Strategic Vision

A recent ABA newsletter has an important article that discusses recent case law surrounding rules for ESI preservation and makes recommendations for changes that effectively extends the retention periods for all ESI.

From:  ”A New Set of Rules for e-Discovery Duties and Sanctions”   By Nick Brestoff,   Published in : EDDE Journal:    WINTER 2011 VOLUME 2 Issue 1 — A Publication of the E-Discovery and Digital Evidence Committee ABA Section of Science & Technology Law

“All ESI preserved in accordance with the Preservation Duty shall not be destroyed or materially altered until four years after the Proceeding is final. If such ESI is not then subject to any other Preservation Duty, it may be destroyed. However, if such ESI is subject to a Preservation Duty arising from any other Proceeding, that ESI shall not be destroyed or altered until one year after all such Proceedings are final.”

Juxtaposed Forces:

The impact is interesting in that it is getting harder and harder to delete information and data out of the datacenter.  On one hand we have IT’s cost-driven movement to incorporate capacity optimization in the datacenter and on the other legal and regulatory governance that extends retention periods and makes it harder to delete expired information and data – driving up costs and energy consumption.  In the preservation world, we are concerned with both, and the paradox of moving towards storage of preservation objects which are larger in size and not dedupe capable is causing capacity growth angst because you must have 3-4 copies of each object distributed for recovery, access, and business continuity.

Thoughts:

• What screams at me is “classification, classification, classification!”
• And, “deletion” as soon as possible – but without order and organization of information throughout the enterprise that is hopeless.
• How to deal with the load, the cost, the complexity – I only see one path.  It is the practice approach provided by ILM2.0 .   (for more go to www.ilm20.org)

Are there others?

ILM and Cloud Storage Audit Services

We have identified and are offering two important new audit services to our clients. Take a look and let me know what you think and if we can help you.

a] Preservation in the Cloud Assessment and Audit

b] IT and Information Governance in the Cloud Audit & Assessment

.

.

.

.

.

.

.

.

.

.

.

Cloud Adoption Drivers are not what is being Reported:

We talk a lot now about the Cloud and its drivers and barriers. These two new studies shed interesting light on the topics. However, I’m motivated to point out one glaring and important point of interpretation.  It is about cost.  Every study says cost as in “cost reduction” is the top driver.  In my experience, we’ve seen this opinion and misleading conclusion many times before. Be careful.

The two  reports are:

a] IBM: “Inside_the_Midmarket__Global_Report”_201101 – a study of cloud adoption in the midmarket

b] IBM: “The evolving role of IT managers and CIOs Findings from the 2010 IBM Global IT Risk Study”

MY OPINION:

Cost is an “eliminator” in the selection process, not a “selector” until you get to the end of the purchasing process. (Usually, #7 on the prioritized list of selectors.)  Consequently, if you ask a CXO the typical ‘leading’ questions in surveys you will get cost back at the top of the list, but be careful, you will potentially interpret this incorrectly and be mislead.

Cost has historically proven itself to be much less of a driver than the vendor community wants to believe.  We have many historical examples of this occurring.  I think the same applies to Cloud adoption.  Its an eliminator and until the “selectors” fall into line.  Cloud storage especially will still be too much risk to let cost be the primary driver.  All I’m saying is that you need to be looking to address the real barriers to adoption instead of focusing on cost. Focus instead on proper “customer development” practices.

I just found this resource on CloudTweaks – very interesting set of market data on adoption of the cloud.  http://www.cloudtweaks.com/cloud-diagrams/

Tell me what data you are looking for. I may just have it.

I’ve been accused of throwing historical IT practices under the bus in my last posts. Well, in my opinion, we should.

IT practices that confuse or just don’t meet the business requirements or only add cost and complexity need to go away.  The times are changing. We saw that clearly with regulatory compliance and eMail. We see it with eDiscovery and litigation review. Many IT practices damage metadata resulting in damage to authenticity.    The courts keep getting closer and closer to exposing bad IT practices and I submit we need to start somewhere making improvements.

Metadata is a good example. Many IT practices damage, mix, confuse, or just plain ignore the value of metadata. (And, consequently denigrate its use to demonstrate authenticity.) This has to change.
a) Yes, it wasn’t until 2008 that Sedona recognized metadata in litigation evidence, but now it is important.
b) Aguilar v. Immigration & 
Customs Enforcement Div., 2008 U.S. Dist. LEXIS 97018 ( Nov. 21, 2008 ) changed it all again, making certain metadata a key part of litigation evidence.

Another example is confusing archive and preservation – regulatory compliance hammered that. I believe that the IT premise we have to move toward could be framed “Preservation begins at creation.”  The IT practice of archiving at the time information becomes inactive or expired is too late, too costly, too complex, and too risky in the face of litigation and compliance risk.

Oh, let’s add ‘deletion’ to the list:  Even the records community is at fault here. The whole idea of ‘disposition after information expires’ is ludicrous for the digital datacenter. I maintain disposition policies must be made up front – consistent with ‘preservation policies begin at creation.’

This could be a stimulating conversation. Chip in.

Oh, and I’m far from alone in this opinion. Change is hard and the top barrier is human and cultural on one side and resistance from the vendor community protecting their installed base of revenue by propagating the myth on the other.  I can’t blame them. I can only blame the IT community. I really like this anecdote from the “Backup Blog:”  ”…Having said that, the biggest obstacle to fixing backup is not technology. It is inertia. It is cultural. It is fear of change. It is ingrained process. It is the fact that we have done things one way for so long that the reason we are going things has been forgotten…”