Commvault Alert
SHIFT from Continuous Threats to Continuous Business. Experience the virtual event.
Secure your data, wherever it lives-across enterprise, cloud, and SaaS.
Comprehensive SaaS & On-Prem solutions for data protection, backup, recovery, management, & compliance in any environment.
Our cloud, security, and technology partners represent the market leaders in their space and combine with Commvault for deep integration, tailored solutions, differentiating services, and expert support.
Helping organizations become cyber ready, able to achieve continuous business in the face of any cyber challenge. Explore the Readiverse.
Access resources to enhance your company’s cybersecurity and protect against emerging threats for continuous business operations. Gain the tools and knowledge to stay resilient in a changing digital landscape.
Ransomware thrives in chaos. Let us demonstrate how your organization can adapt and thrive in the evolving cyber landscape.
An organization’s data retention policy is a set of rules that describe the types of data that will be retained by the entity and for how long.
An organization’s data retention policy is a set of rules that describe the types of data that will be retained by the entity and for how long. Retention policies also address how the data is handled at the end of the retention period when companies explore options ranging from doing nothing to destroying the data or archiving it. Data retention policies are adopted to achieve and maintain compliance with relevant regulatory requirements. For example, if an organization takes part in a regulated industry where data must be preserved for seven years, the company retention policy must specify and enforce the specified seven-year retention period.
An example of a retention policy article would be “retain daily backup for seven calendar days.”
In addition to the above description, organizations must adhere to the international, regional and industry standards that govern areas where an enterprise has customers or does business. Besides the imperative to retain data for a specified length of time, data location has become extremely important and is now a permanent fixture in data retention policies. For example, the European Union’s General Data Protection Regulation (GDPR) rules require that EU citizens’ data be stored within the EU borders.
In addition, some industries also come with retention requirements. Companies tend to adopt data retention policies that exceed prevailing regulatory requirements. That is especially true in regulated industries such as healthcare and financial services. For example, companies that do business in the healthcare sector, one of the unique regulatory requirements is the Health Insurance Portability and Accountability Act (HIPAA), which governs healthcare data, and there are requirements around how long HIPAA documentation must be retained, while states govern medical record retention requirements.(1) Also, companies that operate in the United States must adopt Sarbanes-Oxley Act (SOX) compliant data retention policies.
An essential aspect of data retention policies is to keep the more expensive primary storage free for frequently accessed data. To that end, enterprises set and enforce policies that move data at the end of their retention period to cheaper secondary or tertiary storage. These storage tiers could be less expensive on-premises disk storage, tape or even cloud storage. The most common storage tiers for secondary and tertiary copies are cloud storage. Cloud storage also offers customers different tiers or levels of storage depending on the data retention requirements. Cloud storage could be considered hot, cold or archive to offer customers different cost structures for their data retention policies.
As noted earlier, a retention policy helps companies manage important data per rules and regulations that govern their business and the locale where they operate.
A robust data retention policy would include:
See the fully functional, full-service product today, and see how Commvault can serve your needs directly.
Data is the core of any business, whether that is paper invoices, or today’s more common digital information, it all fuels the work of an organization, from inventory to customer records. Companies should identify and capture this critical data to keep the day-to-day business operational and, in the case of regulations, to stay compliant.
A robust retention policy protects enterprises from financial losses, civil and criminal penalties that follow customers’ data loss, and failure to follow prevailing regulations. Examples of heavy financial penalties are a common occurrence on the business news.
Gaining and keeping customers’ confidence is vital for business growth. Customers have come to expect that their data, especially personally identifiable information (PII) is protected and remains private. There is little to no tolerance left for negligence when it comes to customers’ data.
Business growth requires predictability and confidence that comes from robust data retention policies and regulatory compliance. Businesses can expand into new regions knowing that they will not be surprised by obscure or unknows regulations.
Ransomware or cyber-attacks are increasingly more common and protecting the business data from attack is critical. With a policy in place to keep data for a predefined period, it can help prevent ransomware from crippling a business. As these attacks become more advanced and remain dormant from extended periods of time, it is important to include retention guidelines for ransomware in the retention policy.
Digital data and applications are the drivers of business growth. Adopting a retention policy is vital for businesses and protects against the potentially harmful impact of sloppy handling of sensitive information.
Adopting and enforcing a data protection policy helps enterprises in many ways:
Organizations of all sizes need protection against ransomware threats. Proper data protection allows customers to deploy solutions in everyday use cases:
Yes! Commvault supports data retention policies. The portfolio of solutions includes: VM & Kubernetes Backup, Database Backup, File & Object Backup, Microsoft 365 Backup, Salesforce Backup, and Endpoint Backup allow users to retain their data and set retention policies according to their requirements. Simple configuration wizards will help you set your retention policy while keeping your data safe and recoverable.
Bill Mew, Data Privacy Champion and CEO of the Crisis Team, Jakub Lewandowski – Global Data Governance Officer, Commvault and Thomas Bryant Product Marketing Director.