Welcome!

Agile Computing Authors: Zakia Bouachraoui, Pat Romanski, Yeshim Deniz, Liz McMillan, Elizabeth White

News Feed Item

Symantec's 2012 Information Retention and eDiscovery Survey Reveals Improvement in Planning but More Failures in Policy Implementation

Substantial Gap Remains Between Beliefs and Practices in Retention Policies

MOUNTAIN VIEW, CA -- (Marketwire) -- 01/10/13 -- Symantec Corp. (NASDAQ: SYMC) today announced the findings of its 2012 Information Retention and eDiscovery Survey which examined how enterprises manage their ever-growing volumes of electronically stored information (ESI) and prepare for the eventuality of an eDiscovery request. The study found the percentage of organizations without a formal information retention plan dropped by half from the 2011 survey. However, even with this improvement, organizations struggle with implementing their information retention plans as only a third of organizations report their plan is fully operational.

Read Blog Post: If You Fail to Implement Your Information Retention Plan, Then You Plan to Fail
Click to Tweet: Symantec survey reveals improvement in information retention planning but more failures in policy implementation http://bit.ly/SiAeXn

Non-implemented plans risky to organizations
Nearly two-thirds (60 percent) of organizations say they have a formal retention plan, yet only 34 percent report those plans are fully operational. The perceived cost of implementing their plans is reported to be the most common reason why organizations are lagging in plan implementation. The survey found that only 7 percent of organizations don't have any plans in place, a 50 percent drop from 14 percent of organizations reported in the 2011 survey.

Even more concerning is that while they received on average 17 requests for electronically stored information, these requests failed 31 percent of the time. This is significantly higher than the 20 percent of failures reported in 2011. Each time a failure occurs, the organization is at risk. Forty-three percent reported the inability to make decisions in a timely fashion as the biggest consequence of these failures. Other consequences reported include damage to reputation, compromised legal position, fines, raised profile as a litigation target and court sanctions.

"The survey highlights that, although there is a reduction in the number of organizations without an information retention plan, organizations haven't fully funded and implemented their plans," said Trevor Daughney, Director, Information Intelligence Group, Symantec. "With the number of ESI requests and failures to obtain requested information increasing, organizations face risks that are much more costly in the long run than implementing their plans."

No improvement in gap between retention beliefs & practices
There is still a substantial gap between beliefs and practices in retention policies, which has not significantly changed year over year. Eighty-one percent of respondents believe that a proper information retention plan allows organizations to delete information on an ongoing basis. However, 42 percent of backups are indefinitely retained by organizations. This is virtually unchanged from the 2011 results. And, information that is deleted by organizations is often deleted without considering established retention policies.

The most reported negative consequences resulting from preserving more electronically stored information than necessary include: Increased costs associated with collection, analysis and review (54 percent); increased time spent to collect, analyze and review ESI (47 percent); increased risk that sensitive information may be disclosed (44 percent); compromised position in potential or actual litigation (27 percent); and information unintentionally made available for potential future litigation (28 percent).

The survey also reports that organizations are keeping information longer than is needed, and keeping the data within backups rather than archives for legal holds, which reduces efficiencies when performing an ESI request. The survey reveals that 38 percent of data that organizations back up is not needed or shouldn't be kept in backup. In fact, respondents say that a third of backup data (34 percent) shouldn't be kept and is unnecessary due to litigation risk.

More than half of organizations keep that data indefinitely: 56 percent of organizations reported that their backup storage is used for infinite retention that is dedicated to legal hold. This has grown from 43 percent in 2011 and continues to get worse. Further, 85 percent of organizations routinely perform legal holds in their backups, which are not designed to be accessed in the same way as an archive.

Majority of organizations impacted by data privacy laws & regulations
As expected, data privacy laws and regulations have significant impact on organizations with 53 percent reporting that laws and/or regulations impact archiving and eDiscovery initiatives. However, there are many reasons respondents report collecting electronically stored information including: Litigation (60 percent); internal investigations (59 percent); internal compliance initiatives (58 percent); compliance with international regulations and laws (57 percent); compliance with local regulations and laws (55 percent); governmental inquiries or investigations (52 percent); and public information requests (46 percent).

Recommendations
Following are recommendations that organizations can implement to help them more effectively implement their information retention plan:

  • Adopt a defensible deletion mindset: When organizations can adopt a defensible deletion mindset they can delete information with confidence according to their information retention policies.
  • Err on the side of fewer, rather than many, retention policies: This improves the odds of successful information governance. Start with deleting obvious unnecessary files, then set minimum retention periods for compliance. Additional policies can be added later, if necessary.
  • Automate privacy, retention and compliance policies to reduce risk: Allowing your policies to automatically work as they are designed not only reduces the risk of inconsistencies in policy implementation, but reduces the risk of unintentional access or distribution of information.
  • Implement a solution in which legal holds can override expiry policies: Consider a unified eDiscovery solution where legal holds can be easily implemented to override expiry policies to avoid spoliation and sanctions.
  • Don't use backups for long term retention: Backups are for recovery, archiving is for discovery. Deploy an archiving solution to quickly and easily respond to search requests for electronically stored information.

Resources

Connect with Symantec

About Symantec
Symantec protects the world's information, and is a global leader in security, backup and availability solutions. Our innovative products and services protect people and information in any environment -- from the smallest mobile device, to the enterprise data center, to cloud-based systems. Our world-renowned expertise in protecting data, identities and interactions gives our customers confidence in a connected world. More information is available at www.symantec.com or by connecting with Symantec at: go.symantec.com/socialmedia.

NOTE TO EDITORS: If you would like additional information on Symantec Corporation and its products, please visit the Symantec News Room at http://www.symantec.com/news. All prices noted are in U.S. dollars and are valid only in the United States.

Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.

FORWARD-LOOKING STATEMENTS: Any forward-looking indication of plans for products is preliminary and all future release dates are tentative and are subject to change. Any future release of the product or planned modifications to product capability, functionality, or feature are subject to ongoing evaluation by Symantec, and may or may not be implemented and should not be considered firm commitments by Symantec and should not be relied upon in making purchasing decisions.

CONTACT:
Jerry Gowen
Symantec Corporation
+1 503-690-4714
Email Contact

Chris Walker
Connect Marketing
+1 801-373-7888
Email Contact

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

IoT & Smart Cities Stories
The deluge of IoT sensor data collected from connected devices and the powerful AI required to make that data actionable are giving rise to a hybrid ecosystem in which cloud, on-prem and edge processes become interweaved. Attendees will learn how emerging composable infrastructure solutions deliver the adaptive architecture needed to manage this new data reality. Machine learning algorithms can better anticipate data storms and automate resources to support surges, including fully scalable GPU-c...
A valuable conference experience generates new contacts, sales leads, potential strategic partners and potential investors; helps gather competitive intelligence and even provides inspiration for new products and services. Conference Guru works with conference organizers to pass great deals to great conferences, helping you discover new conferences and increase your return on investment.
Poor data quality and analytics drive down business value. In fact, Gartner estimated that the average financial impact of poor data quality on organizations is $9.7 million per year. But bad data is much more than a cost center. By eroding trust in information, analytics and the business decisions based on these, it is a serious impediment to digital transformation.
SYS-CON Events announced today that Silicon India has been named “Media Sponsor” of SYS-CON's 21st International Cloud Expo, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Published in Silicon Valley, Silicon India magazine is the premiere platform for CIOs to discuss their innovative enterprise solutions and allows IT vendors to learn about new solutions that can help grow their business.
We are seeing a major migration of enterprises applications to the cloud. As cloud and business use of real time applications accelerate, legacy networks are no longer able to architecturally support cloud adoption and deliver the performance and security required by highly distributed enterprises. These outdated solutions have become more costly and complicated to implement, install, manage, and maintain.SD-WAN offers unlimited capabilities for accessing the benefits of the cloud and Internet. ...
Founded in 2000, Chetu Inc. is a global provider of customized software development solutions and IT staff augmentation services for software technology providers. By providing clients with unparalleled niche technology expertise and industry experience, Chetu has become the premiere long-term, back-end software development partner for start-ups, SMBs, and Fortune 500 companies. Chetu is headquartered in Plantation, Florida, with thirteen offices throughout the U.S. and abroad.
SYS-CON Events announced today that CrowdReviews.com has been named “Media Sponsor” of SYS-CON's 22nd International Cloud Expo, which will take place on June 5–7, 2018, at the Javits Center in New York City, NY. CrowdReviews.com is a transparent online platform for determining which products and services are the best based on the opinion of the crowd. The crowd consists of Internet users that have experienced products and services first-hand and have an interest in letting other potential buye...
Business professionals no longer wonder if they'll migrate to the cloud; it's now a matter of when. The cloud environment has proved to be a major force in transitioning to an agile business model that enables quick decisions and fast implementation that solidify customer relationships. And when the cloud is combined with the power of cognitive computing, it drives innovation and transformation that achieves astounding competitive advantage.
DXWorldEXPO LLC announced today that "IoT Now" was named media sponsor of CloudEXPO | DXWorldEXPO 2018 New York, which will take place on November 11-13, 2018 in New York City, NY. IoT Now explores the evolving opportunities and challenges facing CSPs, and it passes on some lessons learned from those who have taken the first steps in next-gen IoT services.
Cloud-enabled transformation has evolved from cost saving measure to business innovation strategy -- one that combines the cloud with cognitive capabilities to drive market disruption. Learn how you can achieve the insight and agility you need to gain a competitive advantage. Industry-acclaimed CTO and cloud expert, Shankar Kalyana presents. Only the most exceptional IBMers are appointed with the rare distinction of IBM Fellow, the highest technical honor in the company. Shankar has also receive...