Can you remember back to 1999? The millennium was approaching and the IT world was surrounded with Y2K fears and misconceptions. Preparations were extensive; conceiving doom and gloom scenarios seemed to be a national pastime. Millions of hours and billions of dollars were spent to ensure the year 2000 came without any major hitches.
We are at the end of another year. And although preparing to welcome 2012 raises none of the panic flags that 2000 did, there are a lot of vigilant steps that IT administrators can take to prepare, especially when it comes to managing data. The volume of digital information being generated with organizations these days is unprecedented and there are no indications this growth is about to abate. Moreover, there are a number of challenges IT departments face in managing all of this data, some obvious, some maybe not so obvious.
As a leading provider of information management solutions, Sherpa Software has helped a number of organizations meet these challenges. And in doing so, we also have encountered an array of common practices employed by IT departments and typical pitfalls they encounter. Highlighted below are a few best practices, compiled from our experiences, to hopefully help you get 2012 started on the right foot.
Revisit Your Backups : Checking Up on your Data Archiving Solutions
This is one tip that likely falls into the “obvious” category but it is remarkable how many backup related issues we run into. The problems with backups are not just that many organizations do not have a process to periodically test and validate their backups – needless to say, you should. But the nature of data being collected today and their needs to the organization is changing and they have, in many cases, a direct impact on the organization’s backup requirements. This is a good time to review the current backup routines, ensure that not just the right information is backed up but also stored for the necessary period of time. For instance, you may have deployed a new archiving solution that stores data in its own separate repository. This is data that should potentially be backed up and preserved; but also backing up the archives will likely impact the backup needs of the original source data. These scenarios are common and warrant an organizational review of all corporate data as it relates to backup procedures.
Corporate Retention Policies: Storage, Transfer and Retrieval of Electronic Information
Formulating retention policies and enforcing them, it turns out, is the ugly step-child of the IT department. To accommodate the growing data demands, it certainly is more convenient to simply buy additional storage, especially given the rapidly declining costs of storage devices. But given the rate of this growth, just throwing more storage at it is not a prudent strategy. And regulations are something else to consider here. Public companies fall under the purview of federally stipulated regulations which, depending on the industry in question, mandate strict guidelines for the storage, transfer and retrieval of electronic information. There are potential e-Discovery concerns here as well, the salient points of which we will discuss in the next section.
So whether you are in a regulated industry or simply have to deal with vast amounts of data, setting up clear, practical and enforceable retention policies is the first step to gaining control over this problem. Crafting retention policies for an organization is typically a team effort involving IT, representatives from a legal and/or a compliance department, upper management and other relevant parties. Although it is beyond the scope of this article to offer extensive guidance in devising retention policies, here are a few points to remember:
– Make sure the policy is well-defined and comprehensive.
– Take e-Discovery requirements into consideration.
– Goes without saying, but the retention policy has to be enforceable. Try and avoid manual processes and consider third-party solutions to automate enforcement.
– Document and periodically test to validate that there are no holes in the process.
– Periodically (maybe the end of every year) review the policies and make appropriate updates.
Preparing for E-Discovery
Regulated or not, publicly traded or not, the federal government has specific mandates for electronically stored information (ESI) for any organization that is party to a lawsuit. As many of you are aware from the media, the penalties for failure to comply with these regulations can be catastrophic for an organization. The instant a lawsuit is filed is not the best time to begin preparing for e-Discovery. If you are not prepared, familiarize yourself with concepts such as legal holds and data production. As discussed earlier, the ability to quickly and effectively retrieve electronic information necessary for a lawsuit should be one of the areas on which the corporate retention policy is based. In the unfortunate event of a lawsuit involving your organization, this preparation will have a significant and lasting impact on your ability to persevere through the trial.
And finally a note on the cloud. With the buzz surrounding cloud-based solutions over the past couple of years, we hear from more of our customers contemplating moving one or more of their core in-house services to a hosted provider offering a similar or alternate service. The benefits are tangible and well-documented – lower upfront costs, reduced IT effort in maintaining and managing the service, reduction in the capital budget, convenience of anywhere access
However, the decision isn’t that simple and nor is there a universal answer. The reality is it that it mostly depends on the service, your organization’s requirements for that service, the tolerance level of its unavailability and broader support for any specific corporate requirements you may have. So if you are broaching the possibility of moving a current in-house service to a hosted provider – and now would be a good time to do that –here are few things to consider:
– The cost – monthly cost for the hosted service versus the life-time cost of managing the service in-house, including hardware and IT. Keep in mind limitations imposed by the hosted provider, such as storage, bandwidth, etc.
– How critical is the service to your day-to-day operation? Contingencies if the service is temporarily unavailable?
– How critical is the data? Implications of it falling into the wrong hands? Hosted providers and privacy and security assurances?
– Is the service currently customized, and if yes, is that level of customization available in the hosted version?
– What is the migration strategy? The cost to migrate?
– What is the opt-out strategy? Can you get back all your data? In what format? Any extra costs?
These are just a few of the thoughts collected from helping our customers overcome most of their information management hurdles. I hope you find these useful as you prepare to tackle the challenges you face in 2012. And from everyone at Sherpa Software, I would like to wish you and your organization a prosperous and successful 2012.