It's so simple - just a few files to the members of a workgroup -
yet the impact on e-mail servers is devastating, Nick Booth
assesses whether e-mail's massive popularity can be controlled
without resorting to drastic measures.
E-mail is like a loaded gun. In the wrong hands, it can cause a lot
of damage and you can end up in jail. But it is too late to change
it now, the genie is out of the bottle. So perhaps it is time for
some rules to be laid down.
The problem with any technology is it creates at least one
unforeseen new problem to replace the challenge it has helped
overcome. For example, we can do anything from the comfort of our
desks these days, which is marvellously efficient. But to ward off
the toll this sedentary life has on our health, we have to join a
gym and spend hours on a treadmill, simulating the journeys to the
fax machine and the post room that have been eliminated from our
daily routine.
Business systems seem to be similarly cursed. E-mail has struck a
chord with users because it conveniently caters to the way humans
would like to work. Opinion varies as to why the working population
has taken so enthusiastically to e-mail, but there are two schools
of thought. Some say e-mail is popular because of its enormous
productivity benefits. Other users point out that this is the first
system to allow you to spend all day sending jokes to your friends
while giving the impression of working hard.
It is indisputable that e-mail is massively popular. Each of us now
sends the same volume of e-mails in a day that we would have sent
in an entire year at the beginning of the 1990s, according to a
study by analyst firm Gartner Group. Its latest report says the
average worker now spends just under an hour a day managing e-mails
and a third of all e-mails (34%) are not related to work or to the
company. A quarter of all e-mail users spend more than an hour a
day on this activity.
Even when e-mail is not being used to send cartoons and distribute
viral marketing campaigns, its ability to replicate documents
across the network is becoming increasingly dangerous. While
electronic systems can drive workflow, projects can become derailed
as members of a group working together end up going in various
directions as they refer to different versions of the same
document. All because of their enthusiastic but undisciplined use
of the system.
"These days, about 30% of all documents are carried in e-mails,"
says Ovum Research's storage analyst Graham Titterington. "More
than half the overhead for firms is in managing documents, but
unfettered use of e-mail is driving that figure up."
Most IT managers are all too familiar with the IT-related problem
that e-mail has created, though according to Gartner only 2% of
local area networks have document management systems in place. One
IT manager, Paul O'Nolan at the International Rice Research
Institute, seems to have had a hard time.
"When we had the so-called people power revolution here, the
Internet, e-mail and mobile phone text messaging in particular were
a huge part of what brought about change. Our mail system ran red
hot on the Friday of the outbreak of unrest in Manila. Every
available communications channel - phone, cellphone, fax, e-mail,
our Internet connection - was busy. Our Exchange system's disc
consumption shot up dramatically and a few days later I discovered
that we'd gone down to 32Mbyte on a 25Gbyte drive, which didn't
even offer me the space to defragment the information store,"
explains O'Nolan.
The upshot was more than a day of downtime. A good old-fashioned
disc crash soon followed. The aftermath was even more
embarrassing.
"Back-ups were taking 10 hours using digital linear tape and the
length of time it took to do restores and to run repairs on the
mail database - twice, we had backed up corrupt data - was a major
factor in keeping the system down for two days," O'Nolan
says.
The planned solution had a technical and a cultural bias. On one
hand, the IT department instituted shared storage with snapshot
capabilities and high speed back-up. It also appealed to employees
to mend their ways, asking them to use centralised storage.
What is called for is a change in business culture, say many IT
manufacturers. Andrew Gilfrid Day, chief technology officer at
ihave moved.com, is adamant that users must adapt to suit the
technology.
"Workers copy e-mail too freely and archive them too much.
Companies should implement a system to change the culture, so
people tell colleagues where to look for information rather than
sending them a copy. The ability to access shared work is one of
the reasons for the existence of electronic software, yet many
companies are failing to use it in the way it was intended. As well
as reducing archive materials, using central storage, say intranets
or shared servers instead of copying, ensures workers only ever see
the most recent copy of a document," Gilfrid Day says.
But efficient though it is if people use e-mail shortcuts to a
centrally held document, this involves more work for the user than
hitting buttons. When it is as easy to send a map of a document's
location on a server, as it is to just attach it, the problem may
go away. And then there's the small matter of engendering an
intranet usage culture in the first place.
Users will co-operate on modifying their e-mail use, but only when
it is convenient for them, advises Dan Chase, IT manager at
marketing agency Bite Communications. The best thing to do is to
work with them. You cannot stop people sending massive graphics
files around, so it is better to limit the damage.
"At Bite, we have a series of aliases so only people who want or
need to receive e-mails and attachments do," says Chase. "Along
with all the individual client teams and project aliases, there are
aliases for account execs, account managers, lads, ladies, first
floor, second floor, football, smokers, party and 'funny' which is
an opt-in for those who want to receive puerile humour.
"For attachments, there is a folder on the mail server called
'flotsam' where all .exe and .wav files and the like go. The
premise being that people will send them round anyway so they
simply put the file there and e-mail the 'funny' alias. Anyone
sending an attachment to the whole company is publicly humiliated
and rarely does it again," Chase says.
But this is only feasible at smaller companies like Bite. At a
larger firm, there would not be the same level of co-operation
between users and their IT department, as there would be less
interaction.
Anne Marie Wolf is chief information officer at multinational
advertising agency Grey Global, one of the biggest ad agencies in
the world. "Our biggest e-mail document problem is people copying
20Mbyte Powerpoint presentations, but that's way down the scale
against digitised graphics and video files that get circulated in a
company like ours. Those are the really big digital asset
management challenges that big corporations face."
Nonsense, says Lars Davies, professor of IT and Internet law at the
University of London. The logistics of managing large numbers of
files may be stressful, but you will not go to prison if you get it
wrong. What most IT managers don't realise is that e-mail presents
a significant legal threat to organisations.
"E-mail in commerce is a potential 'Go To Jail' card but only 1% of
IT managers seems to be aware of their legal obligations to keep
all electronic records," says Davies.
This ignorance stems from the misconception that e-commerce works
in a non-regulated environment. "That's tosh. An e-mail has
enormous evidential weight and there have been some well publicised
cases of companies that were successfully sued on the strength of
an e-mail," adds Davies.
Norwich Union was sued last year over a libellous e-mail about a
third party that was sent between two of its employees.
"There's this idea that if you delete an e-mail, nobody can prove
it was sent, but the other party has a legal right to access to
your system. Individuals, companies and directors are liable for
e-mails and they could go to jail," warns Davies.
"I like the US approach. They have no qualms about chucking
directors in jail and they lose everything," he says.
Although prison is unlikely, the legal liability in the UK is a
potentially huge financial burden. The legal imperative to keep all
e-mail is one that has storage and archiving manufacturers rubbing
their hands with glee.
No request for information about e-mail admissibility goes without
an advertising plug. The British Standards Institution has
guidelines regarding messaging and e-mail admissibility. "BSI
PD5000:1999 says it is necessary to store confirmation of receipt
to a tamper-proof storage system. For the highest level of
confidence, 12in Trueworm optical solutions are available," says a
supplier's spokesman.
IT manufacturers would naturally like IT departments to keep every
single e-mail and attachment, since this would force even more
money to be spent on storage and retrieval systems, which are
already the fastest growing markets in technology. But are there
not some more pragmatic solutions, rather than throwing money at
the problem?
Surely viruses and worms can aid the IT manager here. If people are
scared to open unsolicited e-mails and think any questionable
material on their machines might be copied to everyone on their
address book, they will be more circumspect about their e-mail use.
But no IT manager Computer Weekly interviewed seemed willing to
capitalise on this fear.
"We have tried to cut down the inbox load but it will probably be a
never-ending battle," says O'Nolan. "I try not to fight human
nature. I don't think I'd want to work for an organisation that
did."
The only option seems to be a policy of disciplined back-up and
retrieval, which leaves the IT manager to shoulder the
responsibility.
How many e-mails are we sending?
Gartner found that
more storage was deployed in 1999 than all previous years added
together. And according to IDC:
- Data management and services market will increase by 12% by
2003 to $1bnCorporate enterprise e-mail users worldwide generate
four billion e-mail messages a dayE-mail traffic is expected to
grow close to seven billion messages a day by 2003The problem of
archiving and retrieving e-mail information doubles every two
years
.
What are our attitudes to e-mail?
In a survey in the
US, IDC found that:
- 71% of people questioned said they regard e-mail as an
essential tool for doing their jobs59% send and receive
non-business related e-mail through the office system37%, said they
would open an e-mail containing the phrase "I love you" 25% of
people who do not send non-business related e-mails would open an
e-mail titled "I love you" if it was from someone they knewMore
than a quarter said their PC had been infected with a virus 11%
received the Love Bug virus.
E-mail and the law
The real question you should ask
about your messaging systems is not whether you can rely on them,
but if they are secret, warns Lars Davies, professor of Internet
and IT law at London University.
"Encryption is a waste of time. What you should really worry about
is the content, because once the content has been unencrypted, it
has sufficient evidential weight to be used against you," says
Davies.
In his capacity as a law professor, Davies says he is often
approached by companies asking advice about e-mail difficulties
they have got themselves into. "A lot of the time it's their own
negligence that's got them into trouble," he says.
The questions you should ask are simple:
- Do your internal communications have evidential weight? Can you
rely on them? Would those words, under most circumstances (such as
a letter or fax), amount to a legal contract?
The most common misconception is that e-mail is not legally binding
because it can be changed. But so can documents and that has not
stopped them from being accepted as legally binding. "People worry
that if e-mail can be altered or it can be changed, that in some
way means it can't be relied on. Not so," Davies says.
Of much greater significance is whether the parties have been
identified correctly in the e-mail message. The trouble with
encrypting e-mail, as a means of self-defence against litigious
third parties, is that they have a legal right to access your
systems. There have been cases that Davies has advised on where
companies have been forced to hand over servers and other hardware,
for investigators to search records for incriminating e-mail
messages. So the adage that possession is nine-tenths of the law
does not apply in e-mail libel cases.
Too often, when companies consider their legal position over e-mail
and the law, they consider from a commercial perspective. But use
of e-mail in e-commerce is only one strand of a complex web of
issues. All the usual laws apply to e-mail. And then some.
"There are specific laws which were drafted to relate to certain
features of e-mail, but they only caused confusion. For instance,
in 1995 the Civil Evidence Act allowed electronic information
without question. You can admit it to the court," Davies
says.
The amount of evidential weight the court will place on the message
depends on the circumstances. The factors under investigation will
be the means of storing data, the systems that were used and their
methods of operation. These are all the issues you will be forced
to familiarise yourself with if you are dragged through the courts
and you will need to prove your argument. Which, as Davies says, is
very difficult and time consuming, so you will need a system which
obviates that need.
Signatures were regulated by the passing of the Signatures
Directive in the UK. Then there is the Communications Act in the UK
and the Uniform Electronic Transactions Act in the US. The upshot
of these is that you can rely on signatures and contract
electronically between two individuals, ie private parties, not
between an individual and a government body.
Contracts are covered by the Commerce Directive and the
Communications Act. There are also other acts which apply: the Data
Protection Act, for example, because the e-mails identify living
parties.
In advertising, the Data Protection Act and the Data Protection
Directives apply. Spamming is another dangerous area. If
unauthorised commercial messages incur additional costs for the
recipient, they are illegal. On this issue, the rule of law seems
to be nebulous.
"How that is going to be implemented in various member states I am
not yet sure, but it will be implemented," says Davies.
Then there is Human Rights Act. "It is not about getting access to
encryption. It is not about snooping. It is about getting access to
information if it is required. If you encrypt it, you have to
provide the keys or the key holder has to provide the keys. You
cannot get round your legal liability using technology," says
Davies. Some innovative companies have tried placing their servers
abroad. But even they cannot escape their responsibilities.
There is a huge welter of laws applicable to e-mail and only 1% of
IT managers are even aware of their existence.
Top tips for reducing e-mail overload
- E-mail on a "need to know" not "just in case" basis. Think
before you copyDivert all copied mail you receive to a separate
folder where they can fester. Autodelete after a monthDo not send
an attachment, save it to a server and send the linkDivert "serial
spammers" into the binNever replace communication with
e-mailBrevity is everything. No message should take more than one
screenSet up mails to colour-code receipts from important
peopleHave a series of aliases people can opt in and out of, to
avoid unwanted jokes being circulatedBe ready for seasonal
fluctuations. At Christmas, staff exchange greeting files they will
forward to othersLet users know the cost of space and the nature of
e-mail propagation. Too often, they are unaware.
Source: Geoff Barrall, BlueArc
How SAP cured its Exchange server
headache
The software developer SAP has 15,000 employees
worldwide and the only way to cope with the volume of data they
send is to provide 50 servers for Microsoft Exchange systems.
Even then, server overload was a constant issue, with the
increasing volume of e-mails sent and the size of attachments
growing daily. Performance was being hampered as hard disc capacity
was eaten away by all these files.
Bernd Himmelsbach, responsible for the operating performance of the
Exchange servers, was a worried man. He thought that at the very
most, SAP could only afford a server to be disconnected from the
Net for a maximum eight hours or the other servers could not cope
with the extra capacity. So he tried to head off the problem by
limiting each user to a mailbox capacity of 80Mbytes.
"But many staff couldn't manage on that," he says.
He dismissed the idea of investing in additional kit like hard
discs, servers or Raid systems. The admin costs, in terms of
reloading and back-up times, would be more exorbitant than the
price of the kit.
The answer was to use a bolt-on Exchange utility, called Ixos
Exchange archive, which archives e-mails and attachments to a
separate server. This decreased the database size and boosted
server performance by 90%.
"On a global scale, that means we can save ourselves the cost of
between five and 10 Exchange servers," says Himmelsbach.
Or does it give users a licence to send even more e-mails and
bigger attachments?