The past few years have seen a seismic shift in the channels of communication utilized by businesses and their employees to contact both colleagues and clients. Despite this, many organizations continue to rely on supervisory solutions that are wildly out of date, and as a result are struggling to incorporate newer technologies such as mobile devices, instant messaging, and text messages. In short, a vast number of organizations are currently in need of more modern, comprehensive supervision solutions.
This is especially true for those firms that rely on CA Data Protection. In 2017, CA Technologies announced that it will no longer be releasing enhancements to CA Data Protection and has established June 30, 2019 as the End of Life (EOL) for the product — meaning its users need a new solution and they need it fast. In a recent webinar, Chris Amatulli, Director of Services at Technically Creative — the world’s only certified CA Technologies partner with the ability to extract raw data directly from CA Data Protection and send it to any other platform — joined Smarsh Senior Director of Information Governance Practice Robert Cruz and Smarsh Director of Professional Services Jonathan “JR” Rudolph to explore how users could make the leap from CA Data Protection to Actiance Alcatraz quickly, cleanly, and with minimal costs.
The first step in your journey from CA Data Protection to Actiance Alcatraz must involve an earnest assessment of your firm’s supervisory history and the data it has generated to date. According to Rudolph, the biggest hurdle here remains an inability to break away from “the way we’ve always done things.” This inertia pushes organizations to maintain the status quo simply because change is complicated, costly, and a bit scary. The problem with this approach is that it often leaves firms with vast stores of old legacy data that was collected in such antiquated fashion, that it’s no longer useful. If that’s the situation you find yourself in, you may need to put in additional work to move that data into your new supervisory system, but it’s both mandatory and pays dividends down the road.
Once you’ve reviewed your supervision data and history, you must develop an understanding of your organization’s monitored employee and user hierarchy. This will help you to grasp how communications data is captured, archived, and reviewed. Who is responsible for review? Where is information being siloed? Does legal know where to find everything it might need in the event of litigation? These are just a few of the crucial questions you need to ask, and if you can’t answer any of them, you may need to establish more rigid internal supervisory guidelines.
The third step involves assessing the effectiveness of your current detection policies. If you want to satisfy regulators, this too should be an earnest, perhaps even painfully honest assessment. If your current detection policies aren’t working, the worst thing you can do is bury your head in the sand. Regardless of the products you’re using, if you don’t have detection policies that are up to snuff, you’re creating risk for your organization.
The fourth step requires you to inspect and adjust your firm’s current workflows. When your system detects an issue, how is it handled? How is information routed to the individuals who need it? One common issue here is a lack of appropriately broad message sampling. As Rudolph points out, your system should sample at least one message from every employee under oversight. Anything less creates gaps which create risk. “You have to make sure there is nobody who flies under the radar,” Rudolph concludes. Critically, once you’ve identified and made any necessary workflow corrections, all procedures should be laid out in writing to cement them in place.
Your final step is going to be an evaluation of the effectiveness of compliance reporting. If you’re waiting until the end of the month to churn out a compliance report, you’re not providing adequate research time and your report will suffer as a result.
While the above strategy will require diligence and significant introspection, the benefits of moving from CA Data Protection to Actiance Alcatraz cannot be overstated. Not only is it designed to grow with your communications capture needs into the future, it also automates many of the most difficult, time-consuming aspects of supervision you’ll face going forward.
For more insights, we highly recommend you watch the webinar for yourself: https://www.actiance.com/resources/step-step-strategy-migrating-ca-data-protection/?confirmation=true