Various regulations and acts affect document retention, archiving and deletion within South African businesses, but the practice of archiving and retention are predominantly driven by regulations around what type of information should be retained and for how long.
According to Vic Booysen, business unit manager: EMC at Business Connexion, there are no rules around how data should be retained, although the Access to Information Acts require "retrieval within a reasonable timeframe".
"These types of acts and regulations will start a movement towards the digital archiving of data, where retrieval is almost instantaneous," Booysen says.
Booysen adds that the task of securing information is no longer solely the responsibility of the ICT administrator, but that of the company directors as well. "The safety of intellectual capital and trade secrets is crucial to the success of any company, and data losses expose this," he says.
New initiatives and solutions in the field of content, document and records management include the integration of RSA-enabled security, with storage subsystems to provide stronger authentication, authorisation and audit capabilities to the enterprise storage portfolio. This further secures the overall foundation of clients' information infrastructures.
Large storage manufacturers have started to realise that security around information is critical and that it is no longer sufficient to only protect information from external intruders, by means of firewalls, but also from internal threats. As such, EMC Corporation recently acquired RSA Security to provide information security within information infrastructures.
According to Booysen, information-centric security includes a few key elements. "First is securing the information, which requires preserving the confidentiality and integrity of business information, wherever it resides. Second is securing access to the information for employees, customers, and partners. Employees need to be able to access key corporate resources, anytime and from anywhere. Customer access involves offering self-service channels and preventing fraud. Partner access means opening internal systems to ease collaboration with trusted partners. Third is managing the information for compliance and security audits, and achieving compliance with security policy and regulations," he explains.
Booysen emphasises that organisations should realise the role and place of a comprehensive backup, recovery and archive system and policy within their information infrastructures, and the more broadly defined information lifecycle management (ILM) strategy.
"By implementing proper policies and systems, companies will not only save a lot on infrastructure costs over time, but also minimise the risk of exposure to data losses, while complying with Acts, regulations and policies around information protection, archiving and retention periods," he concludes.
Share