In the spring of 2003, Recycling Today Editor Brian Taylor and I attended our first NAID (National Association for Information Destruction) Convention. It was an interesting and informative experience. The group was active and searching for answers about where the business was going and what would be driving it.
We were not new to the document destruction business. In fact, we’d covered document destruction in earlier times through our Fibre Market News newsletter for the paper recycling industry and in Recycling Today. Many of our Recycling Today readers offered destruction services.
What was new was the fervor surrounding the business. Identity theft, corporate records management in the post-Enron era and the protection of personal health care information were driving a range of new legislative and regulatory initiatives. Shredding was moving from a back-room activity to a mainstream activity. It created wonderful business opportunities.
We left that convention convinced that we could add to the industry and that we could contribute to the dialogue necessary for the business to grow and mature by launching a dedicated business magazine for the sector. In the spring of 2004, we published the first issue of Secure Destruction Business (SDB) magazine, dedicated to the document destruction business.
Brian worked with me to lead our editorial team on this new project. He then guided the magazine for its first two years of publication. In 2006 DeAnne Toto took over the helm. DeAnne has become well-known and well-connected in the industry in the years since.
Of course, the business changed as it developed. One of the first waves was the movement of destruction firms beyond documents into product destruction. It made great sense; many businesses needed to destroy out-of-spec and defective products.
Another fundamental change was when records storage firms began to add or expand in-house destruction operations; they also began acquiring “pure-play” destruction firms.
The two sectors grew closer and closer. In fact, the link became so strong that in 2009 we changed the magazine’s name to Storage & Destruction Business to better reflect the realities of the marketplace.
As digital record keeping began to take root, it gave rise to the consolidation of the records storage business. The fervor surrounding the business began to fade; it was not gone, but it was diminished.
Generation of paper documents began to decline, digitizing of long-held paper archives had passed its peak and volume was coming out of the sector. This, along with other factors, has continued to drive industry consolidation.
Today the business is a highly consolidated market that faces decreasing volume. Digital storage largely has replaced the storage of paper documents. As this trend line has played out, many of our customers—suppliers to the industry—have shifted their business development to other industries or sectors.
Facing this business reality has drawn us to the point where publishing SDB magazine is no longer a viable business for us. It is, therefore, with bittersweet feelings that I share this will be the last issue of SDB magazine.
The industry has been great to us. We’ve had a lot of fun covering it and have formed wonderful relationships, and we’d like to believe we contributed something to the industry. It is with sadness that I write this, but also with fond memories.
Of course, we’ll continue to cover the document and product destruction sectors as much of what gets shredded is recycled. We also cover electronics recycling and refurbishing in Recycling Today. In that sense, we’re not entirely leaving the sector. That’s good news for us, and hopefully for you.
A monolithic laccolith: That is the geological term for the granite mass in Sandy, Utah, just outside of Salt Lake City, that houses Perpetual Storage Inc. (PSI). Since 1968, the firm has been storing digital information and microforms in a vault excavated out of its granite mountain.
A rare space
The formation is a rarity of nature, PSI says, as there are only five in the contiguous United States, two of which are in national parks or are national monuments.
Patrick Lynch, who co-owns the company with his wife, Susan, says the laccolith was an inexpensive purchase because it lacks fissures, meaning quartz was unable to intrude, so the structure does not contain minerals that would increase its value.
The laccolith sits on 152.15 acres surrounded by the Wasatch National Forest. The company originally owned 662 acres but sold 10 acres the Church of Latter Day Saints (LDS) in 1964, which operates a vault for its genealogy records less than 1 mile from PSI. In 1982 PSI sold 500 acres to the National Park Service in exchange for tax credits and cash, Lynch says.
The company’s physical location offers a number of benefits, including a constant temperature of 63 degrees. “No heating or cooling is needed—just lighting and humidity control,” Lynch says.
PSI also is protected against earthquakes. Its website states, “Earthquake shock waves pass through solid objects like our granite formation, which does not move because it is ‘book-ended’ on either side by the older mountain formation.”
Its location roughly 250 feet above the canyon floor also means flooding is improbable.
The company is protected against possible man-made disasters as well in the form of a fire suppression system.
However, Lynch says PSI’s focus on digital records helps to reduce the risk of fire at the facility. “Paper is fuel,” he says. “Digital records are not. We want our clients who store here to know that we know that.”
PSI targets security-conscious clients and protects its facility with highly trained armed guards, Lynch says, as well as with two outside security companies, electronic surveillance, motion detectors and a number of man traps and gating systems.
“It’s highly unlikely that anyone would gain access inside the mountain and live,” Lynch says of PSI’s security measures.
PSI’s vault has a half-acre footprint, measuring 35 feet high and 250 feet deep. “Our current and first vault system was not a cavern, cave or tunnel; it was purpose-built—blasted into the mountain. They did it in such a way as to maintain the integrity of the rock,” he says.
Ahead of its time
PSI has focused on digital information since Lynch’s father established the company. The firm had a vault division, a micrographics division that transferred paper documents to microfilm and a computer time-share division. Lynch says, “The reason that we had all three businesses is because it was a vertically integrated model where you would generate the data, make copies of it and put the copies in the vault.”
He adds, “We were a little ahead of our time. We had a slow adoption rate, if you will, at the beginning of the firm’s history.”
Lynch says his father’s friends thought he was “nuts” to invest in such a business.
However, “Time has proven him out,” he says. “It’s proven a very viable and sustainable business model.”
Perpetual Storage enhances DataVaulting service
Perpetual Storage Inc. (PSI), Sandy, Utah, says it has further enhanced its DataVaulting service by providing redundant and diverse network connectivity from Syringa Networks. The redundant circuit provides Ethernet service over buried fiber optic cables directly into PSI’s mountain facility, providing virtually unlimited bandwidth over an additional dedicated connection, PSI says.
With dual network paths, the company says it ensures immediate on-demand access to customer information, even in the unlikely event of a network interruption with one of its network providers.
DataVaulting is a natural extension of PSI’s core business of providing physical records storage in its privately owned and operated maximum security vault. The service combines virtual data security with the data center’s physically secure location inside of a granite mountain to provide a highly secure private cloud for backup, disaster recovery and archival information storage. PSI says this new service will enable customers to access their stored records and data more efficiently over a dedicated connection.
“Syringa Networks has a proven track record for providing reliable, secure connectivity over a robust, well-designed network,” says Aubrey Murray, PSI senior managing director of business development. “Having a buried fiber optic connection from Syringa Networks gives us an additional level of confidence that our DataVaulting customers will always have immediate access to their information.”
PSI says the additional connection enables cost-effective access to PSI’s DataVaulting service for thousands of businesses and organizations that can access Syringa Networks’ robust, ring-protected buried fiber network.
Lynch first entered the business in 1978 out of college. “That was propitious timing for me and the vault, and I started gaining large clients,” he says.
By the time Lynch joined the business, PSI already had sold off its computer time-share division. Shortly after joining PSI, he sold the micrographics division.
After five years with PSI, Lynch left to pursue a career on Wall Street, where he stayed for 27 years before returning to PSI in 2010 following the death of his parents.
“I continue investing in and reinventing the business to make it a sustainable business model,” Lynch says.
An evolving business
PSI stores microforms (microfilm and microfiche), CDs, DVDs, Blu-ray discs, hard disks and magnetic tape (largely LTO) for clients ranging from corporations to local, county and state governments to federal agencies. PSI’s corporate clients include insurance firms, financial institutions, hospital groups and manufacturers, as well as nonprofit organizations.
“Our goal is still to fill up the vault,” Lynch says. “Every time we get full, there is a technological advancement or leap in how data are compressed … and we go from 85 percent full to 35 percent full. We have gone through that oscillation several times in the history of the firm.”
Lynch says PSI’s focus makes it unique among records and information management firms. “We have companies that think they compete with us,” he says, adding that PSI’s focus on storing data sets rather than paper gives it a niche that caters to “very security conscious clients.”
He adds, “We have been pretty successful for a long time with our model. But we are evolving our model with our new DataVaulting service.”
Lynch refers to PSI’s data center, which is equipped with fiber cable from Comcast and Syringa Networks to facilitate high-speed data transport to and from its clients to store clients’ backup, disaster recovery and archival data. (See sidebar on the right.)
He says PSI can provide or facilitate other services, including digitizing microfilm through U.S. Imaging and similar firms.
Additionally, the company operates its own courier service, which is staffed by five full-time employees who provide service around the clock.
Lynch says PSI has been approached by government entities about creating vaults especially for them—a prospect that intrigues him. “I would like that, actually,” he says. “I think that would be a pretty nice project.”
PSI offers a carefully curated menu of services that focus on digital information. “We do very few things,” Lynch says, “but we do them very, very well.”
He adds, “You cannot screw up here.”
PSI takes that philosophy to heart, conducting regular penetration testing of its operations, initiating improvements based on those results when necessary.
Founded on trust
Lynch says PSI works to form “strategic vendor relationships” with its clients. “They keep us informed of what they are doing. We tell them what we find out about industry trends,” he says, adding that the company also talks with representatives from government agencies about industry trends. “It is kind of a holistic relationship between vendor, client and various outside government agencies that are fighting this data theft war,” Lynch says of PSI’s approach. “If you don’t approach it that way, you are going to lose because these people are relentless.”
This relentlessness has been good for business. “Market conditions are quite good because of the explosive aspect of cyber security,” he says.
Cyber security concerns mean PSI spends a lot of time educating clients. Lynch says, “We provide solutions; we don’t just try to scare the pants off of anyone.”
He says PSI’s employees also are critical to the firm’s success, and many of them have been with the company for more than 17 years. (Some have even logged upward of 30 years with PSI, while still others have more than 20 years.)
“I’ve always thought a high employee retention goal for a company is a valuable and best business practice,” Lynch says. “You invest a lot in people, and you want to gain a return on that investment; but, more importantly, you want to surround yourself with employees that you like and trust. We are in the trust business. We trust these employees to do the right thing and be very client focused.”
Business on the go
According to Perpetual Storage Inc.’s (PSI’s) website, http:// perpetualstorage.com, “Data protection solutions such as replication, external hard drives and tapes are important but provide only a partial solution for your company following a disaster.”
That’s why the Sandy, Utah-based company offers the patent pending GoBox in addition to various data protection solutions. In the GoBox, clients can store important recovery tools, diagrams and information, which PSI then stores in its vault that is located in a granite mountain.
PSI says clients need to make one phone call to receive via courier service everything necessary to restore their businesses within hours of a disaster.
The author is editor of SDB and can be contacted at email@example.com.
In the wake of recent news about cyber crimes against the government and data breaches in the retail industry, data security has become a major issue that is top of mind for consumers and enterprises today.
According to the U.S. Department of Energy, some 3 million data centers operate in the United States presently, and in 2014 Gartner predicted that the “Internet of Things” would increase 30-fold from by 2020.
Companies are constantly replacing their IT (information technology) equipment with the latest and greatest in data technology; however, they face an even greater challenge when it comes to disposing of said IT equipment. It’s crucial that all sensitive data be securely removed before a company recycles, reuses or resells IT assets.
Despite the rapid rate of technology innovation and the overwhelming amount of tech-enabled devices in our world today, unfortunately, the right parameters are not always in place to protect data on these devices.
Most companies claim to wipe all of their customers’ important data before decommission, yet more than 50 percent of the “wiped” equipment still has sensitive data on it, leading to a potential data breach, identity theft or regulatory compliance failure, according to research by my company, Apto Solutions.
Although it’s not intentional, incompetence and ignorance ultimately can play roles in the disposal of IT assets that still contain sensitive information. The size of the organization and its ability to train and make its associates aware of the seriousness of data erasure also play parts in the process.
These days, criminals have access to more outlets than they did a decade ago, giving them a larger network through which to benefit monetarily from stolen data. Cyber criminals use the Internet to launder money or to sell sensitive information. It’s important to remember that proper data sanitization goes far beyond pressing “delete”—companies need to use data erasure software to completely sanitize their IT assets.
To properly wipe IT equipment, it’s important for companies to have a detailed understanding of the variety of ways data can be stored on modern devices. Of course, hard drives and other storage media are typical devices that need to be sanitized, but people often overlook the data living within devices such as printers, network switches and network routers. Mistakes like this are common for companies across the board when they lack experience implementing data erasure software. Companies that forgo doing a verify pass or spot audit can miss important data still living on the equipment they are disposing.
It’s also crucial to remember postsanitation aspects, such as reporting and back-end integration.
Keep these five best practices in mind when choosing and using data erasure software and when advising your clients:
- Make sure the software is accredited. The first step to proper data sanitization is to find a reliable, accredited data erasure software vendor. Finding a certified vendor is more important than focusing on the software alone, especially if the operation has a high volume of assets requiring data sanitization. After equipment has been decommissioned, a tool that has been independently certified to thoroughly sanitize data with multiple passes and random bits should be used to wipe the data. (At Apto Solutions, our data erasure software, NetSwiper, is accredited by Hartford, Connecticut-based Open Sky, a TUV Rhineland Co., which helps provide large-scale concurrent sanitization in existing machines.)
The software should be thoroughly evaluated and certified against an industry-accepted standard (e.g., NIST, National Institute of Standards and Technology) and by an internationally recognized certification body (e.g., ISO, TUV, etc.)
It’s also important to make sure that personnel have been trained and vetted to remove critical data. The consistent execution of vetted processes will add an extra layer of protection, allowing data erasure software to more effectively prevent critical data from falling through the cracks.
- Verify the software conforms to data wiping standards. Companies need to be aware of the data wiping requirements that are established where they are located, whether they’re under HIPAA (Health Insurance Portability and Accountability Act), PCI (Payment Card Industry), the EU Database Protection Directive or in one of the 32 U.S. states with data destruction laws.
A multitude of government and industry standards are in place for data erasure or overwriting. The Department of Defense (DOD) has released its own specification for secure deletion called DOD 5220.22-M. This spec requires three passes: zeros, ones and random data, respectively. NIST also released its own overwriting standard called NIST SP 800-88. When choosing a data erasure software, companies should make sure that it meets these standards to properly sanitize data and avoid legal consequences.
- Assess the type of equipment needed to sanitize. Historically, data erasure solutions have focused on traditional storage media, such as hard drives. Data devices outside of PC and server magnetic hard drives, such as copiers, networking equipment or hand-held devices with flash memory, often receive less scrutiny. In today’s world, other devices like tablets, smartphones, networking gear and even printers must be accounted for. Each of these devices requires a unique, specialized solution. The solution should apply the same rigorous DOD 5220.22-M, NIST SP 800-88 or an equivalent standard to all data storage media.
- Ensure the software offers detailed, serialized reporting. The most important piece of the data erasure process is the verification and possible certification that an asset has been properly sanitized. Without proof of destruction, there is no peace of mind or risk mitigation when it comes to preventing data breaches. Off-the-shelf sanitization software may provide a company with verification but not with an actual certification. That’s where ITAD (IT asset disposition) vendors come into play. A good ITAD vendor has the ability to scale data sanitization operations to handle thousands of assets simultaneously and can provide peace of mind in the form of an official certification that the assets were properly sanitized.
- Choose software that can recover IT asset value for remarketing. After making the decision to decommission IT equipment, companies may want to figure out how much those assets are actually worth. The value of the equipment that new technology replaces could reduce the bill and ease the transition process, but that’s only if the right buyers can be found at the right time. Making a spreadsheet of available equipment and sending it out to the usual suspects just won’t cut it if the goal is extracting the most value from decommissioned IT equipment. Companies will want to research and be aware of the true market value or work with a provider that does.
It’s important to note that not all equipment is worth reselling; knowing when to recycle instead of to resell and how to recycle in accordance with regulations could save a company a lot of wasted time, effort and legal trouble.
When to destroy and when to recycle?
Decommissioning doesn’t have to be the answer to getting rid of old IT assets. Companies should consider when it makes more sense to reuse or resell their assets rather than recycle them. If the value of a certain asset is low, or it has been eclipsed by newer technologies, it more than likely makes sense to recycle it rather than go through data sanitation to repurpose it internally.
On the other hand, if the older assets have sufficient value, value recovery through the data sanitization and remarketing processes is a better, more sensible option. The proceeds earned through value recovery (selling those used assets on the aftermarket) can help offset the costs of other internal IT initiatives.
Finally, companies should consider their internal policies. Some companies prefer the social value gained from disposing of IT assets in a green, eco-friendly manner over earning a bit of extra recycling revenue. For others, the recycling revenue is not as valuable; certifiable physical destruction of assets is more important and is worth the trade-off.
Whichever trade-offs your clients decide to make, be sure to encourage them to take an extra look at their end-of-life processes. What they don’t know yet might hurt them.
James Kilkelly is CEO and founder of Atlanta-based Apto Solutions and Telephone.com. He has held positions with Fortune 500 companies, such as NCR. For more information, visit www.aptosolutions.com or contact firstname.lastname@example.org.
A recent American Express Service Study found that 63 percent of its 1,620 respondents said they felt an increased heart rate when they simply thought about great service. For 53 percent of those studied, great service caused them to have the same cerebral response that results from feeling loved. The trick, of course, says Ron Kaufman, is developing a customer service team that has the skills to produce such an overwhelming reaction among your company’s customers.
“The truth is, in many of today’s industries and many of the world’s biggest companies, service can be downright disappointing,” says Kaufman, author of the New York Times best-seller Uplifting Service: The Proven Path to Delighting Your Customers, Colleagues and Everyone Else You Meet. “We spend hours on hold when we just need an answer to a simple question. Store clerks seem angry with us when we tell them a mistake was made. And the list could go on and on.
“If you want to combat this at your business, you have to make providing great service a point of pride for your employees. Service is taking action to create value for someone else—and when that is the driving force for your staff and your organization, everyone will be happier,” Kaufman continues.
What can you do right now to strengthen your company’s service team? Kaufman offers a number of tips.
Give them the leeway to make in-the-moment decisions. “Empowerment” is a buzzword in business, and, in theory, we all understand that improved service is unlikely to happen inside an organization without it. Yet many leaders and employees seem to fear it. If a leader is not confident in her people, she doesn’t want to empower them with greater authority or a larger budget. And if an employee is not confident in his abilities and decisions, he often does not want the responsibility of being empowered.
“Don’t overcomplicate service,” Kaufman says. “Work with your employees to switch their focus from ‘What should I do?’ to ‘Who am I serving and what do they value?’”
Have mistake meet-ups. Another key to empowerment is demystifying the fear that accompanies making a mistake, Kaufman says.
“Have a meeting and say, ‘We want learning from mistakes to be part of our culture,’” he advises. “Have your leaders kick off the meeting by saying, ‘I’ll go first. Here’s the biggest mistake I made last week. Here’s what I learned from it. What can I learn from you?’ Then, everyone shares in that way, and, boy, does that make them feel safer. It gives them the freedom to try new ideas and to take new actions.”
Eradicate cumbersome policies and procedures. In Uplifting Service, Kaufman writes about an experience he had while dining at a luxury resort in California. The waiter explained that there was a special menu that night, spotlighting the chef’s signature dishes. But Kaufman’s guests were vegetarians and had nothing to choose from on the menu, and Kaufman himself had been craving a particular salmon salad. So, they asked to order from the regular menu. Obviously uncomfortable, the waiter whispered, “If you go back to your room and order room service, then you can order the salmon salad or anything else on the [room service] menu, but I can’t serve you those choices here tonight.”
Kaufman says, “In trying to spotlight the chef’s menu, the restaurant had created a major roadblock for the people who worked there—the waiter wasn’t given permission to serve. Like this waiter, most frontline staff members are taught to follow policies and procedures and are hesitant to ‘break the rules.’ Yet some rules should be broken, changed or at least seriously bent from time to time.”
Acknowledge achievements. Compliments are motivating and inspire employees to keep coming up with newer and better service ideas. That’s why you should actively solicit feedback from customers and regularly share positive comments with employees.
The great thing about acknowledging achievements among your staff is that you can get a big impact out of simple actions. For example, simply thanking an employee who handled a customer well or tweeting a message on Twitter about the employee of the week can go a long way.
Educate and inspire them to serve each other. When most companies set out to fix their service issues, they start with customer-facing employees. The fact is, frontline service people cannot give better service when they aren’t being served internally.
When Kaufman worked with Air Mauritius to kick off its service revolution, they company started by addressing the communication problems in its dysfunctional culture, which manifested as bickering, finger-pointing, withholding information, etc.
“First they had to realize that everyone on staff either directly serves the customer or serves those who serve the customer,” he says. “Everyone had to embrace the service improvement mindset—engineering, ground staff, the technical crew, registration and sales, people at the counters, people at the gate area, people on the aircraft. That meant they had to serve each other as well as the customer.”
Teach them to solicit customer feedback at various points of contact. Asking, “Is there anything we can do better for you the next time?” accomplishes two important objectives. First, you gather valuable ideas. Second, you get the customer thinking about doing repeat business.
“Even if a customer doesn’t have a recommendation, trust that they’ll be glad your employee cared enough to ask,” Kaufman continues. “When an employee engages a customer in this way, it’s yet another way to say, ‘We value you. We want to provide you with the best possible service, and we would be delighted to serve you again.’ It also shows your customers that you aren’t afraid of improvement. It shows just how dedicated you are to delivering on your promise of uplifting service.”
Help them find ways to “up” service. Imagine you are going up a ski lift and accidentally drop one of your gloves or ski poles into the woods below. At Deer Valley Ski Resort in Utah, the staff helps you find the missing item and then gives you a coupon for a free hot chocolate.
A new Italian restaurant announced its grand opening with great fanfare in the press. Every table was reserved weeks in advance. On opening night, the ovens broke down and could not be restarted. The restaurant served an elegant buffet of cold dishes and plenty of wine. All free!
“These are great examples of businesses going the extra mile for their customers, and it’s important that you help your employees develop this kind of thinking,” he adds. “In your next staff meeting, review a few customer service recovery interactions, even those that went well. Then, have your staff brainstorm ways the recovery could have been improved.”
Train them to tell customers what they will do. When there is a mistake or mishap, explain what steps you will take and when you will get back in touch with the results. Thank them for giving you the opportunity to set things right.
“Of course, the first step when a mistake has been made, or even just when a customer perceives that a mistake was made, is to apologize,” Kaufman says. “Once you’ve apologized, provide any useful information you can about what will happen next. Ask them if they have any questions and answer them to the best of your ability. If you don’t have an answer, let them know what steps you’re going to take to find it.
“And finally, show you are sincere about your commitment to do well in the areas the customer values,” he adds. “At the very least, you can say, ‘I’m going to make sure everyone in the company hears your story. We don’t want this to happen again.’ When you express the company’s desire to improve, you start on the path to rebuilding its credibility with the customer.”
Encourage them to develop their own signature service touch. Sometimes small service touches can have a big impact. Here’s a fundamental truth of service: Small changes can lead to big leaps in customer perception—and they don’t have to be costly at all.
“For example, Air Mauritius had captains to start greeting passengers as they board the plane,” Kaufman says. “This small gesture creates a huge impression of welcome and respect for passengers. It also asked captains to provide memorable information as they fly over certain areas—like descriptions of cities, landmarks, volcanoes and so forth. This literally turned flights into uniquely guided tours. Passengers loved these changes.”
Provide a weekly service thought. Post or email a message about the importance of service or how to improve service each week. It can be as simple as an inspiring quote or a link to an article with an example of great service.
Emphasize service with new hires. Unfortunately, many company orientation programs are far from uplifting. Often they are little more than robotic introductions: This is your desk; this is your password; those are your colleagues; these are the tools, systems and processes we use; I am your boss; and if you have any questions, ask. Welcome to the organization. Now get to work.
These basic introductions and inductions are important, but they don’t connect new employees to the company or the service culture in a welcoming and motivating way, Kaufman says.
He adds, “Developing service-minded, service-driven employees will be worth every ounce of energy you put into it. When you take steps to build a strong service team, everyone is fully engaged, encouraging each other, improving the customer experience and making the company more successful.”
Ron Kaufman, UP! Your Service founder and chairman, is the author of the New York Times best-seller Uplifting Service and 14 other books on service, business and inspiration. UP! Your Service helps organizations upgrade service performance and secure a sustainable advantage by building an uplifting service culture. To learn more about UP! Your Service, visit www.UpYourService.com. To learn more about Kaufman, visit www.RonKaufman.com.
In the digital age, data security is vital to brand reputation and business continuity. And with the digital universe doubling in size every two years, according to a study from EMC Corp., Hopkinton, Massachusetts, businesses now, more than ever, need to ensure vital information is protected, wherever it resides.
However, many organizations struggle to meet the now-critical necessity of data security and are, subsequently, paying the price. Consider the following data:
- Nearly 52 percent of digital information created by corporations, especially financial data, is stored in ways that are unsecured.
- Seventy-one percent of businesses are not fully confident of restoring their data, and 64 percent of companies suffered data disruption in the past 12 months, according to EMC’s 2014 Global Data Protection Index.
- Ninety-three percent of companies that experience a data center failure go bankrupt within a year, according to the National Archives and Records Administration, Washington.
The bottom-line costs of these data disruptions can be massive: nearly $3.79 million, or an average of $159 to $174 per record, according to the Ponemon 2015 Cost of Data Breach Study. This doesn’t even take into consideration the cost to the company’s most critical asset: its reputation. In a 2012 study, the World Economic Forum estimated that, on average, approximately 25 percent of a company’s market value is directly attributable to its reputation. Lose the trust of your customers and prospects, and you risk the loss of one-quarter of your business.
Recall launches CommandIG
Recall, Norcross, Georgia, announced the general availability of Recall CommandIG at the ARMA Live! 60th Annual Conference & Expo, Oct. 5-7, 2015, in Washington.
The company describes CommandIG as “a secure cloud-based or on-premise information governance solution that enables companies to easily govern paper records and digital information wherever it resides and address the challenges of secure collaboration.” Recall adds that regardless of whether a company operates locally, regionally or globally, CommandIG supports the information governance requirements for companies of all sizes and in any industry.
Ron McMurtrie, senior vice president and global chief marketing officer at Recall, says, “CommandIG is the solution needed to address secure distribution, collaboration, management and governance for all the physical and digital information created and consumed by an organization, regardless of how widely dispersed across industries and geographies they may be.”
Recall began commercial trials of the product more than six months ago, while technical trials began earlier, McMurtrie says. Several hundred of the company’s clients in the U.S. and Australia have been working with CommandIG from 60 days to several months, he adds.
With the growth of digital documents greatly outpacing that of paper, the information governance challenge is a technical issue, Recall says. Successful compliance depends on technical solutions that factor in legal interpretations, IT (information technology) expertise and records management insights.
CommandIG provides records management, legal and IT departments a way to apply consistent life cycle policies to documents, according to Recall.
As the volume of data grows for a company, it is more difficult than ever to keep up with the necessary infrastructure to store that information. Often, information technology (IT) professionals are tasked with maintaining information rather than with protecting it. A myriad of security solutions are alive and at work in every organization, but the approach too often is focused on simply “keeping the lights on” and leaves very little time for IT professionals to focus on proper data protection.
While IT departments know they need to have a data protection strategy in place, they don’t always have the time or resources to ensure the right solution is implemented. New data privacy threats and changes in regulatory requirements mean businesses need to continually evolve security. Although data protection is a business challenge, the responsibility falls on IT departments to make certain it happens.
Changing technology, increasing demands
Most mature companies already have a data protection solution in place, but many are not updated enough to fit current needs with new technologies. A disconnect between current business continuity and the data protection solution can spell disaster for many companies.
The demand on IT to drive business goals has increased significantly in recent years and has been complemented with an always-on culture. Compared with as little as five years ago, nearly every worker has a smartphone and works constantly. This shift to more digital- and IT-focused systems means IT departments are stretched and rarely given more budget or resources to handle day-to-day needs and update data protection solutions. The result is that data protection solutions and the “what if” of potential risk to data loss are put on the back burner.
Even though IT knows data protection solutions need to be updated, the necessary data points to make the argument are not always available. Most IT departments see the problem but don’t know how to make an urgent case for implementing the right data protection solution. Additionally, IT often views data protection as a lesser priority because business can continue if backup and archiving are not completed each day. The always-on culture is the priority instead.
Solutions introduce more challenges
Moving to automated and cloud-based systems allows IT departments to better address data protection without distracting them from their day-to-day responsibilities and emergencies. Automation removes the need for manual data backups. The result is a reduction in time associated with backing up data by IT departments as rules can be put in place to automatically back up and store data on a regular schedule.
Cloud is a more modern technology that is more appealing than traditional tape backup. The ability to store off-site without manually moving physical data (paper documents, tapes or hard discs) also increases efficiency by reducing the time spent backing up data by a factor of 10. Additionally, most organizations experience a reduction of potential costs associated with secure transport when using cloud storage.
Modernizing and moving to the cloud helps business users—finance, human resources, marketing and purchasing—meet business demands, but these same users can contribute to the No. 1 problem in the data protection space: human error. People are more likely to introduce a virus into a system or accidentally delete a file.
To address human error and ensure that information is properly protected on cloud applications, IT departments need to confirm that management and security solutions are in place, and they should be configured to meet each business’ unique needs. If the solution does not adhere to the regulatory and compliance requirements specific to the business, it is not the right solution.
Supporting IT for data protection solutions
To support IT professionals, stakeholders within the business must be invested in the data protection solution. For example, the IT department may maintain the system, but the accounting team knows which data are most critical to the business and must be backed up appropriately and can relate that information back to other company stakeholders. Alignment among stakeholders ensures IT gets the buy-in needed to obtain the investment and resources to create the right data protection solution for the business.
IT can have the best and most active role in being prepared and keeping the business going regarding the protection of data but only when others within the business provide the right support for data protection solutions.
Janson Hoambrecker serves as vice president and global market leader for Data Protection Services (DPS) of Recall, Norcross, Georgia. As the global market leader for Recall, Janson is responsible for the global strategies and product direction of DPS. He has a broad understanding of the data protection market and cloud marketplace.