( 1 Vote )
A  web posting for a cloud/remote backup provider asked the question “is a 30 day retention policy sufficient?” and suggested that a much longer  retention policy was the way to go to ensure availability of data, whether it be 60 or 90 days or even longer. I challenge this question and believe that for many 30 days retention is excessive.

Why?

Firstly in my conversations with business units it is often found that the impact of restoring applications back past a day or two at most is unachievable. For applications that suffer catastrophic system failure the previous backup and logs is used, for application programming  failures backups are used only as a last resort and most prefer to “power through” the problem and fix the erroneous data than to restore the full system.

Next, when you ask a user how long he needs to retain information there is a confused pause before answering “Forever”. This answer is often generated by a vague corporate data asset management policy that leaves information management down to individual users. If users are offered the  question “how many versions of your data for non archive purposes do you require and what is the corporate classification of that data”  the number of days retention of a tape in a box/ sector of disk in a VTL becomes irrelevant. Often organisations play safe and select 3 but the decision is a business led not an IT/ technology cost led argument.

Retaining information, consistently,  within email systems or database applications is down to the classification of information within those repositories and should be managed through a specialist archive tools and policy and not by a backup tape taken out of cycle, in this case the archive needs very limited number of copies as once data is deleted from these systems the rule is it stays deleted.