Skip to content

Data Risk Management

Why You Need to Think about Data Storage Differently

August 5, 2024

While every organization’s technology infrastructure and data landscape are unique, it's generally accepted that both the size and the complexity of data environments have grown exponentially over the past few years. Organizations use more software applications and communication tools and create, store, and manage more data in more ways than ever before.

On the positive side, this explosion of data allows organizations to realize more value in their business operations. But this increase in data volumes also increases the risks associated with that data. Whether the concern is litigation, compliance with privacy regulations, or mitigating the risks posed by cybersecurity incidents, organizations must implement processes and technology to manage data across its lifecycle.

Brad Harris, Vice President of Solutions at Exterro, says, “Today, a standard Microsoft 365 mailbox might contain 50 gigabytes of data—a volume of data that was unheard of just a few years ago. However, if there’s a requirement to preserve data in that mailbox for litigation, that could easily increase to 100 gigabytes.”

The Importance of Information Governance
 

Much of the data being created has obligations associated with it. There may be privacy or compliance regulations that require it to be retained for—or disposed of after—a certain period of time. Data may need to be retained, produced, and reviewed for discovery or disclosure during litigation or because of a cybersecurity incident. To manage their data efficiently and effectively, organizations need to understand how their employees are communicating and where that data is stored. That understanding allows them to improve their information governance, retention, and disposition over its entire lifecycle.

George Tziahanas, VP of Compliance at Archive 360, urges organizations, “Put frameworks in place to manage information across all those different dimensions. You need to deliver security, privacy, and compliance. You need data retention capabilities and the ability to search, retrieve, preserve and produce data. Information governance isn’t just about storage. It's actually about all these other requirements that exist around data storage.”
 

Organizations need to be able to fulfil these requirements not only accurately, but also on a timely basis. Chris Costello, Partner at Kirkland Ellis, notes, “One of the challenges whenever you're talking about finding and producing data in a litigation or regulatory context is how long does it take you to find what you have? How long does it take to identify what you need, review it, and produce it? And of course the same concerns apply on the business side as well.” Growing volume isn’t the only data concern organizations face; data complexity is also a factor. He continues, “The pandemic and work from home introduced many new applications, and the complexity and diversity of data environments has certainly evolved. They might also be part of 100 Slack channels—and also communicate via text messages, audio, video, emojis, and more.”

The Costs of Data Storage

While the costs of physical and cloud storage of data are lower per terabyte than ever before, the volumes of data organisations produce today still translate into significant costs. On premises, storing a petabyte of data costs well over a million dollars, while in the cloud the costs can be 50% to 75% lower.

However, storage space is far from the only associated cost. Organizations must meet all the obligations associated with that data. Many regulations require organizations to dispose of data they no longer need after a certain amount of time. Deleting data that no longer serves a business purpose also eliminates the risk it might pose in litigation and if a data breach occurs. Costello says, “It's not only the monetary cost of storing the information. It’s the time that you spend setting up processes around it: managing the data, auditing it, making sure you're getting the information where it needs to be, as well as the increased privacy and cybersecurity risks that accrue when you save more data.”

Tziahanas explains a key lessons that organizations must learn--and one that has the potential to transform how they think about their data. “The value of data tends to decrease over time, but at the same time, the risk increases. If you plot those two curves, with the line of risk going up, and the value of information going down, somewhere those lines intersect, and the value of that information is less than the risk it poses.” 

Once organisations understand this truth, they understand the necessity of having strong information governance and data retention policies and technology in place. Laying a strong foundation for data management offers organizations an opportunity to manage their budgets associated with litigation and privacy compliance more efficiently. 

Download our recent whitepaper to learn about 4 steps you can take to act on this idea.
 

Sign Up for Alerts

Get notified when new content for specific topics is available.

Sign Up