Whether your email archive is on-premise or in the cloud, here's just 5 sound pieces of advice from the Essential archiving team on what IT departments should not do when managing their email archives.
1. Take on the full responsibility of defining and managing retention policies
Defining email records management policy should not be solely an IT function. The setting of your email retention policy should involve the legal and records management department, HR, and other business stakeholders. Policies should be appropriate, defensible and consistently applied. The deletion of data should not be driven by ad-hoc requests that fall outside of the stated policy - even where requested by a senior member of staff. Likewise the deletion of data should not be driven by ad-hoc ‘operational’ needs (e.g. having a spring-clean before migrating to a new version of Exchange or ‘the cloud’ to minimise the amount of data to be moved). Having said this we frequently see retention policies that are devised to save costs on storage. Even if you don't have a specific legislative or business remit to retain certain types of emails for a given time, it's always worth ensuring that your HR/legal teams are in agreement with such policies before executing an irreversible change.
2. Err on the side of caution
In our experience many organisations either leave their retention dates ‘open ended’, or if they do set deletion dates, they don’t actually ‘press the button’ (many archiving solutions require manual confirmation by an administrator).