2. Secure data that is copied into an archive – prevent unauthorised access, encrypt it, and place it on a secure medium such as WORM.
3. Manage data retention and destruction – automatically select what needs to be retained and apply a retention policy that ensures the data is both accessible during its lifecycle and that all instances of it are immediately destroyed upon expiration (after all data is not only an asset, but after its useful lifecycle, often a liability).
4. Assimilate data for corporate governance – most data – particular end-user data – is not truly under corporate control. A DLM archive should provide index and searching on both attributes and contents to give the organisation the ability to rapidly find the underlying information assets within the archive.
5. Guarantee data authenticity – Keeping data secure in a non-editable, non deletable environment with proof of authenticity via digital hashing algorithms applied upon retrieval.
6. Ensure regulatory compliance – regulated data requires set levels of retention, accessibility, access control, and authentication. If removable media is used (as it often must be to meet certain regulatory requirements), the physical location of media should be managed. Also, regulations often call for retention far beyond the lifetime of the media, requiring a reliable strategy for data migration over time to updated media.
Protected DLM begins with the automated analysis of data structures to identify data that should be copied or repositioned to a secondary storage archive. The data can involve any number of formats and applications from raw, unstructured user files and email to generic databases and specialised applications. Since the automated decision to move data off primary storage may not always be correct, the DLM system must be able to provide accessibility to the data in the event it is wanted. Archiving products usually make this possible at various levels including transparent access via stubbing or placeholders within the file system or database application or alternative access through a specialised interface to the archive repository. Either way, if data that has been repositioned to alternative storage is needed, it should be easy, if not transparent, to bring back.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.