Over half of businesses lack formal data retention plan

More than half of businesses do not have a formal data retention plan, creating massive recovery problems due to the over-retention of information, according to a new report by Symantec.

The study, entitled 2010 Information Management Health Check Survey, reveals some shocking figures. Only 46 percent of the 1,680 global businesses asked had a data retention plan in place, meaning that most businesses lack formal procedures for addressing the storage of data and when, if ever, it gets deleted.

87 percent believed such a plan should allow them to delete unnecessary information, but 13 percent would rather not delete anything, even useless material, at all.

The research also found that 75 percent of backups have infinite retention or are on “legal hold”, meaning that they can potentially never be deleted, creating a nightmare situation for those trying to sort through backups to restore a system to a usable state or to regain specific lost information. 

Symantec found that one in six companies archive information indefinitely. It also found that 25 percent of data that is backed up is not needed and should not be retained, since it hogs space and makes accessing essential information more difficult.

The report discovered that there was widespread improper legal hold practices, with 70 percent of companies performing legal holds using backups, 25 percent preserving an entire backup set for legal holds on files and documents, and 45 percent of backup storage being used for these legal holdings.

If that were not enough, it also found improper backup, recovery and archive practices were rampant. 51 percent prohibit end-user archives, but 65 percent report that end-users archive material anyway when not permitted. 49 percent use backup software for archiving, even when it’s not designed for that purpose.

The consequences of these improper practices are manifold, including high storage costs, long backup windows, excessive recovery times, increased litigation risk, and inefficient electronic discovery, none of which a business can dismiss lightly.