LISTSERV - RECMGMT-L Archives - LISTSERV.IGGURU.US

RECMGMT-L Archives

Records Management

RECMGMT-L@LISTSERV.IGGURU.US

	LISTSERV Archives
	RECMGMT-L Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives
Options:	Use Forum View Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]
Subject:	Re: The sad truth about tape management by storage providers
From:	Hugh Smith <[log in to unmask]>
Reply To:	Records Management Program <[log in to unmask]>
Date:	Wed, 28 Mar 2007 11:40:00 -0400
Content-Type:	text/plain
Parts/Attachments:	text/plain (144 lines)
Snips from Larry and Bill


> From:    "Roach, Bill" <[log in to unmask]>
> Subject: Re: RAINdrip: The sad truth about tape management by  
> storage providers

>
>>> More to the point, who has to pay the fines (if there are any),  
>>> suffer the consequences of bad press,  and penalties for  
>>> providing credit checks for a year, when it happens?
>
> Herein lies my point.  It is the organization who is held accountable,
> not the service provider.  And it's not just IM.  I recall numerous
> RAINdrops where the responsible party was a contractor (other than IM)
> who had the data on a laptop or other device.  It is reality that
> matters and the reality is that the organization compromised is the  
> one
> held responsible, not the organization that does the compromising.

I just had lunch with an attorney that had records management under  
his control for a Fortune 100 Company and he had some interesting  
comments.

He encouraged his company to bring records back in-house because he  
could not get his vendor to accept any liability at all for their  
actions with his records and media. He pointed out to management the  
cost increases that occurred to their insurance when their offsite  
storage contract so clearly defined that their offsite storage  
company waived ALL  liability for even the most heinous behavior.

He made the case that they could save money by using smaller vendors  
that would accept some defined measure of liability. His insurance  
company saw that the vendor now had a stake in protecting their media.

Think about it ........... If your vendor has absolutely no risk when  
they lose your tapes, or drop them off at another company in error,  
or their employees sell your records out the back door and they claim  
you should have encrypted, your insurance company sees this as a huge  
increase in your exposure.

The vendor doesn't even need to worry about losing the account as it  
has been demonstrated time and again that no matter what befalls your  
records, you renew the contract.  Right?  Did any of these companies  
claim "I am not taking it any more! I am moving to a better vendor or  
at least a different vendor to punish the first vendor  for negligence?"

In addition, this attorney pulled records management out from under  
Facilities and distributed the costs; and it made all the  
difference.  He then billed each department for their own portion of  
the costs.  Right away Managers were saying "Why are my costs  
increasing so dramatically?"  He would reply "Your staff never gets  
rid of anything."  And then changes started happening.

They demanded their vendor provide some measure of accountability and  
they declined.  They pulled it all back from that vendor that recused  
themselves from all liability and chose vendors that carried some  
insurance. Their new vendors helped them manage the records. With the  
decrease in storage costs they benefitted and now someone was taking  
care of the records that cared about keeping their business and had  
accountability.  Their costs dropped dramatically.

I can cite one example of a large financial company that moved from  
the large storage company to a more  strategic media vaulting company  
and their costs dropped by 1/3 and they were in a Class 125 Vault not  
a sheet rock (gypsum board) room, the environmental was per ANSI  
Guidelines and the building security, vehicle security and access was  
all of financial services ratings.  Plus the employees were all bonded.

In our current legal environment, management is starting to pay  
attention along with the auditors to positions of extreme risk.  But  
it is not all sad!  There are options out there.  But as I have heard  
so many times at the annual convention:  "Oh I could never store with  
anyone else.  I would have to review three invoices instead of one!"

But consider this, if you were to use three companies with Owner  
Managers, not warehouse managers, controlling your information  
assets; you distribute your risk.  You have more insurance coverage  
as each company has their own policies.  Plus you deal with a company  
that cares about their image and your loss as they don't have a  
million dollar PR department to plaster the industry with "Happy  
Days" Press Releases to make you forget about their most recent loss.

As the lawyer said yesterday "So many people store with a large  
company as they think this gives them more protection.  But a simple  
review of the storage contracts show that this is not true."

In fact, the large company comes out with its own PR Department to  
claim to the world how negligent you were in not encrypting.  No  
matter how big the loss, they have contracts that deny all liability  
and due to their size, your legal department says fighting them will  
be too difficult.

You will see dramatic changes this coming year.

The large companies have bought people in peripheral markets and then  
closed their doors.  The records are now moved two to three hours  
away.  Too far for rapid disaster recovery. And you better hope you  
never need a rush delivery.

Too far for efficient truck runs so FedEX and other less expensive  
couriers are used.  When they lose records the courier is blamed. In  
the beginning they use the better courier but then the goal of ever  
greater profits says "Use the cheaper guy."

If your contract does not have a clause the abrogates the contract  
upon sale to a different vendor you are making a huge mistake.  This  
eliminates your hostage fees as well.

We are only at the beginning of the degradation of service.  
Consolidating all of an Iowa or Nebraska or Indiana into one city  
means huge warehouses and increased fire risk.

Every decision about your records will be made on increasing profits.  
With no risk in the contract why should they do anything to protect  
your records?  You don't have to be futurist to picture the new world  
that is being made.

A new model is being developed where service will matter, where  
protection will matter and a whole new breed of service providers  
will deliver these services  So I predict Sad will turn to something  
else.  Corporate America will not continue to store all their eggs in  
one poorly designed basket. Especially if that model has no benefit  
to them.  Yesterday's meeting was all about the realization that the  
most savvy corporations have bought into a bad business model.

Evaulting, Server Vaulting, Co-location are all examples of the  
turning of the Queen Mary. Poloroid was riding the crest of instant  
pictures until Digital blew the model up.

Records managers should seize control of media storage and e-records  
or at least become a joint player as this is where the changes will  
occur and you want to be part of it.

Hugh
[log in to unmask]





List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance
ATOM RSS1 RSS2
LISTSERV.IGGURU.US