IT and Cybersecurity News

The Good, the Bad, and the Ugly of Information Lifecycle Management

Written by Brad Sprague | July 24, 2015

Six years ago, your business might have had 400 gigabytes (GB) of data stored on the network. Maybe two-thirds of that was actual business data comprised of files, vertical application data, and email. The rest was overhead. 

Back then, Information Lifecycle Management (ILM) meant buying more hard drives as your data grew, and consisted of a tape drive that was large enough to store all data. You probably maintained a rotation of tapes that created a nightly backup, was taken offsite in case the unthinkable happened, and provided the ability to retain snapshots in case you needed to see the email Joe sent on the third Monday in July of 1994.

So, what has changed?  Well, for starters, your 400 GB have become 1.6 terabytes (TB), or 1,600 gigabytes. For that reason, several issues have occurred:

  • Your backups started running onto multiple tapes and took too long to complete.
  • In trying to restore the backup from 1994, you found out that the tape was not stored in a cool, dry place, and became unreadable.
  • Moving to a digital backup, whether on-premises or cloud-based, became 25% of your IT budget. 

Being confronted with the monster that is data proliferation, many organizations first say: “Let’s go through it and get rid of the junk.” That sounds great, but is rarely fruitful in practice. It is unlikely that you will find a 300GB folder of little league pictures stored by the President of the company that will allow you to cut costs by 25%. Even if that is the scenario, only one part of the problem has been solved.

While you were concerning yourself with the logistics surrounding data growth, your auditors have begun talking about Data Leakage Prevention and Information Rights Management. And, in the meantime, you hear weekly about high-profile data breaches and aren’t really sure if it could happen to you.

There are two components to Information Lifecycle Management: Risk and Cost. To determine how much you should spend on ILM, in terms of time, treasure, and brain power, you first need to have a business-level discussion about risk. Try asking some questions:

  • What, on your network, is important for you to do business day-to-day?
  • If you experience a disaster, how long can you be without data in the event of a disaster (Recovery Time Objective or RTO)? How much data can you afford to lose: 1 hour of changes, 1 day, 1 week (Recovery Point Objective or RPO)?
  • Do you know if there is sensitive data on your network, where it is stored, and who has access to it?
  • Are you subject to regulatory requirements in regards to that data?
  • Do you have measures in place to limit the inappropriate ex-filtration of sensitive data (training, encryption, Data Leakage Protection), and the ability to purge data when you no longer need it?

Once you have the business-level discussions about your specific needs and risks in regards to your data, you can then review your options to determine what is the best way to approach ILM. This is a framework to determine the optimal systems to store, secure, backup, and replicate data that reduces your risk to a tolerable level without breaking your budget.

To learn more about Information Lifecycle Management, email info@syseng.com or call (207) 772-3199 to speak to a Systems Engineering representative.

View full post