Vulnerabilities / Threats // Insider Threats
8/4/2010
07:15 PM
50%
50%

Data Retention Policies Absent Or Partially Implemented

Almost 90% of IT and legal pros value data retention plans, but less than half their organization have them and many fail to follow through with required technology, finds Applied Research survey.

When it comes to retaining important emails and other records, 87% of IT and legal professionals believe that having a formal data retention plan is important for knowing which information to retain or delete. But only 46% of their organizations actually have such a plan.

That's according to a new study released by Symantec, based on a June 2010 survey of 1,680 senior IT and legal executives in 26 countries, conducted by Applied Research.

"There's definitely a gap in terms of what people perceive as important around information management -- around retention policies, deletion policies -- and what their actual practices are," said Danny Milrad, senior manager of product marketing for information management at Symantec.

In some cases, organizations create good retention and deletion policies, but fail to follow through with required technology. For example, in 2009, the Massachusetts attorney general launched an investigation into the city of Boston's email retention practices, or lack thereof, after it emerged that the chief of policy and planning had deleted his work email on an almost daily basis, and that his emails hadn't been retained.

Last week, however, the state's attorney general dropped the case against him, noting that the city's own archives and records management division "actually encouraged employees, in concrete, easy to understand language, to routinely delete emails," which the city officially stored for three years. Unfortunately, no such storage system was in place, though the city has since begun to rectify the problem.

Boston aside, many organizations lack any clear policies, resulting in a pack-rat approach to retention. Deleting nothing, however, creates its own problems, because storage isn't cheap. For example, the Symantec study found that 75% of enterprises use their backup systems to satisfy legal hold requests, and that such holds account for 45% of their total backup storage volume. Furthermore, by some estimates, approximately 70% of all stored data is duplicate data.

Taken to extremes, this volume of stored information can literally start to consume the company. "We had a customer in the UK that had so many backup tapes that they had to shut down the company's swimming pool to build a storage facility," said Milrad. "For electronic discovery requests, how much does it cost to pull those tapes out and find the information?" With 250,000 tapes in total, the cost and time required could be substantial.

If that example is a storage-volume outlier, it previews where many companies are headed. The lesson, then, is to have a plan and put the right technology in place to ensure that your organization sticks to the plan, said Milrad. "Being able to defend your information management plan is what's going to be able to keep your CEO out of the news, for reasons they shouldn't be in the news."

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-7266
Published: 2015-02-01
Algorithmic complexity vulnerability in Cybozu Remote Service Manager through 2.3.0 and 3.x through 3.1.2 allows remote attackers to cause a denial of service (CPU consumption) via vectors that trigger colliding hash-table keys. NOTE: this vulnerability exists because of an incomplete fix for CVE-2...

CVE-2014-7269
Published: 2015-02-01
ASUS JAPAN RT-AC87U routers with firmware 3.0.0.4.378.3754 and earlier, RT-AC68U routers with firmware 3.0.0.4.376.3715 and earlier, RT-AC56S routers with firmware 3.0.0.4.376.3715 and earlier, RT-N66U routers with firmware 3.0.0.4.376.3715 and earlier, and RT-N56U routers with firmware 3.0.0.4.376....

CVE-2014-7270
Published: 2015-02-01
Cross-site request forgery (CSRF) vulnerability on ASUS JAPAN RT-AC87U routers with firmware 3.0.0.4.378.3754 and earlier, RT-AC68U routers with firmware 3.0.0.4.376.3715 and earlier, RT-AC56S routers with firmware 3.0.0.4.376.3715 and earlier, RT-N66U routers with firmware 3.0.0.4.376.3715 and earl...

CVE-2014-8630
Published: 2015-02-01
Bugzilla before 4.0.16, 4.1.x and 4.2.x before 4.2.12, 4.3.x and 4.4.x before 4.4.7, and 5.x before 5.0rc1 allows remote authenticated users to execute arbitrary commands by leveraging the editcomponents privilege and triggering crafted input to a two-argument Perl open call, as demonstrated by shel...

CVE-2014-9200
Published: 2015-02-01
Stack-based buffer overflow in an unspecified DLL file in a DTM development kit in Schneider Electric Unity Pro, SoMachine, SoMove, SoMove Lite, Modbus Communication Library 2.2.6 and earlier, CANopen Communication Library 1.0.2 and earlier, EtherNet/IP Communication Library 1.0.0 and earlier, EM X8...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
If you’re a security professional, you’ve probably been asked many questions about the December attack on Sony. On Jan. 21 at 1pm eastern, you can join a special, one-hour Dark Reading Radio discussion devoted to the Sony hack and the issues that may arise from it.