IT Contradictions Abound in Data Management Survey

When it comes to information management, IT's mantra seems to be "do as we say, not as we do." That's one clear message from Symantec's 2010 Information Management Health Check Survey, released this week.

For example, 87 percent of respondents agree that a formal information retention plan is valuable, but fewer than half (46 percent) have a formal plan in place. The plan at many organizations is "keep everything indefinitely."

What's getting in their way? It depends on whom you ask.

In companies with no information plans, 41 percent of IT employees say they don't see a need for it, and nearly a third (30 percent) say no one has been given the responsibility. Cost is a factor for 29 percent of IT respondents; 22 percent say time is the issue, and 14 percent say they lack the expertise needed to build such a plan. For the legal department, cost is a factor for 58 percent of respondents, followed by a lack of expertise (48 percent), unassigned responsibility (40 percent), time (23 percent), and lack of need (20 percent).

Symantec says a common obstacle is analysis paralysis. Enterprises are unsuccessful in determining what tools they need and what information should be retained (as well as for how long), but they fear mistakenly deleting data, so they keep everything "while they try to formulate an effective information retention plan." The trouble is that while creating these policies, "organizations often delay implementation of an archive thinking they have to get everything right before they proceed. In reality, getting control of information can help an organization make informed retention decisions. In addition, once the policies are finalized, they can be applied to the information in the archive, efficiently and simply automating the process."

Symantec says most organizations lack functional policies "for the retention and expiration of electronically stored information such as e-mail, instant messages, Microsoft SharePoint libraries, Microsoft Personal Storage Table (PST) files, Lotus Domino files, and file share data." It's no wonder, then, that e-discovery requires them to search all locations where data might be stored, adding to the cost and risk of the process. "Provisions in the Federal Rules of Civil Procedure provide a limited “safe-harbor” for organizations that can show the routine and good faith operation of an electronic information system if preservation practices are challenged. With the current volume of electronic information stored by most organizations, an automated process for the collection and eventual expiration of information is critical for both routine storage management and e-discovery," the company points out.

Among the survey findings: 75 percent of backup storage is in an "infinite retention" or "legal hold" backup set, and one out of every six files is archived forever. Enterprises admit it's not the best policy: one-quarter of the backed up data isn't needed and probably need not be retained, respondents estimate.

Part of the problem is that companies aren't properly applying legal-hold procedures, which respondents say accounts for 45 percent of their backup storage. Worse: 70 percent of enterprises "use their backup software to achieve legal holds and 25 percent preserve the entire backup set indefinitely."

The survey found that almost half of enterprises surveyed are "improperly using their backup and recovery software for archiving," and that although 51 percent don't allow employees to create their own archives (on their own systems or on shared resources), 65 percent admit that their employees do it anyway.

Symantec told Enterprise Strategies that enterprises "are also misusing their backup, recovery, and archiving practices. Our survey found 81 percent routinely perform backup restores for their end users, increasing the chances that a court may find backup sets are accessible for discovery. Using archiving for discovery and backup for recovery provides an organization immediate access to its most pertinent information while allowing it to backup less."

The result of this mismatch between "what we should do" and "what we do," says Symantec, is that enterprises "suffer from rampant storage growth, unsustainable backup windows, increased litigation risk, and expensive and inefficient discovery processes." In addition, the report concludes, "storage costs are skyrocketing as over-retention has created an environment where it is now 1,500 times more expensive to review data than it is to store it, highlighting why proper deletion policies and efficient search capabilities are critical for enterprise organizations."
"Infinite retention results in infinite waste. Enterprises see the value of a solid information management plan, but too many still follow the outdated practice of keeping everything forever,” said Brian Dye, vice president of product management at Symantec's information management group. “The sheer volume of data is growing exponentially, so trying to keep everything consumes large amounts of storage space and demands too much of IT's resources. As a result, businesses spend more time and money addressing and fixing the negative consequences of poor information management and discovery practices than they would by working to prevent them."

To get back control over data, Symantec recommends enterprise stop using backup as an archive and legal-hold mechanism. "Backup is intended for disaster recovery, archiving is for discovery. Enterprises need to retain a few weeks of backup (30 - 60 days) and then delete or archive data in an automated way thereafter." By properly using backup for short-term and disaster recovery, "enterprises can [back up] and recover faster while deleting older backup sets within months instead of years. That’s a huge amount of storage that can be confidently deleted or archived for long-term storage."

Automatic administration is among Symantec's recommendations. "Enterprises should also develop and enforce information retention policies (what can and cannot be deleted, and when) automatically. Courts are more supportive of automated, policy-driven deletion than of ad hoc, manual deletion."

The company also recommends using a "full-featured archive system to make discovery as efficient as possible. Companies can then search for information more quickly -- and with more granularity than they would in a backup environment," thereby reducing "the time and cost it takes to evaluate litigation risk, resolve internal investigations and respond to compliance events."

The survey, conducted in June, drew responses from 1,680 senior IT and legal executives from 26 countries. It can be viewed here; registration is not required.

-- James E. Powell
Editorial Director, ESJ

Posted by Jim Powell on 08/05/2010