Table of Contents
The Challenge: When Compliance Comes at a Personal Cost
David Poirier oversees all technology at Sturbridge Capital, a private equity firm with $800M+ AUM. As CIO and CTO, every system that touches compliance falls under his remit, including communications archiving and supervision. For a while, native mobile archiving was an unsolved problem.
For most of Sturbridge’s employees, BYOD is the right model. But capturing SMS on personal phones meant capturing everything. “People are concerned about having their company archive all their SMSs - including their love notes to their spouse - and then storing them for seven years,” David said. “People are not excited about that.”
Some employees took the corporate phone route, but it creates its own friction. “Are you picking up the correct phone when you want to do something? Having to carry two devices, maintain both, patch and update both, charge both, bring both with you wherever you’re going - there are a lot of issues around having two devices.”
For the majority on BYOD, neither option was acceptable. Blanket capture on personal devices was tolerated rather than welcomed. The existing archiving setup compounded the problem with an outdated interface and opaque pricing. With communications archiving and supervision a mandatory practice, Sturbridge settled for the status quo longer than they should have.
The Solution: Capture Business, Leave Personal Alone
MirrorWeb’s Trusted Contacts resolved the privacy problem directly. David was unsure about changing providers until he came across it. “Trusted Contacts was right away a huge differentiator - it allowed me to solve the problem with people’s personal messages,” he said.
Rather than capturing every message on a device, it works from a contact list. Employees whitelist their personal contacts, and only business communications are archived. Personal conversations stay off the record. The setup is straightforward - most employees start by marking all their contacts as personal, then manually add the handful of work contacts, a process that “takes just a few minutes after enrolment - and most people never look at it again.”
Beyond privacy, MirrorWeb gave Sturbridge a platform significantly easier to operate day-to-day. On the topic of reducing noise, David also has high hopes for Sentinel AI, which the team has just adopted to reduce false positive alerts. “The reality is that all the messages we look at are false alarms - we’re a trustworthy company and we’re not cheating, so all we’re trying to do is prove that. The fewer messages flagged falsely, the less time we have to spend going through them.”
The Impact: Less Friction, Happier Staff, Same Compliance Standard
Sturbridge hasn’t faced an SEC examination in years. That doesn’t make David complacent. “You can’t operate a compliance programme based on the current regime. You have to assume that scrutiny is going to go up and down over time, and you always have to be ready for the high-scrutiny scenario.”
With MirrorWeb handling communications archiving and supervision across email and mobile, Sturbridge has the infrastructure to back that up. Since implementing Trusted Contacts in November 2025, morale has improved. Employees are more comfortable with the firm’s approach to compliance; personal conversations stay off the record, business communications are captured, and the privacy boundary is clear. As David puts it: “Personal messages being captured was never desirable - it was forced on us from a compliance standpoint. But once people find out there is an alternative, a solution that’s more palatable, well, they want it!”
