Podcast: Why You should Archive Data Today and in The Future

August 06, 2019 Security and Compliance, MOVEit

Businesses archive their data for a lot of reasons, but what is the most critical use case for archiving? For security or for posterity?

 

In this episode of the Defrag This podcast, hosts Greg Mooney and Jeff Edwards dissect the latest Osterman Research report. Why Archiving All Electronic Content is Critical to find out why organizations should be archiving electronic data, and the types of data they should be prioritizing. They also discuss how IT teams are using archiving today, and how they see the future of digital archiving evolving. For more, you can download a full copy of the report for free here. 

This part of the page will be loaded later.

Full Transcript: 

Greg: This is "Defrag This." I'm your host Greg Mooney and on the phone today I have co-host Jeff Edwards. How's it going, Jeff?

Jeff: Great. Greg, how're you doing?

Greg: Good, good, just living the dream. And, you know, today we're gonna be talking about another report. Last week we were talking about the EMA report. This week we're gonna be talking about an Osterman Research report about why organizations should archive all electronic data. And we'll, kind of, talk more about what all that data encompasses later but, you know, archiving data may be one of the most critical processes that IT has to endure on a regular basis. I remember when I worked in IT, a lot of my time was spent, you know, labeling and processing and sending to basically a vault all this data that the company had archived on basically just cassette tapes. And they would just go into a vault and every once in a while someone would pull something out, but it had all the information from decades of work that the company had, you know, endured. But archiving is not only necessary for regulatory compliance. It's also a powerful tool in the wake of a security breach. And things such as ransomware and data corruption or loss, you know, those are one of the main reasons why somebody would want to access an archive to, you know, kind of get by anything that ransomware took over or any data that was lost within a breach.

It's also a great way to provide employees with old documents and data, like I was talking about before. And newer employees may want to access archived data from their predecessors to understand the context of current situations at a business to make, I guess, make more wise business-critical decisions moving forward based on, you know, how things have worked in the past. Archiving is a power defense mechanism in case of court orders, compliance issues, and as I said before, data loss and corruption. So in this recent report by Osterman Research, respondents to the survey were asked what the main drivers are for deploying archiving solutions and how executives are seeing, you know, archiving as a powerful intelligence tool. So let's get to the first question. And remember you guys, you know, we hope that you sound off on Twitter, @defrag_this, or on the comments section below the podcast at blog.ipswitch.com. We'd love to hear your feedback on, you know, how you're using archiving as, you know, an intelligence tool or if you have any use cases for it that are, maybe, out of the ordinary.

So, Jeff, this report looks at how IT teams perceive their archives and how their archiving practices change in the future. The first set of results show that complying with regulations is the leading reason for archives. In present times, 60% believe this is the main reason for having an archive of old data while 68% see it more so the reason in the future. What I didn't see in the report was anything indicative of using archives for security purposes, which I think is worrisome. I personally think, you know, this would be the main benefactor for an archive, considering all the ransomware that's been on the rampage recently. What do you think?

Jeff: Yeah. Honestly, I think it was an oversight from Osterman Research, the company that put together the report. I don't see in the chart in question here, that the main drivers...security is not even included. So maybe they didn't even ask about it. I'm not really sure, but they do later on go on to acknowledge the importance of, you know, archiving as a security tool. And, yeah, like you said, archiving is really...for things like ransomware or accidental destruction of data and corrupted data, archiving is the first line of defense against that. I mean, aside from your firewall and keeping your machines patched. If you get ransomware on a few machines and it locks down some important data, the best thing you can have is have that backed up somewhere else because then you don't have to deal with it at all. You don't have to pay them. You don't have to try to get the data unencrypted. You just disconnect that machine and that's it. So, yeah, big oversight, I think, from Osterman Research. I really don't understand why they didn't include that as a question.

Greg: Yeah, and you know, maybe the reason for this is that it falls under compliance reasons for archiving? I know a lot of IT teams may clump together compliance and security because usually, you know, if there's a breach, that usually means an audit or a fine is on the way, you know?

Jeff: Yeah. I mean, I think if it's an IT team and not a security team, then those two things are really closely related for them and, you know, their first thought might not be, "Oh, what about our data?" It might "Oh, crap. We're gonna get audited." So, yeah, they could have lumped it together. It's not really clear in the wording of the question and, of course, compliance is the biggest driver. That's just a given, because it's required. You know, you have to archive under HIPAA. You have to archive under privacy regulations. To a certain extent, they can actually ask you to dearchive, as well, and delete data. But, yeah, it's required. So that's gonna be the biggest driver.

Greg: Yeah, interesting. Other reasons for archiving seem to be for, from what I see in the report, or from e-discovery, litigation holds, offloading data from email servers, which is a huge one. Consider the fact of how much email we deal with on a daily basis. And extraction intelligence seems to be less likely a reason now and in the future for archiving. I find that interesting since you'd think that there would be, you know, much more information to gather in business archives. What do you think?

Jeff: Yeah, I think it's an interesting take. It's definitely a useful use of your archives is extracting intelligence. I mean, what is the use? Besides security and compliance concerns, what is the use to have that information if you don't get any worth out of it? And honestly, if you take a more proactive approach, you can get some pretty good insights from archived data. You can learn all about, you know, employee needs. You can manage customer relationships with CRM systems a little bit better. You know, you'll get a better picture looking back of, you know, what were our sales processes in the past? How did they work? What were our conversion rates? Things like that, especially with the CRM, that's really, really valuable information because it's gonna keep you from making the same mistakes twice or you can go back and see what worked in the past. So I'm not sure why this wouldn't be considered a major consideration. I think that there is one chart where they do say that respondents said it was a growing driver for decision-makers. So...

Greg: Now, the next results on the survey focus on intelligence gathering for businesses. It seems that executives, or rather decision-makers, only see some value in using archived data for intelligence and decision making, like we were talking about before, 57% see it as some value. But how I perceive this is that IT teams and decision-makers see archiving electronic data more important in the future. This, kind of, contradicts, you know, the former data. So what do you think this means?

Jeff: Yeah, I think that that's exactly like you said. This chart says 57% now say they see some value. But in the future, they say that they're seeing the value rising, or 48% say that they see a great deal of value in this. Or they predict seeing a great deal of value in this in May 2021. I think that's just about right. As, you know, big data parsing technology and archiving, kind of, merge, as people are able to extract with ease analytics from this data, it's gonna become a lot more useful to them. If you're looking at a...you know, if you're a legacy company and you still have some of your stuff archived on, you know, magnetic tape, yeah good luck, you know, getting valuable insight from that. But going forward it's going to be a lot easier.

Greg: Yeah. Now, the report doesn't seem to have any data on this, but another future scenario for many companies is that they will start archiving, you know, social media content or, you know, maybe Skype content, stuff like that. You know, like text messages and...I can understand this for business accounts but does it make sense on the employee level? Like personal accounts I believe should stay off-limits.

Jeff: Yeah, I think so unless they're signed over, unless they're an ambassador for the company. In that case, then yeah, you'd want to archive it. But if it's just an employee's, you know, personal account, I see no reason that they would want to archive that or even waste the space on it. As you know well that I run a lot of the social media here, and I think that archiving, from our perspective, is terrific and we don't, you know, keep a separate archive. If we were Facebook, Twitter, LinkedIn...all of them, kind of, have their own, but our social media management tools allow us to go back through and pick posts and then we can go back and find posts that were good before. When the same type of news comes around we can tweak it and able to bring back a piece of valuable information to the new news cycle. So that's always useful. As far as tracking employees, yeah, I'm just as grossed out by the idea as you. Actually, a funny story, before I came here I applied for a company that was a security company, because I worked, sort of, in the security space before in marketing. And their solution, basically, was a tool for spying on your employees under the guise of stopping insider threats. So I was a little bit uneasy with that and then once I figured out exactly what the tool was, I kind of withdrew myself from consideration because I was really not into that at all.

Greg: Well, I commend you, Jeff, you know, fighting the good fight, you know.

Jeff: Yeah.

Greg: A lot of people would just take the job, I bet.

Jeff: Yeah, yeah. Well, I had this opportunity at the same time and this one seems like a more beneficent company. So, yeah, went with that.

Greg: Glad to hear. Well, that's pretty much all I got from the report, unless you have any closing thoughts?

Jeff: Yeah, I mean the report is about how important it is to archive and they really lay it out plainly. So I think that's about it. Security, compliance, and analytics, that's your big three.

Greg: Yeah, and you'll be able to download the report itself, you know. We'll have a link below the podcast on blog.ipswitch.com. You can also go there to check out other podcasts and, you know, always follow us @defrag_this or @ipswitch to sound off your opinions. We always want to hear from our listeners. We rarely get anybody to comment on anything so, you know, we'd like to change that. So please, please comment.

Jeff: Please comment.

Greg: Tell us that we're stupid or tell us that you don't care for the content. That's fine, too, you know. Do whatever you'd like. You can troll us as much as you'd like. Until next time, stay safe out there.

Man: Thanks for listening to "Defrag This." If you enjoyed the show, you can find more from Ipswitch on Twitter @ipswitch or on Facebook and be sure to describe to the "Defrag This" blog at blog.ipswitch.com. Thank you so much for listening. Until next time.

Jeff Edwards

Jeff Edwards is a tech writer and analyst with three years of experience covering Information Security and IT. Jeff has written on all things cybersecurity, from APTs to zero-days, and previously worked as a reporter covering Boston City Hall.

Read next Blueprint for a Successful File Transfer Project: Steps 1 and 2