Welcome!

Cloud Expo Authors: Bernard Golden, Roger Strukhoff, Sandi Mappic, Esmeralda Swartz, Carmen Gonzalez

News Feed Item

Symantec's 2012 Information Retention and eDiscovery Survey Reveals Improvement in Planning but More Failures in Policy Implementation

Substantial Gap Remains Between Beliefs and Practices in Retention Policies

MOUNTAIN VIEW, CA -- (Marketwire) -- 01/10/13 -- Symantec Corp. (NASDAQ: SYMC) today announced the findings of its 2012 Information Retention and eDiscovery Survey which examined how enterprises manage their ever-growing volumes of electronically stored information (ESI) and prepare for the eventuality of an eDiscovery request. The study found the percentage of organizations without a formal information retention plan dropped by half from the 2011 survey. However, even with this improvement, organizations struggle with implementing their information retention plans as only a third of organizations report their plan is fully operational.

Read Blog Post: If You Fail to Implement Your Information Retention Plan, Then You Plan to Fail
Click to Tweet: Symantec survey reveals improvement in information retention planning but more failures in policy implementation http://bit.ly/SiAeXn

Non-implemented plans risky to organizations
Nearly two-thirds (60 percent) of organizations say they have a formal retention plan, yet only 34 percent report those plans are fully operational. The perceived cost of implementing their plans is reported to be the most common reason why organizations are lagging in plan implementation. The survey found that only 7 percent of organizations don't have any plans in place, a 50 percent drop from 14 percent of organizations reported in the 2011 survey.

Even more concerning is that while they received on average 17 requests for electronically stored information, these requests failed 31 percent of the time. This is significantly higher than the 20 percent of failures reported in 2011. Each time a failure occurs, the organization is at risk. Forty-three percent reported the inability to make decisions in a timely fashion as the biggest consequence of these failures. Other consequences reported include damage to reputation, compromised legal position, fines, raised profile as a litigation target and court sanctions.

"The survey highlights that, although there is a reduction in the number of organizations without an information retention plan, organizations haven't fully funded and implemented their plans," said Trevor Daughney, Director, Information Intelligence Group, Symantec. "With the number of ESI requests and failures to obtain requested information increasing, organizations face risks that are much more costly in the long run than implementing their plans."

No improvement in gap between retention beliefs & practices
There is still a substantial gap between beliefs and practices in retention policies, which has not significantly changed year over year. Eighty-one percent of respondents believe that a proper information retention plan allows organizations to delete information on an ongoing basis. However, 42 percent of backups are indefinitely retained by organizations. This is virtually unchanged from the 2011 results. And, information that is deleted by organizations is often deleted without considering established retention policies.

The most reported negative consequences resulting from preserving more electronically stored information than necessary include: Increased costs associated with collection, analysis and review (54 percent); increased time spent to collect, analyze and review ESI (47 percent); increased risk that sensitive information may be disclosed (44 percent); compromised position in potential or actual litigation (27 percent); and information unintentionally made available for potential future litigation (28 percent).

The survey also reports that organizations are keeping information longer than is needed, and keeping the data within backups rather than archives for legal holds, which reduces efficiencies when performing an ESI request. The survey reveals that 38 percent of data that organizations back up is not needed or shouldn't be kept in backup. In fact, respondents say that a third of backup data (34 percent) shouldn't be kept and is unnecessary due to litigation risk.

More than half of organizations keep that data indefinitely: 56 percent of organizations reported that their backup storage is used for infinite retention that is dedicated to legal hold. This has grown from 43 percent in 2011 and continues to get worse. Further, 85 percent of organizations routinely perform legal holds in their backups, which are not designed to be accessed in the same way as an archive.

Majority of organizations impacted by data privacy laws & regulations
As expected, data privacy laws and regulations have significant impact on organizations with 53 percent reporting that laws and/or regulations impact archiving and eDiscovery initiatives. However, there are many reasons respondents report collecting electronically stored information including: Litigation (60 percent); internal investigations (59 percent); internal compliance initiatives (58 percent); compliance with international regulations and laws (57 percent); compliance with local regulations and laws (55 percent); governmental inquiries or investigations (52 percent); and public information requests (46 percent).

Recommendations
Following are recommendations that organizations can implement to help them more effectively implement their information retention plan:

  • Adopt a defensible deletion mindset: When organizations can adopt a defensible deletion mindset they can delete information with confidence according to their information retention policies.
  • Err on the side of fewer, rather than many, retention policies: This improves the odds of successful information governance. Start with deleting obvious unnecessary files, then set minimum retention periods for compliance. Additional policies can be added later, if necessary.
  • Automate privacy, retention and compliance policies to reduce risk: Allowing your policies to automatically work as they are designed not only reduces the risk of inconsistencies in policy implementation, but reduces the risk of unintentional access or distribution of information.
  • Implement a solution in which legal holds can override expiry policies: Consider a unified eDiscovery solution where legal holds can be easily implemented to override expiry policies to avoid spoliation and sanctions.
  • Don't use backups for long term retention: Backups are for recovery, archiving is for discovery. Deploy an archiving solution to quickly and easily respond to search requests for electronically stored information.

Resources

Connect with Symantec

About Symantec
Symantec protects the world's information, and is a global leader in security, backup and availability solutions. Our innovative products and services protect people and information in any environment -- from the smallest mobile device, to the enterprise data center, to cloud-based systems. Our world-renowned expertise in protecting data, identities and interactions gives our customers confidence in a connected world. More information is available at www.symantec.com or by connecting with Symantec at: go.symantec.com/socialmedia.

NOTE TO EDITORS: If you would like additional information on Symantec Corporation and its products, please visit the Symantec News Room at http://www.symantec.com/news. All prices noted are in U.S. dollars and are valid only in the United States.

Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.

FORWARD-LOOKING STATEMENTS: Any forward-looking indication of plans for products is preliminary and all future release dates are tentative and are subject to change. Any future release of the product or planned modifications to product capability, functionality, or feature are subject to ongoing evaluation by Symantec, and may or may not be implemented and should not be considered firm commitments by Symantec and should not be relied upon in making purchasing decisions.

CONTACT:
Jerry Gowen
Symantec Corporation
+1 503-690-4714
Email Contact

Chris Walker
Connect Marketing
+1 801-373-7888
Email Contact

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

@CloudExpo Stories
The Internet of Things will greatly expand the opportunities for data collection and new business models driven off of that data. In her session at Internet of @ThingsExpo, Esmeralda Swartz, CMO of MetraTech, will discuss how for this to be effective you not only need to have infrastructure and operational models capable of utilizing this new phenomenon, but increasingly service providers will need to convince a skeptical public to participate. Get ready to show them the money! Speaker Bio: ...
Compute virtualization has been transformational, yet security policy implementation and enforcement has lagged behind in agility and automation. There are a number of key considerations when implementing policy in private and hybrid clouds. In his session at 15th Cloud Expo, Holland Barry, VP of Technology at Catbird, will discuss the impact of this new paradigm and what organizations can do today to safely move to software-defined network and compute architectures, including: How normal ope...
Samsung VP Jacopo Lenzi, who headed the company's recent SmartThings acquisition under the auspices of Samsung's Open Innovaction Center (OIC), answered a few questions we had about the deal. This interview was in conjunction with our interview with SmartThings CEO Alex Hawkinson. IoT Journal: SmartThings was developed in an open, standards-agnostic platform, and will now be part of Samsung's Open Innovation Center. Can you elaborate on your commitment to keep the platform open? Jacopo Lenzi: S...
How do APIs and IoT relate? The answer is not as simple as merely adding an API on top of a dumb device, but rather about understanding the architectural patterns for implementing an IoT fabric. There are typically two or three trends: Exposing the device to a management framework Exposing that management framework to a business centric logic • Exposing that business layer and data to end users. This last trend is the IoT stack, which involves a new shift in the separation of what stuff hap...
SYS-CON Events announced today that SOA Software, an API management leader, will exhibit at SYS-CON's 15th International Cloud Expo®, which will take place on November 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. SOA Software is a leading provider of API Management and SOA Governance products that equip business to deliver APIs and SOA together to drive their company to meet its business strategy quickly and effectively. SOA Software’s technology helps businesses to accel...
SYS-CON Events announced today that Utimaco will exhibit at SYS-CON's 15th International Cloud Expo®, which will take place on November 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. Utimaco is a leading manufacturer of hardware based security solutions that provide the root of trust to keep cryptographic keys safe, secure critical digital infrastructures and protect high value data assets. Only Utimaco delivers a general-purpose hardware security module (HSM) as a customiz...
Almost everyone sees the potential of Internet of Things but how can businesses truly unlock that potential. The key will be in the ability to discover business insight in the midst of an ocean of Big Data generated from billions of embedded devices via Systems of Discover. Businesses will also need to ensure that they can sustain that insight by leveraging the cloud for global reach, scale and elasticity.
SYS-CON Events announced today that ElasticBox is holding a Hackathon at DevOps Summit, November 6 from 12 pm -4 pm at the Santa Clara Convention Center in Santa Clara, CA. You can enter as an individual or team of up to 10 developers. A New Star Is Born Every Month! All completed ElasticBoxes will then be sent to a judging panel - 12 winners will be featured on the ElasticBox website in 2015. All entrants will receive five full enterprise licenses for one year + ElasticBox headphones + Elasti...
Once the decision has been made to move part or all of a workload to the cloud, a methodology for selecting that workload needs to be established. How do you move to the cloud? What does the discovery, assessment and planning look like? What workloads make sense? Which cloud model makes sense for each workload? What are the considerations for how to select the right cloud model? And how does that fit in with the overall IT tranformation? In his session at 15th Cloud Expo, John Hatem, head of V...
Cloud services are the newest tool in the arsenal of IT products in the market today. These cloud services integrate process and tools. In order to use these products effectively, organizations must have a good understanding of themselves and their business requirements. In his session at 15th Cloud Expo, Brian Lewis, Principal Architect at Verizon Cloud, will outline key areas of organizational focus, and how to formalize an actionable plan when migrating applications and internal services to...
SAP is delivering break-through innovation combined with fantastic user experience powered by the market-leading in-memory technology, SAP HANA. In his General Session at 15th Cloud Expo, Thorsten Leiduck, VP ISVs & Digital Commerce, SAP, will discuss how SAP and partners provide cloud and hybrid cloud solutions as well as real-time Big Data offerings that help companies of all sizes and industries run better. SAP launched an application challenge to award the most innovative SAP HANA and SAP ...
Ixia develops amazing products so its customers can connect the world. Ixia helps its customers provide an always-on user experience through fast, secure delivery of dynamic connected technologies and services. Through actionable insights that accelerate and secure application and service delivery, Ixia's customers benefit from faster time to market, optimized application performance and higher-quality deployments.
SYS-CON Events announced today that Calm.io has been named “Bronze Sponsor” of DevOps Summit Silicon Valley, which will take place on November 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. Calm.io is a cloud orchestration platform for AWS, vCenter, OpenStack, or bare metal, that runs your CL tools puppet, Chef, shell, git, Jenkins, nagios, and will soon support New Relic and Docker. It can run hosted, or on premise and provides VM automation / expiry, self-service portals,...
In her General Session at 15th Cloud Expo, Anne Plese, Senior Consultant, Cloud Product Marketing, at Verizon Enterprise, will focus on finding the right mix of renting vs. buying Oracle capacity to scale to meet business demands, and offer validated Oracle database TCO models for Oracle development and testing environments. Anne Plese is a marketing and technology enthusiast/realist with over 19+ years in high tech. At Verizon Enterprise, she focuses on driving growth for the Verizon Cloud pla...
SYS-CON Events announced today that Aria Systems, the recurring revenue expert, has been named "Bronze Sponsor" of SYS-CON's 15th International Cloud Expo®, which will take place on November 4-6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. Aria Systems helps leading businesses connect their customers with the products and services they love. Industry leaders like Pitney Bowes, Experian, AAA NCNU, VMware, HootSuite and many others choose Aria to power their recurring revenue bu...
The Internet of Things (IoT) is going to require a new way of thinking and of developing software for speed, security and innovation. This requires IT leaders to balance business as usual while anticipating for the next market and technology trends. Cloud provides the right IT asset portfolio to help today’s IT leaders manage the old and prepare for the new. Today the cloud conversation is evolving from private and public to hybrid. This session will provide use cases and insights to reinforce t...
As Platform as a Service (PaaS) matures as a category, developers should have the ability to use the programming language of their choice to build applications and have access to a wide array of services. Bluemix is IBM's open cloud development platform that enables users to easily build cloud-based, creative mobile and web applications without having to spend large amounts of time and resources on configuring infrastructure and multiple software licenses. In this track, you will learn about the...
Blue Box has closed a $10 million Series B financing. The round was led by a strategic investor and included participation from prior investors including Voyager Capital and Founders Collective, as well as the Blue Box executive team. This round follows a $4.3 million Series A closed in December of 2012 and led by Voyager Capital. In May of this year, the company announced general availability of its private cloud as a service offering, Blue Box Cloud. Since that release, the company has dem...
SYS-CON Events announced today that Verizon has been named "Gold Sponsor" of SYS-CON's 15th International Cloud Expo®, which will take place on November 4-6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. Verizon Enterprise Solutions creates global connections that generate growth, drive business innovation and move society forward. With industry-specific solutions and a full range of global wholesale offerings provided over the company's secure mobility, cloud, strategic network...
SimpleECM is the only platform to offer a powerful combination of enterprise content management (ECM) services, capture solutions, and third-party business services providing simplified integrations and workflow development for solution providers. SimpleECM is opening the market to businesses of all sizes by reinventing the delivery of ECM services. Our APIs make the development of ECM services simple with the use of familiar technologies for a frictionless integration directly into web applicat...