From its earliest days, enterprise IT has been involved with the storage and handling of business data, images and records, which I'll identify collectively as "data assets." This term has historically encompassed functions from backup to recovery to storage to archiving, as well as legal and regulatory discovery. Not long ago, the vast majority of managed data assets were physical – boxes of paper, tapes, disks, pictures, etc. However, today's digital data is exploding and driving changes in handling and management.
Data management firms help reduce costs and risks
Many companies turn to data storage and protection firms to reduce the costs and risks associated with protecting, destroying, storing and recovering physical data assets. The following are the primary drivers:
- an explosive increase in the volume of data
- the space demands and logistics of physical storage
- the increasing difficulty and effort required by manual discovery, and
- the escalating liabilities and legal risks for IT and business managers.
Mandates associated with compliance, good governance, protection and discovery and rules for preservation dictate how digital data is treated. The perceived mismanagement of this data carries serious risks of punishment – even jail time. Protection and discovery caused a dramatic spike in concern with the decision in FRCP Rule 26, which states that the same legal discovery process rules apply equally to physical and electronic records.
The combination of legislated accountability and good corporate governance put enterprise IT and the data center at the center of operational implementation and accountability. Enterprise IT and legal departments found the burdensome impact of management and discovery efforts to be expensive and risky. For instance, there are risks for not finding required items and risks for finding too much. IT faces three choices: becoming experts in digital data asset handling for records management, data protection and recovery and information destruction or finding someone that is.
Boston-based, Iron Mountain Inc. serves more than 14,000 business customers, protects 9+ petabytes of data and stores over 8 billion e-mails. In November 2007, Iron Mountain acquired Stratify Inc., a large e-discovery service provider. With this acquisition, Iron Mountain Digital now provides a complete, end-to-end e-discovery solution to manage paper and digital information for legal discovery, regulatory investigations and compliance audits. The company can leverage the strengths of 'physical' Iron Mountain (the largest custodian of information in the world) with an integrated digital, document management and partner.
Defining data asset management categories
John Clancy, CEO and president of Iron Mountain Digital, provided some tips to get the maximum benefit from digital data management. First, it is important to understand your data asset management requirements. This means knowing what and how to classify the assets to be managed.
One classification identifies how data assets are used, how often the data changes and with what speed and frequency it's accessed. This first step divides data into highly volatile or 'active' data and 'episodic' data, which is more stable with infrequent changes. Only periodic access, if any, is required of episodic data. Active data is not a good candidate for off-site management and storage. Episodic data is the better candidate for off-site storage and management. Of course, these terms must be defined in terms relevant for your situation.
You will also want to separate data assets based on mandates and governance since they dictate how the data asset must be treated. Episodic data assets require specific handling and treatment. This can involve requirements for establishing and maintaining a "chain of custody," security levels for storage, require encryption, access limitations, length of time preserved, categorization for search, etc.
You should also understand the difference between data that is managed for backup and restore versus archiving assets. Each concept involves different treatment with different results when accessed and used. You also have to assign a value to the data assets. It makes little sense to spend a lot of money protecting data with low-level risk or value to the enterprise. The rules for engagement and treatment of digital assets are not all that different from those for physical assets.
These are just some of the items to be considered. If you want additional help in determining or classifying your data assets, Iron Mountain Digital offers consulting services, as do several other players , including EMC and IBM.
Comments? Think I've overlooked something? Send me your thoughts, comments and suggestions at firstname.lastname@example.org. ABOUT THE AUTHOR: Richard Ptak is an analyst with Ptak, Noel & Associates. He has over 30 years experience in systems product management.