they they do little or nothing to leave the organization. Osterman Research manage it. has found that while many IT decision makers oppose the use of specific social networking BEST PRACTICE tools or at least find them not to be legitimate Understand the benefits and risks for use in a business context, far fewer of social media, implement actually do anything to prevent their use. policies focused on how it should be used, and deploy technology • All relevant content that might constitute a that will monitor, manage and business record and that might need to be archive social media content. retained should be logged and archived. It is generally easier to simply archive or log all social networking content than take the risk that some important content might slip ©2010 Osterman Research, Inc. 10
  • 12. Messaging Best Practices for 2011 through and not be retained, but this will depend to a large extent on the industry in which an organization operates and other factors. A key part of content logging is to ensure that the identity of the individuals who use social networking tools is clear and that content can be tied back to their corporate identity. • Most organizations will want to integrate their social networking archive with their primary electronic content archive. This makes legal holds, as well as searching across all electronic content during early case assessment and e-discovery, much easier and less time-consuming. • Threats that can enter an organization through social networking tools must be blocked. This is particularly important given the widespread use of short URLs that offer the user no visual cues about the veracity of the link, and the fact that many social networking tools can display content provided by individuals to whom users have not given permission to display posts. Summary Messaging and communications are absolutely vital to the way that organizations and users work, but current practice is lacking in several key areas: • Policies focused on use of email, the Web, Web 2.0 applications and other communication tools are often too general or, in some cases, non-existent. • Many organizations are not archiving their electronic content in a manner that will reduce their risk or their costs of managing storage. • Many organizations are not using encryption nearly to the extent that they should. • Most organizations are not yet managing social media appropriately. It is critical, therefore, for organizations of all sizes and in all industries to improve their practices focused on these key areas in order to reduce risk, reduce cost and make their organizations more efficient. ©2010 Osterman Research, Inc. 11
  • 13. Messaging Best Practices for 2011 Sponsors of this White Paper ! DataMotion™, Inc. is a leading provider of information delivery solutions that enable businesses to safely and easily transact with partners and customers. DataMotion solutions leverage your existing IT infrastructure ! resulting in rapid deployment and a quick DataMotion return on investment, saving as much as $5 35 Airport Road for every $1 spent. Core applications of the Suite 120 DataMotion suite include encrypted e-mail, file Morristown, NJ 07960 transfers, electronic forms and programmatic APIs for integration. Solutions are available +1 800 672 7233 as hosted services or on-premise software. www.datamotion.com DataMotion’s unified platform provides visibility, security, management and reporting to all data exchanges - helping customers streamline business workflow and achieve regulatory compliance. For more than ten years leading healthcare, insurance, pharmaceutical, financial services and government agencies have trusted DataMotion for safe data delivery. For additional information and a free trial account, visit www.datamotion.com. Actiance enables the safe and productive use of Unified Communications, collaboration and Web 2.0, including blogs and social networking sites. Formerly FaceTime Communications, Actiance, Inc. Actiance’s award-winning platforms are used 1301 Shoreway by 9 of the top 10 US banks and more than Suite 275 1600 organizations globally for the security, Belmont, CA 94002 management and compliance of unified USA communications, Web 2.0 and social media +1 888 349 3223 channels. Actiance supports all leading social networks, unified communications providers 400 Thames Valley Park Drive and IM platforms, including Facebook, Thames Valley Park LinkedIn, Twitter AOL, Google, Yahoo!, Skype, Microsoft, IBM and Cisco. Reading, RG6 1PT United Kingdom For more information about Actiance’s award +44 (0) 1189 637 469 winning platform, please visit http://www.actiance.com. www.actiance.com ©2010 Osterman Research, Inc. 12
  • 14. Messaging Best Practices for 2011 Global Relay's Hosted Email Archiving & Messaging Services provide businesses with easy-to-use professionally-managed, email archiving, email continuity and email security solutions. The Message Archiver, Global Relay's core email Global Relay Communications Inc. archiving technology, seamlessly 220 Cambie Street, 2nd Floor integrates with all email and instant Vancouver, BC messaging systems to deliver the fastest V6B 2M9 online search, retrieval and monitoring Canada capabilities on the market today. Its +1 866 484 6630 enterprise-class, web-based email www.globalrelay.com archiving tools address the demands of regulatory compliance, audit and eDiscovery, while alleviating the burden of data management, email archiving, storage, security and business continuity, including migration of historical data. Built on a reputation of customer service, technical expertise and compliance excellence, Global Relay has delivered Hosted Email Archiving & Messaging Services for over ten years and has never lost a message, nor had a security breach. We help our customers stay organized, competitive, compliant and in control. © 2010 Osterman Research, Inc. All rights reserved. No part of this document may be reproduced in any form by any means, nor may it be distributed without the permission of Osterman Research, Inc., nor may it be resold or distributed by any entity other than Osterman Research, Inc., without prior written authorization of Osterman Research, Inc. Osterman Research, Inc. does not provide legal advice. Nothing in this document constitutes legal advice, nor shall this document or any software product or other offering referenced herein serve as a substitute for the reader’s compliance with any laws (including but not limited to any act, statue, regulation, rule, directive, administrative order, executive order, etc. (collectively, “Laws”)) referenced in this document. If necessary, the reader should consult with competent legal counsel regarding any Laws referenced herein. Osterman Research, Inc. makes no representation or warranty regarding the completeness or accuracy of the information contained in this document. THIS DOCUMENT IS PROVIDED “AS IS” WITHOUT WARRANTY OF ANY KIND. ALL EXPRESS OR IMPLIED REPRESENTATIONS, CONDITIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE DETERMINED TO BE ILLEGAL. i Osterman Research survey conducted during November and December 2010 ii http://www.nytimes.com/1995/02/22/us/chevron-settles-sexual-harassment-charges.html iii http://commonlaw.findlaw.com/2009/09/personal-data-an-email-error-security-breach-notification-laws.html iv http://www.finra.org/Newsroom/NewsReleases/2010/P121506 v Optowave Co., Ltd. v. Nikitin, 2006 U.S. Dist. LEXIS 81345 vi http://www.bailii.org/uk/cases/UKEAT/2004/0476_04_2709.html vii http://newrulesofinvesting.com/2009/03/22/adviser-use-of-linkedin-may-violate-sec-rules/ ©2010 Osterman Research, Inc. 13