INFORMATION LIFECYCLE GOVERNANCE
RC: How concerned should companies be about the consequences of unrestrained data growth? To what extent does this trend expose organisations to increasing costs and legal and compliance risk?
Stein: Unrestrained data growth should be a top priority for companies, and in fact, many are taking more initiative to address its consequences. Legal and IT executives often cite large, unmanaged data volumes as one of the biggest drivers of cost and risk. Aside from requests for information related to litigation against the company, the impact of regulatory inquiries, third-party subpoenas and contractual compliance are significant. We believe that the biggest risk of unrestrained data growth relates to data protection and the potential impact of a data breach. The more data you have, the harder it is to protect it, and the harder it is to understand the content and context of the data so that it can be protected accordingly. The bigger the data universe, the bigger the potential breach and the bigger the remediation costs. We have seen significant brand damage in this context, especially over the past couple of years.
RC: What strategies can companies deploy to more effectively govern the information lifecycle? In your opinion, has there been a lack of desire to invest in robust information lifecycle governance (ILG) policies and procedures?
Stein: In the last 20 years most companies have not been concerned with the last stage of an information management lifecycle: disposition. Disposition should be the consistent and systematic deletion of information, whether electronic or physical. The conventional wisdom was that there was no harm in saving nearly all data forever. Now we have proof that there is substantial risk and cost to saving unneeded data. Risk and cost need to be thoughtfully balanced with any potential benefit of saving the data. Leading practice corporations have developed comprehensive programmes for disposition founded on solid disposition policies, procedures, decision making frameworks and technology enablers.
Oct-Dec 2015 Issue