Using data lifecycle management to reduce risk and storage costs
One of the biggest challenges facing today’s organisations is the sheer size – and exponential growth – of corporate content. As data volumes have increased, so too have data storage costs, eating deeper and deeper into corporate operating budgets.
The full impact of this data proliferation goes beyond simple financials, however.
Challenges of rising data volumes
Increasingly cluttered digital workspaces mean users are wasting more time than ever learning new apps and searching for – or recreating – content and/or collaboration spaces in platforms like Teams. This erodes productivity, limits effective knowledge-sharing, and contributes to ongoing clutter in a vicious circle.
IT is then left fighting a Sisyphean battle against the admin duties of securely managing the resulting content sprawl. A great example is the never-ending stream of Teams requests requiring validation, configuration and access approvals, and the simultaneous need to ensure appropriate workspace archiving and deletion.
Compliance, too, becomes more difficult as data volumes increase, complicating effective retention and deletion (not to mention data subject access requests).
But what can be done to address this growing threat?
The answer lies in Data Lifecycle Management.
What is Data Lifecycle Management?
Data Lifecycle Management (DLM) is a method of structuring, organising, and managing data at file level to meet specific goals (e.g. security, availability or compliance) throughout its useful lifespan. That lifespan can be divided into the following five DLM stages:
1. Collection
To be incorporated into DLM, data must first be collected. This can require scouring a variety of sources, ranging from web and mobile applications to IoT devices. Collection is ideally done as and when data is created. Not all data will need to be part of your DLM. Its inclusion should take into account its relevance to your business and/or security and compliance obligations.
2. Storage
The best storage for your needs will depend on the structure of your dataset. It’s a good idea to evaluate your chosen infrastructure for security vulnerabilities before implementing data encryption, transformation or other security- and/or compliance-related processing to safeguard against malicious activity or regulatory non-compliance. This phase is also the ideal time to consider your backup and recovery strategy to protect against threats like malware, accidental deletion or alteration, and data corruption.
3. Usage
During this phase, data is made available to users. Doing that safely means defining exactly who can use the data, for what purposes. That could include both internal and external users, depending on the data, its sensitivity, and its potential use cases. Use cases could include anything from day-to-day business processes to BI and analytics leveraging in-depth data mining and machine-learning to deliver expertly curated results.
4. Archiving
When data is no longer of any use to daily operations – but must still be retained for compliance, litigation or investigation purposes – it’s time to send it to cheaper, low-touch, archival storage. Your DLM strategy should cover exactly when, where and for how long data should be archived in order to meet both retention and disposition obligations.
5. Disposition
This phase is where data that has reached the end of it useful (or legal) lifespan is defensibly (and permanently) deleted from all record. This is valuable for two key reasons. Firstly, it frees up storage space and reduces overall data volumes. Secondly, it minimises the risk associated with over-retention and potential regulatory breach.
4 benefits of good Data Lifecycle Management
Getting DLM right isn’t an overnight process, but experience has shown the benefits far outweigh the effort in most cases. Those benefits include:
1. Process improvement
A good DLM strategy doesn’t just make the right data safely available to the right users, it also cuts through the clutter to make sure that the data in play is both accurate, and of the highest possible quality. This facilitates more streamlined workflows and processes, enhancing efficiency and overall productivity, and enabling businesses to extract maximum value from their data.
2. Controlling costs
DLM makes it possible to optimise storage costs and volumes by ensuring data is kept in the right storage tier for its particular lifecycle stage. No wasting expensive, high-touch storage space on data that is no longer necessary for daily operations, and no more over-retention of expired data that holds no further business value.
3. Data usability
Implementing data classification processes (like metadata tagging) alongside enforceable governance policies as part of your DLM strategy makes it possible to ensure that data is both easy to access, and retained for as long as it remains useful. That’s a big win for users, providing the key they need to find clean and useful data that is current, accurate, and appropriate for their purposes.
4. Compliance and governance
The insights and environmental awareness provided by a strong DLM strategy makes it much easier for organisations to apply the necessary controls to the right data in order to fulfil their security, retention, and disposition obligations. No more unknown vulnerabilities lurking in the dark corners of your environment – DLM shines a light where you need it, to run a tight ship and an even tighter data estate.
Where to start your DLM strategy?
The first step in any DLM project is to identify where and what your sensitive data is. Next, you’ll need to create a data classification taxonomy (which is, incidentally, also a great starting point for deploying Data Loss Prevention).
The tricky part is DLM’s requirement for business-wide input and buy-in. It’s not always easy to get all senior stakeholders together to understand the challenges and make effective decisions.
Stakeholders also need to do their homework: business bringing a list of their requirements (e.g. retention rules for regulatory compliance, deletion rules for data privacy etc.) and IT bringing the explanations of how technology can make these a reality.
Pro tip: If project impetus becomes a problem, it can be useful to use the benefits discussed above to build a business case that goes beyond “best practice”. Demonstrating the very tangible returns offered by DLM in terms of cost and risk reduction can be a powerful motivator to get things done.
We can help!
At Cloud Essentials, we have a long history working with content in Microsoft, optimising it for both productivity and security/compliance. If you need a hand on your DLM journey, we highly recommend starting with our Compliance Assessment. It’s a great entry point to start leveraging your Microsoft investment, and building the stakeholder engagement you’ll need to create solid foundations for your future data lifecycle strategy and compliance program.