Are You Taking Your Information Archive Seriously?

Tuesday, August 21, 2012 by Thought Leadership Team

For over a decade, archiving solutions targeted e-mail to manage data, meet regulatory requirements and comply with legal discovery obligations. As the sheer volume of user data requiring management expanded beyond the realm of e-mail stores, archiving solutions evolved into an enterprise-level option capable of hosting a variety of content types. However, as Enterprise Information Archives (EIAs) play a larger information governance role, the risk of mismanagement—and the resulting inability to extract data when needed most—increases dramatically.

In order to mitigate these risks, organizations should take a closer look at their archives to whip them into shape. Below are five questions to test your archiving expertise.

1. True or false: If an organization implements an Enterprise Backup Protocol, they have no need for an archiving solution.

Answer: False. Although the two are often used interchangeably, there are significant differences between archives and backups. Simply put, backups are created for disaster recovery—preserving a “snapshot” of data at a given point in time in order to restore severs or other platforms after a system crash or malware infection. Backups store all content in a raw, unorganized form that is easy to modify and extracted at a high cost. Conversely, archives preserve a complete record of all information to satisfy ediscovery requests, regulatory audits, or early case assessment. Additionally, archived content is indexed, difficult to modify, and extracted at a much lower cost. Thus, each method serves a different and essential function in information governance.

2. True or false: Once an archiving solution is deployed, legal and IT should regularly communicate and manage the archive.

Answer: True. One of the most significant mistakes an organization can make when archiving is to treat it as a singular event, rather than an ongoing process. Unfortunately, few organizations understand this, as a Gartner poll found that only 21% of enterprises work with legal, compliance, and business to understand and manage information governance according to policy. Failure to manage archiving solutions and retention policies can result in a litany of issues, but the overarching problem is the same: data is inaccessible when a discovery request, regulatory audit, or other event requires immediate access to archived data. To manage these risks, organizations should mandate annual reviews between IT and legal at minimum while also ordering policy reviews triggered by mergers and acquisitions, IT platform changes, major upgrades to e-mail systems, and any other major event that implicates information governance.

3: True or false: If archived data is inaccessible or missing, you can easily rebuild the index or search backup tapes to retrieve the necessary data.

Answer: False. Although you actually can rebuild the index and/or search backup tapes for your data, neither of these processes is easy. If data proves inaccessible due to an incomplete or corrupt index, an index rebuild can take weeks or longer and proves extremely expensive—both of which prove taxing when you must meet a tight production deadline on a budget. If data is missing due to inappropriate retention, searching backup tapes places heavy demands on an IT department tasked with searching a raw, un-indexed mass of data that might have been modified, or worse, might not exist at all. An organization may outsource to search backup tapes or rebuild the index, but doing so runs counter to the base archiving goals of reducing IT strain and managing data in a cost-effective manner.

4. True or false: An organization should implement a retention policy that saves all end-user data on e-mail stores, hard disks, and servers.

Answer: False. Archiving everything places additional strain on an IT department by increasing storage and management requirements. Furthermore, over-retention increases ediscovery costs by creating larger data volumes that must be searched, significantly increasing document review time and the risk of over-production. Thus, a proactive retention policy should retain records as required, while appropriately disposing of data that is either non-essential or past its required retention period.

5. An enterprise can improve their archiving process and mitigate the risks of archiving by:

  1. Regularly monitoring system health
  2. Creating an archiving procedure and documenting all actions for search, export, and delivery of archived results
  3. Creating custodian and data maps
  4. All of the above

Answer: D – All of the above. Key players should be assigned the task of auditing the system to ensure its health and compliance with information governance by monitoring andverifying the system log with tracking metrics independent of the archiving solution. Furthermore, a sound archiving process specifically identifies the “who” and “what” in the entire process of implementing, deploying and managing the solution to ensure defensibility. Finally, by creating a data and custodian map, an organization can identify known data source inputs and custodians in the event that archived data is inaccessible or missing. An expert discovery consultant can assist with developing and implementing such policies and should be seen as an ally in whipping your archiving solution into shape.