latest updates from easySERVICE™
Most compliance mandates grew out of the idea that it is important to keep copies of company records. In other words, compliance is not an outgrowth of some “techie” principle; it is an outgrowth of longstanding common sense. You keep copies of data for the same reasons people always have kept copies of cancelled checks or old tax returns: It’s prudent. Regulatory compliance is a legal mandate compelling the same behavior that responsible people already engage in anyway. Such mandates are often imposed, at least in part, because irresponsible people weren’t doing what they should have been.
That being said, compliance in a business environment happens because a regulatory or an internal IT policy requirement is in place, with equal emphasis on internal policy. “Regulatory” results from some outside governmental or industrial agency/entity requiring compliance. IT policy-based compliance, on the other hand, might stem from a mandate from the CFO or COO that the company should keep this data. Often the two marching orders will overlap, but not always.
In many cases, the main reason one is required to retain data, other than to pass an auditor’s inspection, is to stay prepared in case of an e-discovery event. As part of litigation, some party may request that the organization produce or surrender electronic information, and it will have to comply.
Grooming data from primary storage is important. Retaining data properly for long-term preservation is important. But deleting data must factor into any solid approach to archiving as well. An IT organization needs to know how long to retain data, and when/how that data should be destroyed.
Otherwise, data simply is stored indefinitely … until at some point, the organization decides it would like to scrap some or all of it. At that point, the process of determining what to delete can be daunting, particularly considering that different regulators have been known to issue a variety of (at times) contradictory retention mandates. Yes, some records should live forever, but most data declines in value with time and may have a legally mandated retention period of just a few years.
Here, the principles of efficient storage grooming and responsible legal compliance meld to help an IT organization create a defensible policy aimed at matching retention requirements to data characteristics.
Having a defensible plan/policy in place for getting rid of data is important because:
However, the bottom line is that the less information that is stored, the lower the likelihood is of someone finding something to hang legal action onto. A defensible deletion policy reduces risk—making it, by definition, good business.
More than half of the companies that ESG surveyed (55%) have a formal deletion policy. That’s the good news. The bad news is that, of the remaining respondents, 36% are disposing of data on an ad hoc basis only, and 9% are not disposing of their data at all.
Cloud technology allows companies to plan for this type of disaster by having several suppliers available to replace those unable to meet demand requirements. Today, many of the high-tech companies with a concentrated supply of goods in Thailand have embraced diversification and cloud to ensure they have a backup source for parts. By creating an agile supply network, they can assess inventory in the supply chain and expedite and re-route as necessary.
At easySERVICE, our cloud-like server is both persistent and highly elastic. You get the best of both worlds since it looks and feel like a traditional server but is on-demand and better than cloud. So no matter what you need something simple or something highly customized and complex, we bring the expertise, support and services that no other provider can deliver.
If you’d like to discuss any of the above best practices or lessons learned with us or to learn more about how we are partnering with companies just like yours to ensure the availability of mission-critical applications, please contact us at (855) US STELLAR.