Countering the cost of compliance

The ultimate challenge is how to keep the right data in the right place at the right time.

Tags: CommVault Systems Incorporated
  • E-Mail
Countering the cost of compliance Emily Wojcik, senior product marketing manager, information management, CommVault.
By  Emily Wojcik Published  June 24, 2014

Unfortunately, legacy solutions often only serve to turn archives into permanent storage pools and certainly don’t address long-term retention cost-effectively. It’s no surprise, then, that discussions in the boardroom are focused on how to balance long-term retention with bottom-line economics.

How much of what the business is paying to store has real business value? Could the information that is being kept pose a potential risk? What do you know about your data and, more importantly, what don’t you know? Can you be confident that the right content can be found on demand? How much budget is being set aside annually in long-term vaulting costs and how is this managed?

The added complication in the era of big data is that many companies are erring too heavily on the side of caution. With regulations and requirements changing year on year, they are now at risk of saving too much information and in effect becoming data hoarders.

The bigger issue here is that costs and risks escalate when businesses blindly save everything. Growing file shares, e-mails, desktops and laptops mean that there is a never-ending source of new data to manage, but does the old data rapidly become redundant, outdated and stale, or does it remain just as business-critical as the day it was generated?

It comes down to the level of understanding, intelligence and knowledge about which data is being stored, where and why. This need for information is leading many companies to adopt a ‘keep everything’ strategy in order to play it safe but, according to a survey at the Compliance, Governance and Oversight Counsel, up to 69% of retained data has no value to the enterprise. Not only is this content taking up valuable and expensive storage space, but it can also become a liability if not properly managed.

The demand for heightened compliance — whether for regulatory, corporate, legal or even security reasons — clearly means that organisations need to think far more strategically about what they pay to keep, as well as where and how they keep it. Using legacy methods to keep everything is no longer acceptable or practical.

There is, however, a growing realisation that the solution to this headache is content-based retention because it helps control the cost, risk and complexity of managing and retaining compliant data. In other words, it enables companies to gain a much clearer understanding about what data has governance, evidentiary or other business value and therefore makes retention policies about what data to keep, why, and for how long, far easier to define and enforce. It also means that, once retention policies are agreed, data can be automatically classified and organised according to business value. This eliminates time-consuming and error-prone manual processes.

And by putting data collection and long-term retention on automatic pilot, it also means that data is more effectively managed throughout its lifecycle. There are content-based retention solutions out there that can index and systematically move only relevant data to the most cost-effective storage and defensibly delete everything that is irrelevant to the business. This ultimately increases the likelihood that significant reductions in long-term storage costs can be achieved overall, which obviously reduces the cost of compliance.

However, perhaps the most important point to note is that combining content-based retention with a storage-agnostic, centralised virtual repository as well as enterprise-wide search and self-service access also reduces risk to the business because everyone, includinglegal and compliance teams, can quickly find the right information when the clock is ticking. Intelligent indexing of both backup and archive data simplifies information retrieval, even if it is stored in the cloud.

Companies are beginning to understand that any mistakes in handing over emails and documents during court proceedings and inadequate implementation of legal/hold preservation can lead to hefty fines, sanctions and brand degradation but yet, according to Gartner, 62% of companies are still not using tools to retain and understand data. It understandably says that “challenges exist and may seem insurmountable at times. However, the results of good data management will support an agile business that understands its data and empowers its businesses to use it.”

Proponents of content-based retention naturally promote its ability to:

- Reduce long-term retention storage costs and capacity needs by up to 70% by eliminating data that has no value.
- Streamline information lifecycle management with automated policies to classify, organise, retain and delete information.
- Enable efficient online archives with seamless cloud storage integration for faster business access and insight.
- Reduce the burden on end-users for classification.
- Simplify discovery, legal holds and review for file and e-mail data to reduce potential risk.

However, organisations that would like to counter the cost of compliance would be wise to consider the following three points if they want to deliver greater insight and increased value to the busines: Firstly, it’s important to remember that compliance changes and there is no crystal ball. It’s safe to say that new regulations will appear, existing ones will change and a few will go away, so if you want to build an agile and responsive business, consider leveraging a scalable and adaptable technology to keep pace with the business as it evolves.

Secondly, don’t blindly ‘save everything’ without considering what value lies within the data. It can be a problem from both a cost and risk perspective. A content-based approach to information management will allow you to manage data intelligently, automatically and cost-effectively throughout the data’s entire lifecycle.

And finally, it’s important to listen to the advice of industry experts. Gartner suggests that “when possible, seek solutions that leverage a common infrastructure.” A single data repository and a central deletion point will provide a more cost-effective, risk adverse, defensible compliance solution.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code