Home > What are some best practices for retaining data in a highly regulated business environment?
FAQ:
EMAIL THIS

What are some best practices for retaining data in a highly regulated business environment?

14 Mar 2007 | Kevin Beaver

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   

Storage security information
Why and how your storage environment will be attacked

Five must-have storage security testing tools

Protect your data from hidden threats
Have a good information retention policy. I see a lot of organizations where they retain backups or copies of databases, but they don't know why they're retaining it or for how long. This not only demands storage space, but can also consume network bandwidth, CPU cycles and present a potential liability issue by retaining vast quantities of sensitive information that are susceptible to attack. There's no need to reinvent the wheel. Sample policies can easily be obtained from sources on the Internet.

If possible, the storage administrator or network administrator should try to get other people involved in the retention process. Don't develop a retention policy on your own; mainly because you won't be able to enforce it, especially if management has not bought into it. Perhaps create a compliance committee or IT governance committee to form the foundation of retention practices that encompass technical issues, as well as business considerations, including legal and human resources.

Remember that it's not just about laws and regulations. You're also potentially dealing with litigation and discovery requests, so you must determine what to keep and how long it really needs to be kept. If you retain data longer than necessary, it can actually create some liabilities during litigation. The information you're retaining must be searchable and retrievable within a timely manner, so use the technology, such as content indexing, to support retention. The faster a storage organization can facilitate an investigation or discovery request, the less expensive and disruptive it will be to the business.

You must also demonstrate that you have a secure storage environment for all of the data and information being protected. If trouble strikes and investigation proves that you do not have secure storage or a sound retention policy, or are not following the established policy, it will create additional legal problems for the enterprise.

Listen to the Storage Security FAQ audiocast here.

Go to the beginning of the Storage Security FAQ Guide.



BROWSE BY TAG
Frequently asked questions,   Testing and best practices,   Storage Security FAQ,   VIEW ALL TAGS

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   



RELATED CONTENT
Testing and best practices
How can I convince my network admin that data at rest is more vulnerable than data in transit?

RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary




Find Data Reduction
TechTarget Storage Media
Storage Magazine View this month\\'s issue and subscribe today.
Storage Decisions Apply online for free conference admission.
SearchStorage.com
HomeNewsMagazineTopicsLearningMultimediaWhite PapersBlogsEventsAbout Us
SEARCH :     Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2000 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts