Data retention strategies causing IT mistakes: Survey

Most enterprises know a formal data retention plan is important, but only half have one in place which is leading to informantion management mistakes, according to a new survey of IT and legal professionals.

The 2010 Information Management Health Check Survey, commissioned by Symantec, found 96 per cent of respondents from Australia and New Zealand believe in the value of a formal information retention plan, but only 50 per cent practice one.

The survey was conducted in June 2010 and is based on responses from 1680 senior IT and legal executives in 26 countries including 150 in Australia and New Zealand.

Other findings include local enterprises are retaining “far too much” information with 68 per cent of backup storage consists of infinite retention or legal hold backup sets. Respondents also stated that 25 per cent of the data they back up is not needed and “probably should not” be retained.

Some 74 per cent or organisations prohibit employees from creating their own archives on their local machines and shared drives, however, 77 per cent admit employees routinely do so anyway.

The survey also revealed stark differences in how IT and legal professional cited reasons for lack of an information retention plans. On the IT side, 20 per cent of IT administrators don’t see a need for a plan, 21 per cent said nobody is chartered with that responsibility, and 29 per cent cited cost. In legal circles, the top issues were cost (20 per cent), lack of expertise to build a plan (60 per cent), and nobody chartered with the responsibility (20 per cent).

Symantec Australia and New Zealand vice president and managing director, Craig Scroggie, said the survey highlights that businesses are spending far more time and money on the negative consequences of poor information management and discovery practices than they would by working to change them.

“Too many enterprises save information indefinitely instead of implementing policies that allow them to confidently delete unimportant data or records and therefore suffer from rampant storage growth, unsustainable backup windows, increased litigation risk and expensive and inefficient discovery processes,” Scroggie said.

“Infinite retention results in infinite waste. Enterprises need to regain control of their information by creating a formal information retention plan that enables them to backup, archive and delete with confidence.”

According to Symantec, local enterprises see the value of a solid information management plan, but too many still follow the “outdated practice” of keeping everything forever.

“Storage costs are skyrocketing as over retention has created an environment where it is now 1500 times more expensive to review data than it is to store it, highlighting why proper deletion policies and efficient search capabilities are critical for enterprise organisations.”

Symantec recommends “backup is not an archive” so organisations should stop using backup for archiving and legal holds. Enterprises should retain a few weeks of backup (30 to 60 days) and then delete or archive data in an automated way thereafter.

Other recommendations include the use of deduplication in the backup environment and the development of automatic information retention policies.

Rodney Gedda is deputy editor of CIO Australia and editor of TechWorld Australia. Follow Rodney on Twitter at @rodneygedda. Rodney's e-mail address is rodney_gedda@idg.com.au. Follow TechWorld Australia on Twitter at @Techworld_AU and CIO Australia at .