Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: New Data Retention Rules Effective Today - SANS Internet Storm Center SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
New Data Retention Rules Effective Today
This one hit me a bit by surprise. A couple readers wrote about it asking for advise. Our reader Steve found a good authoritative source at Lexis Nexis .
I am not a lawyer, and the article doesn't exactly provide anything new to me. As far as I know, electronic evidence like e-mail archives has been "fair game" for discovery all along and as a sysadmin you could get into trouble for deleting any archives after being asked not to do so.

You may just want to sent the link to your corporate lawyer and have them figure out if any policies need to be changed. This should only affect US based corporations.

I will be teaching next: Application Security: Securing Web Apps, APIs, and Microservices - SANS London June 2022


4479 Posts
ISC Handler
Dec 1st 2006

Sign Up for Free or Log In to start participating in the conversation!