Organizations are at a critical crossroads when it comes to their data. Did you know that:
- Since 2008, e-mail stores have grown by nearly 500 percent?
- Other forms of unstructured data storage, which have ballooned by roughly 700 percent over the same
Of that data, less than a third typically has significant value:
- The average organization with 5,000 employees stores 325 terabytes of expired or duplicative data.
- However, only 105 terabytes of information that has business value or that is subject to a legal hold.
But all of that data can represent compliance, regulatory or legal risk. According to the ERM Initiative at North Carolina State University:
- Of corporate executives, 63% were surprised by an adverse operational surprise “somewhat” to “extensively” in the past five years with large organizations and public companies reporting a higher percentage.
- Despite this, only 25% of these executives believe their organization has implemented a “complete formal enterprise-risk management process.”
When, inevitably, litigation, regulatory investigations, or privacy breaches occur, the pain associated with these events rises in correlation with an organization’s data store. The greater the data inventory, the more expensive—and risky—each of these events can be. Further, it is no longer acceptable to have a “wait and see” approach. Regulators are insisting in a more pro-active approach to identifying and remediating adverse issues and events before they become severe.
Despite these trends, between strict federal and state laws and regulations governing data retention and the risk of court sanctions for spoliation, some organizations have preferred to hoard their data out of an abundance of caution. These organizations have lax, if any, disposal procedures. Others swing to the other end of the spectrum, mandating the automatic deletion of everything after a brief retention period. Yet businesses that insist upon a harsh approach can breed resistance among employees. Impose a deletion policy that is too aggressive, and employees may resort to underground archiving methods, such as printing hard copies of every document, storing records locally on hard drives or USB drives, or sending files to their personal e-mail accounts (thus making discovery more difficult, more expensive and more risky).
To address these risks and costs, many organizations are adopting consistent, disciplined discovery response processes and automated deletion systems. Once their data is under control, organizations now have a new generation of technology available to apply customized Big Data analytics., which can identify compliance, regulatory and legal risks and allow to organization to address these risks before they become a liability.