As we've referenced before, more than half of all organizations have experienced a data-related incident. Out of those who reported an actual breach, half attributed it to hacking and the other half to employee negligence. Unfortunately, according to the report, about a third of these negligent acts were willful. Let's explore a few areas that are particularly high risk and can be solved by a complete records and retention management program.
While the information governance community has made advancements in other areas, email is sorely lacking behind. Despite the fact that email creates nearly five times as many documents that can be classified as records compared to other document types, the records and retention management system for email in most organizations is insufficient. Furthering the problem is the abundance of emails sent from mobile devices which often provide incomplete records of where emails were sent and which attachments were involved.
The servers themselves have been unreliable as well according to the AIIM report as there has been poor coordination between SharePoint and Exchange developments. The overall lack of consistent and universal policies around email is at the core of these issues. Emails are quite often used as evidence in legal cases, so their importance should not be understated. It is a critical area for every organization to consider when implementing their information governance program.
Data retention and reducing storage are key elements of any information governance program. According to the AIIM report, however, only a small portion of the content stored by most organizations is correctly tagged and typed and thus has a defined retention period. The remaining content is often redundant, trivial or obsolete, also known as ROT. We discussed ROT in a previous blog post.
Despite the best intentions of most organizations, the numbers from those surveyed who are practicing effective retention management is staggeringly low. For example, only 11% of file share systems, 28% of SharePoint systems and 18% of cloud share systems had proper retention periods in place. In fact, only 67% of record management systems have effective retention management.
We all know the importance of legal holds and the potential rammifications of extensive eDiscovery. We wrote a blog post about a while back with some pretty sobering statistics. Many organizations have discovered the unfortunate reality of being unprepared and scrambling to recover the needed records in the event of a lawsuit. In fact, 31% of large organizations are managing multiple holds at a time. However, even mid-sized and small businesses need to have a legal hold system in place. One lawsuit could cripple their financial future or at the very least cost an incredible amount of time and undue stress.
As with the other areas, legal holds are a crucial part of an organization's overall information governance strategy and should be considered at every stage and throughout all parts of the organization. Ensuring that these holds are able to be placed on all types of records regardless of the repository is another key consideration.
Where To Go From Here
The good news is that as technology has continued to improve, solving these challenges has become easier. Companies are also more open to moving their records to the cloud as the security of that storage method has improved dramatically. This has also allowed records and retention management to become part of the overall information governance strategy.
Here at RecordLion, our software allows for true in-place information governance, meaning that an organization does not need to move their records regardless of the repository in which they may be located. This means you can apply governance policies to all information, records and files throughout the enterprise whether data resides in SharePoint, Office 365, File Systems, Email, cloud storage, SQL Server, ERP, CRM, or other business systems.