How Data Growth Complicates ComplianceBy Samuel Greengard
Regulatory compliance and eDiscovery now rate among the highest essential IT and business priorities for any organization, regardless of size or industry. What's more, the complexity of managing this task is growing—and it's heaping greater pressure on IT departments.
A new report from Archive 360 and Osterman Research, Best Practices for eDiscovery and Regulatory Compliance in Office 365, offers insight into this space—along with the growing use of Office 365 to manage the task.
According to the report, data growth is at the heart of the challenge. It's surging at an annual rate of about 18 percent and there's no end in sight. Further complicating things, much of this data is unstructured. In some cases, this "dark data" streaming in from e-mail, social media, wikis, blogs and SMS/text messages becomes invisible and, as a result, inaccessible.
In many cases, backup sets create problems for the eDiscovery process, particularly when they are stored on tape or on disk; eDiscovery is overly broad; organizations often fail to retain Electronically Stored Information (ESI), which can lead to serious sanctions; and organizations often fail to capture appropriate materials during the eDiscovery process.
Although business and IT leaders understand that there's a need to capture, securely store and manage data, another problem arises when an organization must produce authentic copies of all content that meets key criteria. Too often, search tools are lacking and organizations do not have a clear data deletion plan, further complicating matters.
"The ability to properly meet compliance and eDiscovery requirements takes in-depth understanding and a blend of purpose-built and production proven solutions," noted Michael Osterman, president of Osterman Research.
How can senior leadership approach this task more effectively? The report suggests focusing on an approach that incorporates communications, collaboration, file sharing, storage and other core tools. It's also important to focus on data types, retention periods, an IT framework, and the strengths and weaknesses of different tools.
In the end, the authors suggest that "a blend of Microsoft and non-Microsoft solutions is the best approach for assuring compliance with eDiscovery and regulatory requirements, thereby removing the threat of serious legal and financial penalties."
The report offers a final observation: "Microsoft Office 365 provides a successful and popular set of communications and collaboration capabilities, and its use will continue to grow at a rapid pace." However, there are a number of "limitations and deficiencies in Office 365 from an eDiscovery and compliance context. Decision makers should consider these as they evaluate their eDiscovery and regulatory obligations."