In a recent article for CMSWire titled "Office 365 is a Disaster Waiting to Happen," Joe Shepley states that Microsoft is helping new Office 365 clients to migrate their shared drive content to the Office 365 environment. The problem is that “no clean up is going on: Microsoft is simply moving everything a firm has to O365.” Joe goes on to explain that this will “increase the risks associated with e-discovery, records management and information security because it makes it harder (or impossible) for firms to comply with regulations, industry standards, etc.” Later in the article, Joe states that “if anyone deserves a bashing, it’s us. The folks who own the content.”

    The article, and extensive comments afterward, continues to discuss the merits of cleaning content and whether Microsoft or the client is to blame for not doing a cleanup of the data prior to a migration. The “cleanup” issue is discussed at a very high level, as if it is something that can easily happen if the right person would just say, “Clean up your shared drives,” and poof, all the trash gets taken out. Nowhere is it discussed and pointed out just how hard and expensive it is to do a file cleanup and actuallydelete/destroy files. While Joe is right in saying that the owners of the content should be taken to task, I think it should be pointed out what a Sisyphean task it is for any office worker (or company) to delete large numbers of files.

    I think that our industry—vendors, consultants, associations and conference speakers—has contributed greatly to the fear, uncertainty and doubt (FUD) factor, causing many companies to back away from anything that relates to records management and file destruction. I can’t begin to count the number of conference sessions, articles and client presentations that go into great detail about how you can be fined, sanctioned or even jailed for destroying documents and records without the proper procedures and handling. (Yes, I am one of “those” consultants, but I have been reformed. Hallelujah Brother!)

    Let’s look at a possible scenario: If we agree, for the sake of argument, that we can have, on average, 4,000 office documents on one gigabyte of storage, or approximately 4,000,000 documents on a terabyte, and if roughly 50% of those documents can be destroyed, we are looking at 2,000,000 documents available for destruction. Here are some questions that need to be worked through:

    1. Identify and document the business need and legal justification for large-scale destruction of business documents (including records).

    2. What is the return on investment (ROI) for the time and cost of destroying two million documents? Also assume that the original shared drive is not going to go away for at least one year after it has been cleaned up. People involved will be N+1 office workers, legal, information technology (IT), unit managers and C-level managers.

    3. Legal will have to first identify the conditions under which a document can be classified as available for destruction. Part of this will be to identify legal hold documents. All of this is to be done on a file share that has no inherent metadata capabilities—what you see is what is there.

    4. Once identified for destruction, files should be passed by the file owner for approval. Many of these files will have no owner, and either the business unit or legal will have to review and approve the destruction.

    5. Once a set of documents is identified and available for destruction, there should be a log of the documents that are destroyed to show any future legal or audit requests that those documents were purposely destroyed according to an approved business process (think spoliation).

    If equally divided among departments, let’s say five departments, that would be 400,000 documents per department to be reviewed, and if we had five people per department, that would be 80,000 documents per person that each person may have to touch in some manner in a fairly short amount of time. This is not to mention the work by IT to initially identify and isolate the target files, the work by legal to approve the final set approved by the business unit and final work by IT to document the destruction.

    While the above scenario is somewhat idealized, it represents the minimum amount of work and involvement by numerous people at various stages in a lengthy process. In no company that I have ever been in, or talked to, would authorize the identification and destruction of two million documents just by IT doing a search for “old” files (files older than 15 years is a “safe” bet, but make sure you retire in the next year or so).

    So, what are the options that you have? My own opinion is, given the unique circumstance of getting free migration work and support from Microsoft, is to take it and live with it, but of course, it is not as simple as that, is it? My other suggestion would be to hire a company that specializes in large-scale document destruction. I say a company because they have the tools and experience to guide you to a proper decision. You may not actually do it, but if not, you will know what you have and what it will cost to destroy it. My last suggestion is the reference to Sisyphus—if you make the decision to do a large-scale cleanup, ensure that you are not in the same position with the new system in five years. If no new controls are put in place and monitored, or old controls revisited, chances are nothing will change.

    I do want to stress that I don’t disagree with Joe’s article, or the subsequent comments, but I just don’t think a real picture is being painted. Large-volume document destruction is a big, messy problem with many, many issues, agendas and differences among the principals. Oh, and let’s revisit the ROI, given that the shared drive will not go away, your server room will not go away and you are not going to decrease the number of full-time equivalents (FTEs) because you have Office 365, and you will be paying for a new system in addition to the existing shared drive. By the way, don’t forget that software as a service (SaaS) applications will never be paid off or depreciated and may have a higher total cost of ownership (TCO) over the long term.

    I hope this is a more realistic picture of what it means to think about destroying documents on a large scale, as part of a migration or just general cleanup. It is, metaphorically speaking, like trying to change the inside tire on an 18-wheeler going 60 MPH.

    Bud Porter-Roth has over 20 years of experience as an ECM consultant, with a focus on cloud collaboration, electronic document management, records management and paper document projects. Follow him on Twitter @BudPR or contact him at info@erms.com.

     

    Get our Newsletter

    Receive our latest articles and news directly to your in-box!
    Email Address*
     
     

    Follow