back to article IT blunder permanently erases 145,000 users' personal chats in KPMG's Microsoft Teams deployment – memo

The personal chat histories of 145,000 Microsoft Teams users at KPMG were inadvertently and permanently deleted this month, thanks to an IT blunder. That's according to an internal email by Global CIO John Applegate, seen by The Register today, to other IT leaders within the organization on Friday. Evidently, the accountancy …

  1. Throatwarbler Mangrove Silver badge
    FAIL

    What the . . . ?

    On the one hand, oops, you pushed out a policy that clobbered a bunch of personal chat logs. Let him without sin cast the first stone and all that (and submit the story to Who, Me?). But . . . where are your damn backups? Where's disaster recovery? If only KPMG had some kind of auditors who could ensure that the company's IT solutions complied with best practices. Conversely, the phrase "the accountancy giant's Global Technology & Knowledge (GT&K) group attempted to remove a single user's account from an active retention policy" suggests to me some sort of ham-fisted attempt to get ahead of impending legal discovery by flushing out incriminating chat logs. Upon consideration, maybe they just used the opportunity to make a clean sweep and hide the naughtiness of all and sundry with a massive purge. Or maybe I've just been doing this job for too damn long and am getting paranoid regarding corporate malfeasance.

    It would also be good to know whether this is an internally-hosted Teams deployment or cloud-based. In short, who really carnally violated the canine in this case, KPMG or Microsoft? Or both, I suppose, both is always good.

    1. Anonymous Coward
      Anonymous Coward

      Re: What the . . . ?

      Ummm, it’s the retention policy feature that got applied.

      The whole point of retention policy is to delete data after X days so it can’t be recovered (even from backups).

      So the question “where are your damm backups” is really really odd - and sounds like you don’t understand what these features are for.

      If it could be recovered even from backup it would be disclosable, which is precisely why companies especially in FS sectors have retention policies deleting data.... (a records management bod will be able to provide you more info)

      1. Throatwarbler Mangrove Silver badge
        FAIL

        Re: What the . . . ?

        "The whole point of retention policy is to delete data after X days so it can’t be recovered (even from backups)."

        Bull puckey, junior. The whole point of backups is that they're recoverable even if an admin blows the system up with an error. Now, you might have a backup policy that allows throwing data away, but then you get what you deserve. Most places, especially financial services companies, will have very strict data retention policies which should prevent this sort of mishap if followed correctly.

        Go back to junior admin school.

        1. Anonymous Coward
          Anonymous Coward

          Re: What the . . . ?

          Sysadmin hat is the only hat, cute. You need to go talk to some FS lawyers about data retention. What do you think happens when the 7 years FS keeps data for is up? Yes that’s right the data is wiped from the face of the earth so it can’t be got back.

          Before that you’re spot on it’s backed up to the hilt but once that policy expires boom - wipe it with extreme prejudice.

          That’s the whole point of why these orgs have a data retention policy. It’s to amongst other things minimise the risk that the organisation retains things that might get it into trouble beyond the point of usefulness.

          Now clearly in this case someone screwed up and instead of 7 years or 7 months or 7 days set it to 1 day and wiped the lot.

          Time to go back to school to retrain for the cloud era - Micro$oft state, once teams retention expires data is wiped and you can’t get it back, because in their cloudy world they don’t keep backups of data > retention setting. (Doing so would mean having to produce those as part of court disclosures)

          It looks like that happened here and is documented on technet. Assume you’ve never read the article. Shrug.

          1. Anonymous Coward
            Anonymous Coward

            Re: What the . . . ?

            Data Retention policies are important

            Example, one UK regional bank hadn't cleared out it's older account information, so PPI claims older than the usual 6 years were suddenly in play - they had records that showed claimant information going back over 10 years.

            That 'excess' left them liable for an extra £450m

          2. Anonymous Coward
            Anonymous Coward

            Re: What the . . . ?

            Which is why backup retention and online retention period settings (before 'cloud' era) were 2 different settings. So a fuckup wouldn't delete all the data. A single setting controlling backup and online retention is no backup.

            If they were legally required to keep the data for 7 years also, that is as big a problem as requiring it to be deleted after 7 years. Now they have no retention, thus no longer compliant.

            1. Anonymous Coward
              Anonymous Coward

              Re: What the . . . ?

              If it’s not a “record” there’s no requirement to keep it (for 7 years or any other)

        2. Anonymous Coward
          Anonymous Coward

          Re: What the . . . ?

          Sorry you are wrong. If a records officer defines a data retention policy IT's responsibility then is ti make sure that data is irretrievably deleted. I've had this stand up fight on several projects when I asked what happened to data in backups to be told that it will be there forever. I do know its not always easy to purge data from backups and that why having the 3rd party right tooling and backup strategy in place is essential. When the Data Owner's records management Records managements processes define a data retention policy it's there for a reason.

          Retention of expired data in recoverable backups opens you up for a breach of GDPR. You do know just how big those fines can be don't you? 5% of global turnover.

          When looking at incredibly sensitive data like social care safeguarding investigations / medical records/ internal fraud investigations these retention policies are critical. In most cases they are governed by legislation and will be linked to your Data Protection registration at the data set or even record level.

          Having some arrogant techie deciding to ignore them because 'I know best' opens up a level of risk which is completely unacceptable.

          1. Robert Grant Silver badge

            Re: What the . . . ?

            I appreciate you may have been made to feel inferior by techies, but to be the grown-up voice in the conversation for a minute, it was probably not deliberate.

            A sensible backups policy would be part of any GDPR declaration, whereby data will, say, cycle out of backups over a period of a month. This is easier done with post-GDPR tech strategies, where PII might well be in a separate database for this very reason. Then different backup policies can more easily be applied.

      2. Anonymous Coward
        Anonymous Coward

        Re: What the . . . ?

        @AC

        Quote: "...so it can’t be recovered (even from backups)...."

        *

        Really? Son, Father, Grandfather.....etc, etc. Then there's the off-site backups at Iron Mountain.

        *

        It's always been amusing to me when allegedly informed people tell me that the PII data which is flagged as "to be deleted"....will be "COMPLETELY ERASED". In many circumstances this is a claim that the technology can reach inside multiple backups, even off-line backups, and magically snip out this specific piece of PII.

        *

        Dream on! It's impossible!

        *

        So when Microsoft tell you that the "data is gone for good".......it might mean that they DON'T HAVE BACKUPS.....or it might mean something somewhat more sinister!

        1. David Roberts
          Windows

          Re: What the . . . ? Impossible?

          Those of a certain venerable age and given to grey beards and open toed sandals may well still remember George 3 and Tape To Tape Processing.

          This kept your tape backups regularly copied {and so, fresh) and also ditched old data such as files modified or deleted to keep the tape library to a manageable size.

          Perhaps modern backup strategies just leave an ever growing pile of ageing media in a vault somewhere?

          Retention of corporate data for regulatory purposes has special rules, but I hope these archives are read and copied every now and then onto new media.

          In which case old data no longer requied can be discarded.

        2. Anonymous Coward
          Anonymous Coward

          Re: What the . . . ?

          "In many circumstances this is a claim that the technology can reach inside multiple backups, even off-line backups, and magically snip out this specific piece of PII."

          This is possible with a PKI solution.

          Encrypt data at rest and hold the encryption keys far closer to home. after 7 years delete the keys used to encrypt that offline storage. No one can then unencrypt (NSA aside) that data & its effectively gone.

          1. Nick Ryan Silver badge

            Re: What the . . . ?

            Ah yes, the unfeasible academic dream of PKI data backups.

            Take a relatively trivial relational database with 500,000 records of individuals in it.

            Each record identifies an individual therefore we must have a system that manages 500,000 encryption keys. Each key must be related to a single specific individual and wholly identifiable to this individual and no other, therefore these keys are now also considered personally identifiable data. These keys must also be backed up because, if these keys are lost, any backups using these keys may as well be random noise in a data file. These key database backups must be retained, kept offline and managed just like mainstream data. Choosing to delete a key means that this key must be deleted from the live dataset and every single backup made of it. Effectively, we now have 500,000 individual backups to manage, which also require a database to manage these backups... which must also be backed up, because losing this will lose the database that manages the keys which means the core backups are worthless. This kind of scheme is possible, within ridiculous margins of possible course, but most snake-oil salesmen conveniently forget this side of it. In essense, all that's happened is that the pain point has been moved.

            That's the key management side of it. We also have to deal with the data itself. There are a couple of broad options here:

            1) Every single row of data relating to an individual is encrypted in the database, with the key being recorded in the separate key database (backed up separately, see above). Needless to say database performance at this point is something that happens to other people, as no useful indexes are possible and therefore the data may as well not be in a database. This includes searches therefore we have a database relating to 500,000 individuals which to many intents is unsearchable. This means no corporate statistics nor "big data" nor anything like this. Basic business processes will also be glacial against this database. This is usually the option touted as "data at rest".

            2) The database is operated normally, but never, ever backed up. Ever. At all. Instead we have a nightly (or whatever) export of the database which converts the relational structure into a file or set of files for every discrete individual in the database where all data relating to each individual is exported into an export structure and encrypted using the key in the key database. This also requires that a re-import process exists which is thoroughly and regularly tested, particularly with version management of the using application and database structures taken into account. This is the closest that a key system can get to encrypting "data at rest" but it does not work around the issue of key management, it's just moving the issue from one place to another. The advantage of this technique is that ancillary files, such as documents, can also be thrown into the same key encrypted repository as long as the export process is smart enough.

            A further problem with this is where data relates to more than one individual. For example, Project X references Individual A and Individual B, which key should be used to encrypt this data? A solution would be to have an additional encryption key used for wherever Individual A and Individual B are associated in the same data. Our key database has now become suddenly much more complicated and harder to backup in itself. Removing all keys relating to Individual B should not remove any shared records relating to Individual A as well. While deleting the reference Individual B out of the database would remove the reference it would not remove the data therefore this is not compliant with data protection removal. Deleting all references to Individual B regardless of whether or not any other individuals are associated with the data is not compliant with data protection management because this also mandates the correct management of data. Management policies can be created to help manage this kind of complication.

            The point here is that in the real world things rapidly much more complicated than academic dreams of PKI backups or snake oil salesmen will ever admit. In any organisation of any appreciable size there are usually multiple databases and applications, each of which must be managed separately but in the same way. There is no perfect solution.

      3. I am the liquor Bronze badge

        Re: What the . . . ?

        Retention policy or not, surely the live data and the backups shouldn't both be purged by pressing the same button, should they?

        1. not.known@this.address Silver badge

          Re: What the . . . ?

          But this is *the Cloud* - we *don't need* Backups! It is it's own backup... isn't it??

          But this does look a little dodgy, all those records "accidentally" deleted at a company that prides itself on making sure everyone else keeps on the straight and narrow... the only question is, was it a senior person who wanted something gone… or a friend of the "accidental deleter"..?

          1. Anonymous Coward
            Anonymous Coward

            Re: What the . . . ?

            Teams chats aren’t “records” if you’re using the term precisely

      4. Doctor Syntax Silver badge

        Re: What the . . . ?

        "The whole point of retention policy is to delete data after X days so it can’t be recovered (even from backups)."

        OTOH it's quite predictable that there would be an Oh Shit moment like this and that should have been planned for. Move the data into a holding silo. Sent the timer on that to something like an hour, just long enough to apply the emergency brake. It's the reason why your mail client has a Deleted folder and your desktop has a Wastebin or Trash.

        Predictable user errors should, as far as possible, be remediable.

        Now the predictable has actually happened no doubt it'll be in a release Real Soon Now.

    2. katrinab Silver badge
      Meh

      Re: What the . . . ?

      How do you back up Teams chat logs? Is it even possible?

      1. yoganmahew

        Re: What the . . . ?

        No. Even copy/paste is severely limited.

        It's on purpose to limit the legal fallout of Teams.

      2. JimmyChu555

        Re: What the . . . ?

        Here you go. For Deployment Step by Step. WIKI > Deployment Guide

        https://github.com/engagesquared/TeamsHistoryManagementApp

      3. Anonymous Coward
        Anonymous Coward

        Re: What the . . . ?

        Checks his Druva Insync backups...

        Yep, team backups only, not personal.

        You can download 'em as a zip, which is nice.

    3. Anonymous Coward
      Anonymous Coward

      Re: What the . . . ?

      Is there such a thing as Teams on-prem? Thought it was cloud-only solution.

    4. Persona Silver badge

      Re: What the . . . ?

      Chat logs are basically smoking guns. If you get a legal disclosure order requiring that they be divulged you have to comply sure in the knowledge that not only is recovering the data from multiple overlapping backups going to be time consuming and expensive but also that many things in them will at least "appear" to be incriminating. A solution is to make sure that they never hit a persistent backup and implement a policy that scrubs them as quickly as your users can tolerate. That way you can stand there with hand on heart and say "sorry they are not retained".

      The biggest joy your lawyers have in a legal disclosure exercise is finding that documented policy is being followed meaning the data wasn't retained. The second biggest joy is finding something really really incriminating "just" outside the disclosure window.

    5. William.B.Travis.1836

      Re: What the . . . ?

      You have no idea what you're talking about.

  2. Michael Hoffmann
    Thumb Up

    And nothing of value was lost?

    1. Anonymous Coward
      Anonymous Coward

      Actually lots was - it was a right PITA

    2. Dan 55 Silver badge
      Mushroom

      Nope. Try and search your chat history on Teams, you get a result which is about as useful as deleting everything.

      "Yeah, we'll give just the one single solitary line your search result appears in, with none of the lines around it whatsoever (which probably contain e.g. the answer you're looking for), because we're Microsoft and we know so little about UIs now we think users actually want that."

  3. Anonymous Coward
    Anonymous Coward

    sure, believe me, it was an accident.

    Meanwhile all those upcoming court cases that were relying on the contents of these chats are now all null and void!

    1. idiottaxpayerhere previously ishtiaq/theghostdeejay

      @ A/C

      What upcoming court cases? Please tell.

      Cheers… Ishy

      1. katrinab Silver badge

        https://www.ft.com/content/c6f028c2-910e-11e9-aea1-2b1d33ac3271

        https://www.accountancyage.com/2020/04/02/frc-fines-kpmg-700000-for-poor-audit/

        https://www.accountancyage.com/2020/06/22/eys-wirecard-audit-exposes-potential-fraud/

        Wirecard is certainly a big one. Mostly impacts EY, but KPMG are also involved. There's plenty more examples.

        1. Anonymous Coward
          Anonymous Coward

          And that's not counting having to appear before government committees to explain the latest consultancy scandal

          "Sorry, we have no recollection of that extremely important matter in the run up to WW3... MS ate all our chats"

          ('a "four-eyed" check process'... cock-eyed' more like!)

        2. Roland6 Silver badge

          Accidential...

          Looks like the sort of accident that will have some senior people taking a deep breathe and popping the champagne corks...

    2. Anonymous Coward
      Anonymous Coward

      Teams is fairly new to the organisation from what I hear, so any of the so called court cases you might be referring to are very unlikely to have had anything stored in teams anyway.

      Previous to that they used SfB and that had no retention at all.

      On the other hand every single email gets journaled for a very long time.

      1. This post has been deleted by a moderator

        1. Anonymous Coward
          Anonymous Coward

          No not the same AC.

          I know the org, their old SfB implementation had “conversation history“ turned off - close a chat window, no record of the chat. It’s why everyone was so pleased the org moved to teams. You could have a decent conversation.

          Your profanity is boring. Chill out.

          1. Skoontof

            Incorrect, only a few of the member firms had that optoin. Most had conversation history turned on in SfB. So you must be from either the UK or US firm with those thouights in your mind.

          2. Anonymous Coward
            Anonymous Coward

            The Conversation History folder in the user mailbox may not have been present, but that doesn't necessarily mean that the IMs were tossed to the void when you closed the chat...

            Could be that they were holding the data in the SQL backend instead, which I think is the default archiving setup for SfB.

        2. This post has been deleted by its author

        3. Anonymous Coward
          Anonymous Coward

          I'm not the original AC but I do think you would benefit from a nice cup of tea and a digestive biscuit Mr Mangrove.

          1. nematoad Silver badge

            It looks more like Brother Throatwarbler has mislaid his dried frog pills again.

            Yes, come on man, chill out. It can't be doing your blood pressure any favours.

            1. Throatwarbler Mangrove Silver badge
              Thumb Up

              Apologies

              Yes, it was late at night, and I was in a mood. Apologies for the profanity and kudos to the mods for whacking the post.

              That said, Skype for Business does have a conversation history setting integrated with Exchange, so the conversation history can be saved and searched. So there.

  4. HildyJ Silver badge
    WTF?

    Outsource to them?

    KPMG's GT&K group is the same one that goes around the world urging companies and governments to outsource IT departments to them. And they can't handle their own IT department? And anyone should ever trust them again? If emptor wasn't already caveat (feel free to correct my Latin), they should be now.

    1. Anonymous Coward
      Anonymous Coward

      Re: Outsource to them?

      Lies, they’re not that at all.

      GT&K are internal facing and nothing to do with the client facing part of the business.

      Besides which KPMG as a firm don’t do outsourced MSP style work, why would they? They outsource a great deal of their own network/infra to TCS, Orange, HP et al.

      Fashionable to throw stones, but at least get the facts right.

      1. RM Myers Silver badge
        Coat

        "...but at least get the facts right"

        Wait, the El Reg comments are still considered part of the Internet, aren't they? When did facts ever get in the way of a good "analysis" on the Internet?

        And I'm out the door before the stones start flying.

      2. Anonymous Coward
        Anonymous Coward

        Re: Outsource to them?

        Actually they are partners with Google & Microsoft and do actually consult on the best implementation (sometimes doing the work themselves) Used to work for them doing exactly this sort of thing, most of the people there don't really know what they are doing but wear a good brand of suit so get the job.

        1. Anonymous Coward
          Anonymous Coward

          Re: Outsource to them?

          Consulting != outsourcing

      3. HildyJ Silver badge
        Facepalm

        Re: Outsource to them?

        From a recent KPMG job description: "ITS Global (Information Technology Services Global) is one of four pillars within KPMG’s Global Technology & Knowledge group. As such, ITS Global provides innovative components that KPMG’s business functions and member firms use to deliver client-facing solutions."

        From Consultancy.uk {3Q19): "KPMG managed to scoop the largest contract in the period – a £29 million call-off contract (a blanket order) to help the Ministry of Defence (MoD) with the implementation of its Defence Support Operating Model (DSOM) programme, a large-scale business and SAP-driven digital transformation."

        Do they sell their services directly - no. Do they develop the components (like security) that KPMG uses in their outsourcing solutions - yes.

        P.S. many decade ago I worked for KPMG on an outsourcing contract with the US Navy so they've been doing it for a long time.

  5. DS999

    Seems suspicious

    If there is a lawsuit pending that would have relied on discovery from those chats one has to wonder if this was really an 'accident'.

    1. Anonymous Coward
      Anonymous Coward

      Re: Seems suspicious

      Interesting angle, but these PS firms are many independent legal entities. So if USA was getting sued, it wouldn't impact say canada. Plus they’re always involved in legal action all the time.

      To wipe everyone’s teams *globally* would be quite an over reaction.

      You could for example wipe a dept, or country if that worried.

      Probably a screw up, or perhaps BOFH enemy action, they have been making covid redundancies.

  6. chuckufarley
    Coat

    On one hand...

    ...You get what you pay for. If your company didn't pay for redundancies you don't get any. End of Discussion.

    On the other hand if you service provider didn't pay for redundancies, and your company didn't pay for them either, then you don't get any. End of Discussion.

    On yet another hand, the xkcd.com comic for today could be the epitaph for a few people's careers:

    https://xkcd.com/2350/

    On yet another hand, if you are the kind of ODC-self-micro-manager that makes personal backups of every conversation then you could be up for promotion, if not for the fact that you just made everyone else in the company look like a children clapping hands while shouting "I BELIEVE IN FAIRIES!"

    1. MyffyW Silver badge

      Re: On one hand...

      I'd hate to live in a world where clapping your hands and believing in fairies marked you down as unprofessional. It's pretty much my signature move.

  7. osakajin Bronze badge

    Epic ohno second

  8. Krassi

    make deletion routine

    "chat" should be something informal & ephemeral, like a real-life chat - for me the ideal chat app would wipe the history every 24 hours. Informal and undocumented communication has a value. Teams and its ilk have got it wrong, thinking chat retention is a feature, not a bug. If you want to record communication, email is pretty good in most companies, then paper, stone masonry... Natter away on Teams, send an email or memo to document the outcome if it is that important.

    1. NATTtrash Silver badge

      Re: make deletion routine

      I agree. But users behaviour can be somewhat... less straight forward. As the piece says:

      several CIOs stressed that personal chats should not be used to store essential business data.

      Which is very true of course. But then again, we've all seen at some time that a user thinks it's a great idea to move those files (s)he wants to save to that place on their desktop which says "Recycle Bin".

    2. MyffyW Silver badge

      Re: make deletion routine

      Which is why when you want to impart something not for re-broadcast you say

      "call?" and speak to the other person in the hushed tones of timeless conspiracy. And make sure the "record" button isn't on.

      1. hoola Bronze badge

        Re: make deletion routine

        This also highlights the problems of using what are essentially social media technologies for business applications. Yes, Teams can do some useful stuff, particularly at the moment, but far too many people use it the same way they would Facebook.

        Just what the hell is wrong with an email if you need a record?

        Everything we do in Teams appears to be kept indefinitely and cannot be removed.

        If you need to an interactive communication with someone, use a call.

      2. Doctor Syntax Silver badge

        Re: make deletion routine

        And make sure the "record" button isn't on.

        Unless you need it on...

        1. Roland6 Silver badge

          Re: make deletion routine

          >Unless you need it on...

          Which typically happens just after you finish the chat...

      3. Brewster's Angle Grinder Silver badge
        Black Helicopters

        Just because you're paranoid...

        But how do you know the other end hasn't got the record button on?

    3. yoganmahew

      Re: make deletion routine

      It's a pain in the ass, though, to have chat ephemeral. My company set it to 30 days after having no retention set. By that point, everyone had stopped using email and were chatting preliminary project design decisions, preliminary functional agreements etc. All lost, and chaos and arguments ensued for some months. Even on a personal level, having to reask who someone is (it's a large company) every time they infrequently ping you is painful.

      "Only personal chats were lost, it's claimed, not chats conducted as part of a Teams meeting or Teams channel, and not any files uploaded to personal chat threads."

      This is what MS say, but the meeting chats disapper too. Only chats in a channel are safe, but the channels are broken once you have more than six. Files you upload are still there, somewhere, but the link to them is removed, so finding them can be challenging...

    4. Anonymous Coward
      Anonymous Coward

      Re: make deletion routine

      Problem is that dodgy geezers (and we are talking about KPMG here) tend not to use official channels simply because they are recorded

      Use of personal email accounts for business discussions is frowned upon for similar reasons

  9. Anonymous Coward
    Anonymous Coward

    "inadvertently"

    Riiiiiight.

    Retention/deletion policies: The modern shredder.

  10. chivo243 Silver badge
    Coat

    couldn't have happened to a nicer company

    My brief interaction with *ahem* auditors if they can be called that, was a dimming experience.

  11. Maelstorm Bronze badge
    FAIL

    And here we go again...

    And here we go again...right on the heels of the Adobe Lightbox fiasco, we have this. Aren't there supposed to be backups of this stuff? If not, then why not? I can understand not backing up active memory in a server, but on disk? Really? Someone was either lazy or incompetent. Wait...KPMG? The financial services company? Aren't they REQUIRED BY LAW to keep that stuff indefinitely because it's financial?

    1. Anonymous Coward
      Anonymous Coward

      Re: And here we go again...

      In the FS (VC) I work at “Private” chats are not classed as “records” and therefore not subject to any legal retention. They’re kept for a bit for Compliance team to monitor activities, but aren’t part of the formal legal doc set.

      Unfortunately Microsoft decides what gets backed up (on teams) and what doesn’t.

      End user corps have little say (other than being able to set a retention policy, the default is retain forever, but you can tell it to start deleting after 7 years etc.)

      1. Maelstorm Bronze badge

        Re: And here we go again...

        Good info.

      2. SImon Hobson Silver badge

        Re: And here we go again...

        “Private” chats are not classed as “records” and therefore not subject to any legal retention

        Has that been tested in court yet ? If not, then I'd suggest it's ... a little simplistic.

        It's quite possible that in a court case, all it needs is for the court to believe something relevant was said in a private chat and ... suddenly as far as the court is concerned it is now a relevant record. All it would take is for just one witness to slip up* to give the court the information they need. Produce it stat or explain why you failed to retain it in accordance with the laws on record retention. Telling the court that you do not retain them as a matter of policy and you may find yourself being asked to justify why that is the case - which would mean proving not only that you have a policy of "no business conducted in private chat", but a process for actually enforcing that policy. AIUI courts have a tendency to look at the "what is actually done" rather than the policies that say how the business thinks it should be done - I know from experience that the two are often different, sometimes very different.

        * Or it could be that disgruntled ex-employee who was "managed out" for asking awkward questions about company ethics just plain telling the court "yes it was against company policy, but we used private chat all the time for business because there wasn't a record kept". I believe there's precedent for that sort of disclosure about policy vs real world.

        1. SImon Hobson Silver badge

          Re: And here we go again...

          And as if by magic ...

          See IBM ordered to pay £22k to whistleblower where it says : ... only for internal Sametime chat app transcripts shown in evidence to give the lie to their claims. It's not inconceivable for a judge to demand transcripts of "personal" chats between actors in such cases - and to draw negative conclusions (i.e. infer that there's something being hidden) if they cannot be produced.

  12. Pascal Monett Silver badge
    Facepalm

    Another great Microsoft idea

    Central recording and retention of chats. Brilliant. That way, you get problems like this.

    Why is it that humans, in general, absolutely want to treat every platform like a data store ? Chat has one use : to contact someone that has the answer to the problem you have NOW, get the answer and solve your problem. The chat window is only useful up to the moment you have that info. Once you're done implementing the info, you close the chat window and it is of no use to you any more.

    If you absolutely want to keep that chat for reference purposes, every chat tool I have ever used allows you to save the thread, but once you close the window, the chat is gone.

    And that's the way it should be.

    1. Anonymous Coward
      Anonymous Coward

      Re: Another great Microsoft idea

      If, on the other hand, you are making major, potentially life affecting, decisions and DON'T want them recorded...

    2. Doctor Syntax Silver badge

      Re: Another great Microsoft idea

      OTOH if you want to make retention a feature put a safety net under it.

    3. Anonymous Coward
      Anonymous Coward

      Re: Another great Microsoft idea

      Bill: Hi Fred, buy this software and I'll give you 20% discount.

      Fred: Excellent I'll put the order in today.

      2 weeks later

      Fred, Hi Bill, I got the invoice today where is the 20% discount?

      Bill: What 20% discount?

      Whilst as a techie you may save all your conversations as a text file 99% of normal users won't. And that's when they come to IT asking if there is a way to find it.

  13. TwistedPsycho

    What I don't get.....

    ...is who had the bright idea to rely on a single solution?

    I get Data Rentention is a necessity and data needs to be purgable. Surely though, if there are back-ups, the Data Rentention policy would be a separate automation to the data itself?

    Then you don't have an automation of destroying the data and the back-up in one foul mash of a keyboard(?)

  14. Argus Tuft
    Black Helicopters

    there’s always a backup

    just ask the NSA for a copy..

  15. DaGriff

    Sticky or GUI

    Must have tripped the Central Admin switch. Either that or a messed up PowerShell, but I doubt that as Teams has trouble processing batch changes of more than 5,000 records.

    Which brings me to the question of why not fully develop the GUI [product] instead of leaving some poor schmucks to try and work out the same PowerShell command in thousands of companies, globally, every single day, and put it on a sticky note. How much lost productivity is that?

  16. 0laf Silver badge

    Tick

    Data Protection Plausibile Deniability enabled!

  17. Sykowasp

    Well that's one way to ensure there's no incriminating chat data from one of your employees that you've become aware of and needed to resolve, err, internally.

    Most likely this shows the danger of colocating Bulk Operations next to Single Item Operations in user interfaces.

  18. crackmonkeys4hire

    Built-in India

    That's what you get when you hire low skilled cheap foreign labor to run IT organizations. Chances are very good that the culprit was an Indian IT "expert" whose expertise is copy & pasting from someone else's resume

  19. I Am Spartacus
    Mushroom

    Well, there goes their FSA license

    KPMG should have their FSA license revoked, but probably won't.

    I recall working with a large commodity trading group who had to install, and prove that they had installed, robust chat backup of all chat facilities. That caused a lot of angst when traders were told that they could only use specific named, versions of tools for IM and chat. These were the ones that had centrally controlled backup policies. Failure was to risk revoking the license to trade.

    Conveiently being found out that all the history had been erased would not have been good. Not good at all.

    1. Anonymous Coward
      Anonymous Coward

      Re: Well, there goes their FSA license

      Do you mean FCA?

      Execution of trades and trading environments are much more tightly regulated than nearly every other environment. Rightly so (see LIBOR) but that hardly applies to some accountants and tax specialists.

      Confusion as to what’s a “record” and needs to be kept, retained, protected and what’s ephemeral. The choice on that can be left down to original corps. Trading houses retain everything not just because FCA says “please” but for their own compliance. (Are you gambling with more than your limits and colluding)

  20. eswan

    Things I Learned Today

    KPMG has their very own top level domain. http://nic.kpmg

    How the hell do you pull that off?

    1. Anonymous Coward
      Anonymous Coward

      Re: Things I Learned Today

      Anyone can get a TLD as long as they meet the requirements.

      For those who don’t want the hassle, they can procure services of companies that will run a TLD on your behalf.

      There’s *a lot* of TLD’s out there now.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020