Click here to close now.


Agile Computing Authors: Harry Trott, Brian Daleiden, Elizabeth White, Liz McMillan, Tim Hinds

News Feed Item

Symantec's 2012 Information Retention and eDiscovery Survey Reveals Improvement in Planning but More Failures in Policy Implementation

Substantial Gap Remains Between Beliefs and Practices in Retention Policies

MOUNTAIN VIEW, CA -- (Marketwire) -- 01/10/13 -- Symantec Corp. (NASDAQ: SYMC) today announced the findings of its 2012 Information Retention and eDiscovery Survey which examined how enterprises manage their ever-growing volumes of electronically stored information (ESI) and prepare for the eventuality of an eDiscovery request. The study found the percentage of organizations without a formal information retention plan dropped by half from the 2011 survey. However, even with this improvement, organizations struggle with implementing their information retention plans as only a third of organizations report their plan is fully operational.

Read Blog Post: If You Fail to Implement Your Information Retention Plan, Then You Plan to Fail
Click to Tweet: Symantec survey reveals improvement in information retention planning but more failures in policy implementation

Non-implemented plans risky to organizations
Nearly two-thirds (60 percent) of organizations say they have a formal retention plan, yet only 34 percent report those plans are fully operational. The perceived cost of implementing their plans is reported to be the most common reason why organizations are lagging in plan implementation. The survey found that only 7 percent of organizations don't have any plans in place, a 50 percent drop from 14 percent of organizations reported in the 2011 survey.

Even more concerning is that while they received on average 17 requests for electronically stored information, these requests failed 31 percent of the time. This is significantly higher than the 20 percent of failures reported in 2011. Each time a failure occurs, the organization is at risk. Forty-three percent reported the inability to make decisions in a timely fashion as the biggest consequence of these failures. Other consequences reported include damage to reputation, compromised legal position, fines, raised profile as a litigation target and court sanctions.

"The survey highlights that, although there is a reduction in the number of organizations without an information retention plan, organizations haven't fully funded and implemented their plans," said Trevor Daughney, Director, Information Intelligence Group, Symantec. "With the number of ESI requests and failures to obtain requested information increasing, organizations face risks that are much more costly in the long run than implementing their plans."

No improvement in gap between retention beliefs & practices
There is still a substantial gap between beliefs and practices in retention policies, which has not significantly changed year over year. Eighty-one percent of respondents believe that a proper information retention plan allows organizations to delete information on an ongoing basis. However, 42 percent of backups are indefinitely retained by organizations. This is virtually unchanged from the 2011 results. And, information that is deleted by organizations is often deleted without considering established retention policies.

The most reported negative consequences resulting from preserving more electronically stored information than necessary include: Increased costs associated with collection, analysis and review (54 percent); increased time spent to collect, analyze and review ESI (47 percent); increased risk that sensitive information may be disclosed (44 percent); compromised position in potential or actual litigation (27 percent); and information unintentionally made available for potential future litigation (28 percent).

The survey also reports that organizations are keeping information longer than is needed, and keeping the data within backups rather than archives for legal holds, which reduces efficiencies when performing an ESI request. The survey reveals that 38 percent of data that organizations back up is not needed or shouldn't be kept in backup. In fact, respondents say that a third of backup data (34 percent) shouldn't be kept and is unnecessary due to litigation risk.

More than half of organizations keep that data indefinitely: 56 percent of organizations reported that their backup storage is used for infinite retention that is dedicated to legal hold. This has grown from 43 percent in 2011 and continues to get worse. Further, 85 percent of organizations routinely perform legal holds in their backups, which are not designed to be accessed in the same way as an archive.

Majority of organizations impacted by data privacy laws & regulations
As expected, data privacy laws and regulations have significant impact on organizations with 53 percent reporting that laws and/or regulations impact archiving and eDiscovery initiatives. However, there are many reasons respondents report collecting electronically stored information including: Litigation (60 percent); internal investigations (59 percent); internal compliance initiatives (58 percent); compliance with international regulations and laws (57 percent); compliance with local regulations and laws (55 percent); governmental inquiries or investigations (52 percent); and public information requests (46 percent).

Following are recommendations that organizations can implement to help them more effectively implement their information retention plan:

  • Adopt a defensible deletion mindset: When organizations can adopt a defensible deletion mindset they can delete information with confidence according to their information retention policies.
  • Err on the side of fewer, rather than many, retention policies: This improves the odds of successful information governance. Start with deleting obvious unnecessary files, then set minimum retention periods for compliance. Additional policies can be added later, if necessary.
  • Automate privacy, retention and compliance policies to reduce risk: Allowing your policies to automatically work as they are designed not only reduces the risk of inconsistencies in policy implementation, but reduces the risk of unintentional access or distribution of information.
  • Implement a solution in which legal holds can override expiry policies: Consider a unified eDiscovery solution where legal holds can be easily implemented to override expiry policies to avoid spoliation and sanctions.
  • Don't use backups for long term retention: Backups are for recovery, archiving is for discovery. Deploy an archiving solution to quickly and easily respond to search requests for electronically stored information.


Connect with Symantec

About Symantec
Symantec protects the world's information, and is a global leader in security, backup and availability solutions. Our innovative products and services protect people and information in any environment -- from the smallest mobile device, to the enterprise data center, to cloud-based systems. Our world-renowned expertise in protecting data, identities and interactions gives our customers confidence in a connected world. More information is available at or by connecting with Symantec at:

NOTE TO EDITORS: If you would like additional information on Symantec Corporation and its products, please visit the Symantec News Room at All prices noted are in U.S. dollars and are valid only in the United States.

Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.

FORWARD-LOOKING STATEMENTS: Any forward-looking indication of plans for products is preliminary and all future release dates are tentative and are subject to change. Any future release of the product or planned modifications to product capability, functionality, or feature are subject to ongoing evaluation by Symantec, and may or may not be implemented and should not be considered firm commitments by Symantec and should not be relied upon in making purchasing decisions.

Jerry Gowen
Symantec Corporation
+1 503-690-4714
Email Contact

Chris Walker
Connect Marketing
+1 801-373-7888
Email Contact

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

@ThingsExpo Stories
The Internet of Things (IoT) is growing rapidly by extending current technologies, products and networks. By 2020, Cisco estimates there will be 50 billion connected devices. Gartner has forecast revenues of over $300 billion, just to IoT suppliers. Now is the time to figure out how you’ll make money – not just create innovative products. With hundreds of new products and companies jumping into the IoT fray every month, there’s no shortage of innovation. Despite this, McKinsey/VisionMobile data shows "less than 10 percent of IoT developers are making enough to support a reasonably sized team....
Internet of @ThingsExpo, taking place June 7-9, 2016 at Javits Center, New York City and Nov 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with the 18th International @CloudExpo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world and ThingsExpo New York Call for Papers is now open.
With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @ThingsExpo 2016 in New York and Silicon Valley. Learn what is going on, contribute to the discussions, and ensure that your enterprise is as "IoT-Ready" as it can be! Internet of @ThingsExpo, taking place Nov 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 17th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The Internet of Things (IoT) is the most profound cha...
Just over a week ago I received a long and loud sustained applause for a presentation I delivered at this year’s Cloud Expo in Santa Clara. I was extremely pleased with the turnout and had some very good conversations with many of the attendees. Over the next few days I had many more meaningful conversations and was not only happy with the results but also learned a few new things. Here is everything I learned in those three days distilled into three short points.
DevOps is about increasing efficiency, but nothing is more inefficient than building the same application twice. However, this is a routine occurrence with enterprise applications that need both a rich desktop web interface and strong mobile support. With recent technological advances from Isomorphic Software and others, rich desktop and tuned mobile experiences can now be created with a single codebase – without compromising functionality, performance or usability. In his session at DevOps Summit, Charles Kendrick, CTO and Chief Architect at Isomorphic Software, demonstrated examples of com...
As organizations realize the scope of the Internet of Things, gaining key insights from Big Data, through the use of advanced analytics, becomes crucial. However, IoT also creates the need for petabyte scale storage of data from millions of devices. A new type of Storage is required which seamlessly integrates robust data analytics with massive scale. These storage systems will act as “smart systems” provide in-place analytics that speed discovery and enable businesses to quickly derive meaningful and actionable insights. In his session at @ThingsExpo, Paul Turner, Chief Marketing Officer at...
In his keynote at @ThingsExpo, Chris Matthieu, Director of IoT Engineering at Citrix and co-founder and CTO of Octoblu, focused on building an IoT platform and company. He provided a behind-the-scenes look at Octoblu’s platform, business, and pivots along the way (including the Citrix acquisition of Octoblu).
In his General Session at 17th Cloud Expo, Bruce Swann, Senior Product Marketing Manager for Adobe Campaign, explored the key ingredients of cross-channel marketing in a digital world. Learn how the Adobe Marketing Cloud can help marketers embrace opportunities for personalized, relevant and real-time customer engagement across offline (direct mail, point of sale, call center) and digital (email, website, SMS, mobile apps, social networks, connected objects).
The Internet of Everything is re-shaping technology trends–moving away from “request/response” architecture to an “always-on” Streaming Web where data is in constant motion and secure, reliable communication is an absolute necessity. As more and more THINGS go online, the challenges that developers will need to address will only increase exponentially. In his session at @ThingsExpo, Todd Greene, Founder & CEO of PubNub, exploreed the current state of IoT connectivity and review key trends and technology requirements that will drive the Internet of Things from hype to reality.
Two weeks ago (November 3-5), I attended the Cloud Expo Silicon Valley as a speaker, where I presented on the security and privacy due diligence requirements for cloud solutions. Cloud security is a topical issue for every CIO, CISO, and technology buyer. Decision-makers are always looking for insights on how to mitigate the security risks of implementing and using cloud solutions. Based on the presentation topics covered at the conference, as well as the general discussions heard between sessions, I wanted to share some of my observations on emerging trends. As cyber security serves as a fou...
Continuous processes around the development and deployment of applications are both impacted by -- and a benefit to -- the Internet of Things trend. To help better understand the relationship between DevOps and a plethora of new end-devices and data please welcome Gary Gruver, consultant, author and a former IT executive who has led many large-scale IT transformation projects, and John Jeremiah, Technology Evangelist at Hewlett Packard Enterprise (HPE), on Twitter at @j_jeremiah. The discussion is moderated by me, Dana Gardner, Principal Analyst at Interarbor Solutions.
With all the incredible momentum behind the Internet of Things (IoT) industry, it is easy to forget that not a single CEO wakes up and wonders if “my IoT is broken.” What they wonder is if they are making the right decisions to do all they can to increase revenue, decrease costs, and improve customer experience – effectively the same challenges they have always had in growing their business. The exciting thing about the IoT industry is now these decisions can be better, faster, and smarter. Now all corporate assets – people, objects, and spaces – can share information about themselves and thei...
Too often with compelling new technologies market participants become overly enamored with that attractiveness of the technology and neglect underlying business drivers. This tendency, what some call the “newest shiny object syndrome” is understandable given that virtually all of us are heavily engaged in technology. But it is also mistaken. Without concrete business cases driving its deployment, IoT, like many other technologies before it, will fade into obscurity.
The Internet of Things is clearly many things: data collection and analytics, wearables, Smart Grids and Smart Cities, the Industrial Internet, and more. Cool platforms like Arduino, Raspberry Pi, Intel's Galileo and Edison, and a diverse world of sensors are making the IoT a great toy box for developers in all these areas. In this Power Panel at @ThingsExpo, moderated by Conference Chair Roger Strukhoff, panelists discussed what things are the most important, which will have the most profound effect on the world, and what should we expect to see over the next couple of years.
Discussions of cloud computing have evolved in recent years from a focus on specific types of cloud, to a world of hybrid cloud, and to a world dominated by the APIs that make today's multi-cloud environments and hybrid clouds possible. In this Power Panel at 17th Cloud Expo, moderated by Conference Chair Roger Strukhoff, panelists addressed the importance of customers being able to use the specific technologies they need, through environments and ecosystems that expose their APIs to make true change and transformation possible.
Microservices are a very exciting architectural approach that many organizations are looking to as a way to accelerate innovation. Microservices promise to allow teams to move away from monolithic "ball of mud" systems, but the reality is that, in the vast majority of organizations, different projects and technologies will continue to be developed at different speeds. How to handle the dependencies between these disparate systems with different iteration cycles? Consider the "canoncial problem" in this scenario: microservice A (releases daily) depends on a couple of additions to backend B (re...
Growth hacking is common for startups to make unheard-of progress in building their business. Career Hacks can help Geek Girls and those who support them (yes, that's you too, Dad!) to excel in this typically male-dominated world. Get ready to learn the facts: Is there a bias against women in the tech / developer communities? Why are women 50% of the workforce, but hold only 24% of the STEM or IT positions? Some beginnings of what to do about it! In her Day 2 Keynote at 17th Cloud Expo, Sandy Carter, IBM General Manager Cloud Ecosystem and Developers, and a Social Business Evangelist, wil...
PubNub has announced the release of BLOCKS, a set of customizable microservices that give developers a simple way to add code and deploy features for realtime apps.PubNub BLOCKS executes business logic directly on the data streaming through PubNub’s network without splitting it off to an intermediary server controlled by the customer. This revolutionary approach streamlines app development, reduces endpoint-to-endpoint latency, and allows apps to better leverage the enormous scalability of PubNub’s Data Stream Network.
The cloud. Like a comic book superhero, there seems to be no problem it can’t fix or cost it can’t slash. Yet making the transition is not always easy and production environments are still largely on premise. Taking some practical and sensible steps to reduce risk can also help provide a basis for a successful cloud transition. A plethora of surveys from the likes of IDG and Gartner show that more than 70 percent of enterprises have deployed at least one or more cloud application or workload. Yet a closer inspection at the data reveals less than half of these cloud projects involve production...
Apps and devices shouldn't stop working when there's limited or no network connectivity. Learn how to bring data stored in a cloud database to the edge of the network (and back again) whenever an Internet connection is available. In his session at 17th Cloud Expo, Ben Perlmutter, a Sales Engineer with IBM Cloudant, demonstrated techniques for replicating cloud databases with devices in order to build offline-first mobile or Internet of Things (IoT) apps that can provide a better, faster user experience, both offline and online. The focus of this talk was on IBM Cloudant, Apache CouchDB, and ...