Customers need help to regain control of their information, and now is the perfect time for service providers to step in and help them do it. Service providers know that clients can’t afford to wait around for the perfect information retention plan to be put in place. Being proactive in their efforts will get customers on track to where they need to be and save the company valuable time and resources in the process. In fact, according to a recent Information Management Health Check Survey created by Symantec, 87 percent of enterprises believe a proper information retention strategy should allow them to delete unnecessary information. However, less than half (46 percent) actually have a formal information retention plan in place.
The following are information management tips from Symantec that can help service providers show their customers the benefit of archiving, backup and e-discovery technologies.
1. Understand the Difference
It is important to understand the difference between the need for recovery and the need for discovery. Service Providers should advise their customers to develop policies that dictate what information is important to keep and what can be deleted. That way, there is no guessing – what needs to be retained is clearly defined.
2. Don’t Be Afraid to Hit Delete
Backup is not an archive, and it is not recommended to use backup for archiving and legal holds. Organizations should retain a few weeks of backups (30 - 60 days) and then delete or archive data in an automated way thereafter. According to the Symantec Information Management survey, respondents noted that 75 percent of backup storage consists of infinite retention or legal hold backup sets.
By using backup only for short-term and disaster recovery purposes, organizations can backup and recover faster while deleting older backup sets within months instead of years. That’s a huge amount of storage that can be confidently deleted or archived for long-term storage.
3. Implement Dedpulication
Up to 70 percent of data is duplicate and hasn't been accessed in more than 90 days, according to Sheila Childs during Gartner’s 2009 Data Center Conference. Regardless of IT budgets, no customer wants to store duplicate data unnecessarily.
To combat duplicate data, service providers must help their customers implement deduplication everywhere within applications and within a backup environment. Businesses that deploy deduplication as close to the information sources as possible free network, server and storage resources. When deduplication is combined with shorter retention periods, enterprises enable tapeless disaster recovery via replication for better SLA.
Furthermore, failure to implement deduplication can result in buried files making them difficult to retrieve, which in turn slows data recovery. Having a system that is accessible and well-organized helps customers not only in times of litigation, but also when having to prove compliance with various regulations.
4. Develop Information Retention Policies
Storage costs are skyrocketing as over retention has created an environment where it is now 1,500 times more expensive to review data than it is to store it, highlighting why proper deletion policies and efficient search capabilities are critical for organizations.
By developing and enforcing information retention policies (what data can and cannot be deleted, and when) automatically, organizations will reduce overall risk than ad-hoc, manual deletion. The 46 percent of respondents in Symantec’s survey that do not have a retention policy should consider taking immediate steps to begin executing those policies. Paper policies that are not executed can be a litigation risk.
Service providers should also advise their customers to use a full-featured archive system to make discovery as efficient as possible. Companies can then search for information more quickly – and with more granularity than they would in a backup environment. This will reduce the time and cost it takes to evaluate litigation risk, resolve internal investigations and respond to compliance events.
5. Deploy Data Loss Prevention Technologies
Data loss prevention technologies should be deployed to measurably reduce a customer’s risk of data breaches, demonstrate regulatory compliance and safeguard their customers, brand and intellectual property. Solutions providers should look for a solution that discovers, monitors and protects their customers’ confidential data while providing insight into the ownership and usage of information.
When it comes time for your customer to enter litigation, you don’t want important data and records to mysteriously go missing. Data Loss Prevention technologies can help customers see what data they have and where the data is moving at any time.
So the moral of the story is—don’t let your customers wait until they find themselves in a bind before discussing options for information retention. There are actions that can be taken and processes put in place that can reduce headaches, time and resources in a quick-turnaround situation. Helping your customers stay ahead of the game will position you as a valuable resource and trusted advisor, strengthening your relationship and securing their business in the future.