Data preservation obligations associated with litigation and regulations such as Rule 17a have fueled the creation of compliance archives in many organizations. However, without the ability to categorize data by content firms lack the means to defensibly delete documents from the archive. The resulting escalating storage and e-discovery costs coupled with the risk of keeping unneeded data will drive a fundamental shift away from centralized compliance archives towards a distributed “Preserve in Place” model. The key technology enablers are content based auto classification, coupled with a “Command & Control” architecture.
Command will be in the form of centralized document information and meta-data used to automatically classify documents against consolidated policies for records, privacy, and data protection. Control will be effectuated by smart endpoint devices and repositories communicating with the central policy engine to enforce centralized decisions at the O/S and application level. For endpoints, most policy compliance can be ensured through controlling a handful of actions – specifically: 1) Prevention of deletes - preserve in place 2) Copy or move as directed - collect and selectively centralize 3) Delete as directed - enforce retention. The net will be centralized, automated decision making, enforced across a distributed and heterogonous environment. Tools such as Rational Retention are delivering these capabilities today.
Action Item: Avoid the quick fix of compliance archiving without ensuring some method for classification and destruction and explore next generation tools to centralize policy administration with open API’s to hook into smarter endpoints.
Footnotes: