/dqc/media/agency_attachments/3bO5lX4bneNNijz3HbB7.jpg)
Follow UsThis will also
add value to the information owned by the organization. Furthermore, it can
evolve to meet future business objectives and reduce the TCO as well.
In recent years, compliance has become a hot topic in business because of
some high-profile cases where large corporations were fined for their failure to
keep proper records. New legislation and concerns about compliance have put data
storage at the top of the business agenda. But rather than adding an extra
expense, this creates an opportunity to drive best practices in data protection
and improve the methods used for back-up, recovery and archive.
Even though compliance is primarily a technological issue, the problem can't
be solved just by buying a product. Compliance is not a technology decision but
a combination of processes and procedures, incorporated into an efficient
foundation of back-up, recovery and archive. This means every enterprise must
draw up a plan for its storage of data, then execute this plan in a variety of
different business functions, so everyone has the same rulebook. If the
plan is executed well, it will also add value to the information owned by the
organization.
If companies can get their storage strategies right, they not only insure
themselves against prosecution, but also establish a technology foundation on
which to build compliance. This helps them move toward future data management
capabilities, such as information lifecycle management, in line with their
corporate business objectives.
Storage strategies should not isolate compliance as a separate issue but
incorporate compliance as the central requirement. Developing the strategies
should also create an opportunity for line-of-business managers to partner with
IT departments, sharing knowledge and working towards mutual goals.
Importance of data
Data is getting imperative by the day and is an inherent part of every
organization. Business is increasingly dependent on data and digital
storage devices. Fast, easy access to live and historical data is essential to
business success, adding value and reducing costs.
More than 90% of the information generated by business today is in digital
format and 70% is never printed. Because digital devices are so intelligent
and easy to use, people produce much more data, thus creating new problems for
storage.
According to IDC, the number of business emails sent every day will be over
60 billion by 2006, with 60% stored in messaging systems. Apart from
information overload, the chief problem is that data is usually stored on a wide
range of different devices in different locations. This makes it much harder to
manage and also tends to lower productivity.
Data protection
To ensure compliance and manage their data, companies need strategies for
data protection, which take account of three key areas. These are: existing
regulations for the storing of records, litigation risks and internal
operational use of the data.
Besides obeying the law, it is also important to ensure efficient back-up,
recovery and archive to meet basic business objectives like cost reduction, risk
management, productivity improvement and operational efficiency. It's also
imperative to make sure all records are centrally managed. Otherwise, end-users
have too much responsibility and may delete data by accident or by design.
To make the plan work, every user should therefore be trained. Data
protection should focus on administrative, technical and physical criteria-for
digital as well as other documents.
Compliance requirements for digital data can also be classified in four
categories: integrity, retention, accessibility and auditability. And the
systems used for back-up recovery and archive provide the foundation for meeting
these four main
requirements.
Organizations need to maintain an available, verifiable and intact copy of
data. A solid framework of automated backup infrastructure, procedures,
verification and offsite vaulting is needed to ensure data integrity, even in
the event of physical or logical destruction.
Classify your data
Proper classification of data throughout its lifecycle is imperative.
Regulations may govern how long data needs to be retained and these requirements
ought to be part of the classification criteria. These requirements will, in
turn, mandate that data be stored in the most appropriate format and media, and
migrated prudently.
Data accessibility requirements vary depending on their type, when they were
instituted and regulations. Organizations need to be able to securely find
and access data for discovery, so it's vital to establish recovery time
objectives for different classes of data and assign the data to the appropriate,
most cost-effective storage device. Maintaining a well-ordered index and search
capability also helps recover the data.
Beyond managing data, organizations must ensure their policies are working. A
secure, controlled audit trail should be maintained to track data creation,
changes and deletion as well as access, permission and structural changes.
An efficient foundation of back-up, recovery and archive combines appropriate
technology and operational best practices. If the business gains control of
its storage environment, it can achieve compliance and evolve to meet future
business objectives. By using a flexible, evolutionary approach to data
protection, it is also possible to cut the cost of ownership and increase
confidence in the integrity of the stored data.
Sunny John is Country Manager of Quantum India