By Joe Noonan, Vice President, Product Management, Unitrends and Spanning (Kaseya companies)

We are swimming in a sea of data.

More than 2.5 quintillion bytes of data are created daily in every shape and form – from big data and time-stamped data to real-time data and dark data. Then, there are the emails, presentations, documents, records and files that are constantly being produced, updated, edited and stored within organizations.

How should companies sort, collect, store, recover and, yes, destroy data? Should companies store every piece of data just in case it may provide some value in the future? These data management questions are familiar to Fortune 100 enterprises as well as small and mid-sized companies. Every company, regardless of size, is struggling with rapidly growing volumes of data, the challenge of where to store files, how to ensure they remain accessible and how to efficiently destroy them at the end of their legal or useful life. Large enterprises have the luxury of hiring professionally trained records managers, but for SMBs, it is IT that has to deal with the challenge.

Data Hoarders

One of the biggest challenges faced by all organizations is that everyone thinks they are an expert in data management. There is a natural human inclination to save all your data in the belief that it will be needed or become reusable at some point in the future. The fact that it rarely happens doesn’t deter anyone from becoming a data hoarder.

People become their own records managers by creating repositories of all data that crosses their paths. Some people go so far as to save literally everything they’ve ever created, including all emails (some including auto replies), attachments, docs, PPTs and spreadsheets, regardless of any direction they receive from corporate. IT can tell you that entire storage arrays are crammed with old files users will go to great lengths to protect. Access to a cloud has only made this worse.

Professional records managers will tell you that only 2-3 percent of corporate information truly needs to be preserved, mostly information on patents, intellectual property and legal actions. The rest is called “transitory data,” defined as data that is only important around the time of its creation. The vast amount of information created (and saved by data hoarders) is really transitory data.

Old Data Can Hurt You

As for this vast amount of saved and hoarded data – early on, lawyers and records managers learned that “old data can hurt you” by surfacing at just the wrong time.

When a company gets sued, one of the first actions of the court is to order a search of all corporate documents for any relevant information. This is a legal action during the discovery phase of any proceeding. Any documents or files found that are remotely applicable are required to be placed “on-hold” and not destroyed for any reason. Lawyers for both sides then review the information to assess its value, and irrelevant data is then taken off hold and allowed to resume its normal life cycle. This is very expensive in both time and resources.

No one assumes that enterprises save all data forever. Courts understand that corporations have data retention policies that include when data should be destroyed. If the contested event occurred years ago, past the formal, corporate-mandated destruction date for corporate records, there is no penalty for not having files for the lawyers to review. The court proceeds with the available data.

However, if files are later found or leaked (as happens more frequently) from a private stash, then the company is potentially in violation of a court order. Even if the lawsuit is unsuccessful, the corporation still has to deal with the court violation. This is called “spoliation” – intentional, reckless, or negligent withholding, hiding, altering, fabricating, or destroying evidence relevant to a legal proceeding – and courts take this very seriously.

Also, there are now privacy laws, such as the EU General Data Protection Regulation (GDPR), that make deletion of personal or identifiable data a legal requirement.

Backup Appliances Have Data Deletion Options for a Reason

Enterprises of all sizes need to have some form of data management. This includes protecting mandated data for only the correct period of time. Companies need to archive tax information, financial reporting data, health records, credit transactions, etc. for the legally mandated time. Although, just as important, companies should delete those files when the mandates expire.

Leading edge backup appliances have the ability to automatically manage backups through their life cycle. A comprehensive Archiving User Interface (UI) can automate a GFS (Grandfather, Father, Son) archiving strategy. As data ages, it can be set to automatically move to remote devices, locations and/or the cloud. Old data can be consolidated into monthly or yearly compilations with the oldest files automatically deleted as the data passes retention mandates.

The delete function is a beautiful thing. It legally and prudently destroys data files that, at best, are just taking up space, but potentially can cause harm to the enterprise. 

Joe Noonan has spent over 17 years delivering hardware and software technology solutions for virtualization, cloud, data protection and disaster recovery. He has worked for Unitrends since 2010, driving its software product strategy for data protection, recovery automation, and cloud disaster recovery and migration. Joe has also held roles in developing technology alliances and now is VP of Product Management and Marketing for Unitrends and Spanning, Kaseya companies. Joe holds a BS in Electrical Engineering and an MBA, both from Villanova University.