Download Report

1
SharePoint Records and
Compliance
Anthony Woodward
Australia
Introductions
Anthony Woodward
Chief Technology Officer
RecordPoint
• Technology professional with fifteen years of experience in information
technology focusing on Records management and collaboration.
• Software Engineer when my schedule lets me
• Member of the Microsoft Partner Council (SharePoint) and a Microsoft Virtual
Technical Specialist.
• Broad range of corporate and government business problems including
technical publishing, product data management, and records management.
3
Do I care?
Why do we need to Records
Manage at all?
Examples of What NOT to do!
Compliance Hall of Shame
Bernie Ebbers
Former CEO of WorldCom
Now Serving 25 Years
Luke Duffy
Formerly of National Australia Bank
Now Serving Time, Took Down CEO
Ken Lay
Former CEO of Enron
Facing 175 Years
Gale Norton
Secretary of the Interior
Held in Contempt of Court
Morgan Stanley
Fined $1.45 Billion
Stock Price Down
CEO Removed
Liu Jinbao
Former CEO of Bank of China
Now on Death Row
4
Are you one of those in the Board Room
or “middle management”?
5
Value Proposition for Records
Management
 Globally the courts will view the following as “BAD” =
1. NOT having a Records Management Program
2. NOT having a consistent deployed Records Management Program
3. NOT having a Data map (knowing the where, how, when regarding
retrieval of your own data)
4. NOT having performed an audit of your Records Management
Program and eDiscovery Plan
 Single Enterprise Search / e-Evidence Discovery (records &
non-records)
 Consistency in the control and classification
 Consistency in ability to manage business records
 Centralised application & release of Hold Orders
 Centralised disposition authority for the enterprise
6
Any Predictions on how this will turn out?
7
What are the Implications?
 More audit and court fines, out-of-court settlements, etc.
regarding e-mail than another other document type.
 Implications of Unified Communication: Retention of those
Communications
 e-Mail, Instant Messaging (IM), fax, v-Mail, Snail Mail, ??? (what’s
next Blogs, Wikis, Twitter, Facebook?)
 What is your corporations Legal Position?
 Keep everything destroy nothing
 Keep nothing destroy everything
 All e-Mail is created equal
 Regulatory Drivers
 Ensure timely and complete disposition / expunge of “ALL”
copies
 Ensure privacy and record security policy
8
Agenda
Agenda
SharePoint is here…
Sources: “State of the ECM Industry 2011,” AIIM, March 2011; “Microsoft TechNet,” Microsoft, February 9, 2011
CONTENT
So what are we using SharePoint for?
Source: “SharePoint Industry Watch,” AIIM, July 2010
SharePoint
Share
Enterprise Content Management
Create
Create and organize
content easily
Control
Manage content policy,
information architecture
and taxonomy
Protect
Reduce risk and manage
compliance with centralized
tools
1
2
3
ECM has evolved, where content
creation and organization is
intuitive and simple through
discovery and collaboration
Ensure compliance is achieved
through content policy,
information architecture and
taxonomy
Centralized eDiscovery across the
Office platform helps protect
organizations by improving
compliance without affecting user
productivity
Agenda
What is Records
Management?
Practice of identifying, classifying,
archiving, preserving, and
destroying records according to a
set of pre-defined standards
Why Records
Management?
Increasing pressure to manage risk
more effectively through improved
compliance with regulatory and
corporate policies
Government and industry
regulations
Singapore Government
Information Management
handbook, ISO 15489 & ISO
16175, MoReq and DOD 5015.2
Legal eDiscovery
Court Handbook of Singapore etc.
Records
Management
Challenges
• Difficulty applying retention
policies to content
• High costs of complying with
new laws and regulations
• Difficulty providing access to
controlled records
• Heavy reliance on IT
• Poor user adoption of records
management solutions
Records
Management
Strategy
You should view retention and
records management as a
component of the overall
document lifecycle to reduce risk
and improve compliance with
increased adoption
Content Lifecycle
Publish/
Declare
Review
Create
Collaborate
Approve
Archive/
Destroy
Expire
Agenda
What’s New in SharePoint 2013?
• SharePoint 2010:







Content Organizer
Document Sets
Document IDs
Location-based metadata defaults
Metadata navigation
In-Place Records
Site-based eDiscovery and Holds
• SharePoint 2013:
 SharePoint 2010 features,
plus:
Site Retention
Site Mailboxes
eDiscovery Portal
Cloud Parity
What’s new in SharePoint 2013
Microsoft’s two key goals for SharePoint 2013:
• Investment in ‘cloud-first’. For example, you
can now do records center in the cloud.
• By making most aspects of content easier to
use, you get better adoption and information
governance.
SharePoint 2013: What’s New in
Records Management
Site Mail Boxes &
e-Discovery
Cloud Parity
Site Retention
Site Retention
Compliance features of
SharePoint Server 2013 have
been extended to sites.
You can create and manage
retention policies in SharePoint
Server 2013, and the policies
will apply to SharePoint sites.
Site Retention
Compliance officers create
policies, which define the
following:
• The retention policy for the
whole site
• What causes a project to be
closed
• When a project should expire
demo
Site Mailboxes
Site Mailboxes
Easy to add an associated mailbox
for a site
Drag emails from Outlook into
document libraries
Manage emails as records
Close and expire sites and
mailboxes together
eDiscovery Portal
SharePoint 2013 InPlace Holds
Exchange 2013 In-Place
Holds
Query-based
preservation
Unified Discovery across Exchange, SharePoint and
Lync
 Find it all in one place (unified console)
 Find more (in-place discovery returns the richest data)
 Find it without impacting the user (Give legal team discovery, leave
IWs alone)
Discovery Center in SharePoint
Unified Preserve, Search and Export
Exchange Web Services
Connect to Exchange to get mailbox data
Lync Archiving to Exchange
Exchange is the compliance store for Lync
Search Infrastructure
Exchange and SharePoint use the same search platform
Legal can create
discovery sets for inplace preservation
View in-place hold stats in
real time
Create queries to trim
down content required for
analysis or export
Add Exchange mailboxes,
SharePoint sites and file
share sources
Preserve content in original
location with true fidelity
Unified search query
across Office platform
Reduce preservation set
size with additional filters
View breakdown of
results and size statistics
at-a-glance
Multiple
message types,
including Lync
Preview content prior to
export
Tabbed results
Preserve
discussions and
feeds from
SharePoint
Export content to EDRM
XML standard format
Options for deduplication, IRM removal
and document versioning
Cloud Parity
Records Center: cloud parity
Document IDs
Multi-State Retention
Per-Item Audit Reports
Hierarchical File Plans
File Plan Report
In-Place Records Management in the
cloud
Taxonomy
Central Content Types
Content Organizer
Virtual Folders (Metadata Navigation)
demo
Agenda
Records Management Challenges
 Difficulty applying retention policies to differing content
 Granular Retention control – OOTB SharePoint only has
limited actions:
 Heavy reliance on IT
 Poor user adoption of records management solutions
 Records can still mean managing Paper/ Physical records
Considering Records in SharePoint?
 How much content do you have?
 What types of content do you have?
 Can you maintain the experience?
 What are your compliance requirements?
 Who will be using SharePoint, and how?
 How long do you plan on keeping your content?
 In SharePoint…
 In your company…
 What version of SharePoint do you have?
Considering Compliance for SharePoint?
 What are your compliance requirements?
COMPLIANCE
Source - http://rimtech.ca
Microsoft’s Research
A considerable amount of the
requirements of International
Council of Archives standard is
delivered SharePoint 2010.
• 88% of Records functionality as defined by the ICA standard (ISO 16175) is
now available “out of the box” using Sharepoint 2010
• Additional configuration and Third party applications are required to provide
specific records compliance functionality
RecordPoint




Delivers Compliance to ISO standards
Built into SharePoint
Seamless end user records experience
Records Manager tools:









Rules driven
Definable aggregation
Disposal Reports/ Workflows
Export/ Import tools for Records
Physical File/ Record Management in SharePoint
File Request Management
Records Reporting
Single view for Records team
Enhances SharePoint Term Store for BCS
Deliver Best-in-Class Hybrid Cloud
Coming Soon
Common
Technologies
The RecordPoint
Difference
Identity ▪ Virtualization ▪ Management ▪ Development
Private
•
•
•
•
Hybrid Support & the Commons
RecordPoint Collects from Cloud
Total Cost of Ownership
On Premise or Hosted Solution
Public
•
•
•
Hybrid Support & the Commons
Built in Azure
Higher-level Services
49
Next Steps…
 Take Office 2013 for a spin!
 Try Office 365 Preview
 http://www.microsoft.com/office/preview/
 Twitter: @woodwa
 Blog: http://www.recordpoint.com.au/blogs/
Evaluations – How did I do?
http://tinyurl.com/spcsea
51
Thank You
Anthony Woodward
CTO
email: [email protected]
personal twitter: @woodwa
More Information on RecordPoint at: http://www.recordpoint.com.au
Or Follow RecordPoint on twitter @recordpoint
Thank you to our sponsors
53