Talk to a hundred people, and you’ll get a hundred different opinions on the state of information lifecycle management (ILM) in today’s corporations. Your mileage will vary based on the role the individual has with the data, where he or she sits on the corporate organization chart, and their experience with a particular vendor’s solution.
Is ILM merely a marketing buzzword, or is it alive and real in daily operations? One way to answer that question, and measure the state of ILM today, is to look at where the rubber meets the road — what companies are doing, or should do, to leave the driveway and travel down the road to managing information throughout its life.
The experience of scores of users suggests that there may be no definitive set of ILM best practices as of yet. ILM means different things to different users, and everyone seems to be at a different step in determining their own best practices. Nonetheless, there appears to be enough in common among those who have implemented ILM to draw some general conclusions.
One thing is for certain: the growing focus on regulations requiring data protection and retention have jump-started a discussion of the best ways to begin lifelong information management practices.
One way to look at ILM best practices is through a whole-company mirror, working to develop overall operational practices that make sense, are mistake-proof, and can be duplicated in departments throughout the corporation. Users who have successfully moved into the ILM process have found the need to first come up with general policies for corporate-wide data that embrace their regulatory and compliance climate.
The First Steps
Many companies begin by asking straightforward questions: What should be kept? What can be deleted? What must stay for immediate access? What needs to be moved to lower-cost storage?
Coming up with questions isn’t the problem. The difficulty, as one health care IT professional confided, is the next step — answering the questions. Here collaboration is the operative word — between the records manager, the business manager, the legal department, the security officer, the data administrator, and the IT manager. Talking only to one’s peers in your operational area will stop the process cold, so include in your Q&A an examination of your corporate culture and the willingness to embrace all areas of the organization that have a stake in the information, its lifecycle, and the process that manages it. ILM practices will be only as successful as the commitment by all personnel to adopt and support them.
Defining data value — also known as classifying data — is the next step, and forms the foundation for follow-on ILM best practices. Classification is an exercise with its own rigor and practices, and end users must work hard at defining or refining their specific processes. Companies can begin the classification process at a variety of levels — by department, owner or customer — and organize the data and information into groups based on the value of the information. Over time, industry education programs will evolve to assist users in the ongoing exercise.
When data and information are classified — or sometimes as part of the classification process — organizations can then determine management and service level objectives for that data: how available the must data be, how it must be protected, how fast it needs to be recovered, how long it must be kept, what governmental regulations apply for retention time and audits, and what department to charge back.
Users recommend setting management and service levels that make sense for your company. Keep the levels simple, straightforward and focused on your company’s goals. Mission critical, important to daily operations and not important are three levels that make a good starting point, but some organizations may require several layers in between.
The resulting management and service level agreements are then examined in light of tiering the data — establishing a hierarchy of physical storage systems needed to maintain service requirements. Some data may need to be on primary storage and easily retrievable, while other data, which has lower service level objectives, can be effectively placed on secondary storage systems.
Finally, users who have negotiated these twists and turns recommend examining and implementing ILM management tools that can facilitate the development of automation policies on the tiered data.
More to Come
While the goal is to establish ILM across the enterprise with heterogeneous interoperability and standard practices across multiple sites, the reality of ILM today is that companies are in various stages of the ILM best practice process.
Many are just now grappling with data classification, and IT professionals are reaching out to other areas in the organization such as records management to integrate the “what” with the “how.” You may wish to initiate or expand these kinds of talks in your organization, and reach out to groups like ARMA International (www.arma.org) to understand parallel data and information management activities.
The next year will see the fruits of collaborative efforts of information technology, records and information management, and information security organizations to redefine and expand the meaning and real-world application of ILM within organizations. These activities offer the hope of effective practices to better serve the needs of 21st century corporations, and pave the way for IT professionals to lead the charge to manage, preserve, and protect the data that is vital to their company’s business operations.
Stay tuned; there’s more to come.
For more storage features, visit Enterprise Storage Forum Special Reports