1. Shredding
With more than 73,000 customers in North America, Iron Mountain has long been a leader in secure shredding. Whether you need onsite or offsite, bulk or recurring shredding services, Iron Mountain has the capabilities you need.
In many organizations, only 15% of the stored data is actually valuable. Much or the rest is redundant, obsolete, and trivial (ROT). While most organizations have retention policies that mandate defensible deletion of this ROT, policies often go unenforced. If this is happening at your organization, this paper offers five reasons to spend some time cleaning up your files, as well as tips for helping your efforts succeed.
As each new year rolls around, many people feel inspired to make a change that will improve their life. Top new year’s resolutions in a recent Forbes Health survey include improving fitness (48%), improving finances (38%), improving mental health (36%), and losing weight (34%).
Organizations often have even more need for improvement. More specifically, they need to de-clutter.
One report finds that executives believe only 15% of their stored data is actually valuable. A third of their data they know to be redundant, obsolete, or trivial (ROT), and another 52% is unknown.
And the problem is getting worse.
Data volumes continue to grow. Statista estimates that the global amount of data created, captured, copied, and stored could reach 181 zettabytes by 2025. To put that in context, 1 zettabyte is a trillion terabytes or a sextillion bytes. For comparison, there are about 7.5 sextilliongrains of sand on earth, which means the planet will hold 24 times as much data as grains of sand.
That data growth is having a big impact on businesses. As enterprises generate and acquire more valuable data, they also find themselves with ever-increasing volumes of ROT.
This shouldn’t be the case, of course. Most organizations have records retention schedules that mandate defensible deletion of data, and these policies should help them eliminate ROT. A PwC survey finds that only 7% of companies surveyed do not have a formal information governance process, and only 6% lack a data retention and elimination policy.
But many of those processes and policies are failing or inadequate. Four out of ten respondents say their formal information governance processes were only partially implemented or needed improvement. And 38% say their organization has not properly implemented their data retention and disposal schedules.
In other words, companies and their employees know that they have data that should be deleted or destroyed, but that often isn’t happening. Why not? Why should companies care? Why don’t employees get rid of old data?
It seems like deleting files or shredding paper that has reached its expiration date would be a fairly easy policy to implement. After all, hitting the delete key or sticking something in the shredder doesn’t take a lot of time or energy.
However, holding on to clutter is deeply rooted in human psychology, make it difficult for employees to actually implement these policies:
With all those reasons for employees to avoid data destruction, is it worth trying to motivate employees to clean out the redundant, obsolete or trivial?
In a word, yes.
The potential benefits of properly disposing of data far outweigh the effort—and expense—of doing nothing. Here are five of the biggest reasons to clean out your old data:
One of the most compelling reasons for organizations to clean out their data is to comply with relevant regulations. An information governance (IG) World InformationGovernance survey asked information governance professionals to rate the importance of different drivers on a scale from 1 to 5. It finds that “The strongest drivers of IG within organizations increasingly continue to be external regulatory/compliance/legal obligations (with a notable rise in this score from 3.35 to 4.17 out of 5.0).”
This rise in concern about compliance stems from the rising number of relevant regulations. By one estimate, businesses may be subject to between 8,000 and 15,000 different regulations that relate to data retention. And governments around the world pass new laws or update existing data retention regulations nearly 200 times a day.
Each of those regulations can be complex. For example, the European Union’s General Data Protection Regulation (GDPR) is one of the world’s most comprehensive privacy laws, and it is becoming a model for other parts of the world. GDPR says that organizations can only keep an individual’s personal data for as long as necessary to perform the task for which it was collected. That means organizations need to keep track of why they collected the personal data and when that goal was accomplished, which can be a difficult task. In addition, that same law provides citizens with the right to be forgotten. In other words, organizations must delete an individual’s data when asked—another task that can be difficult when data is spread through multiple applications and systems.
While estimates on how much it costs to comply with regulations vary, it’s definitely expensive. Some experts say $10,000 per employee, while others say an average of $5.47 million annually for large multinational enterprises.
But they all agree that non-compliance costs much more. In fact, the Ponemon Institute found that large organizations that fail to comply with privacy regulations average about $14.82 million in costs per year.
The threat of fines and penalties provides a powerful incentive for organizations to delete old data that is no longer serving a purpose.
In that IG World survey, the second biggest driver for information governance efforts is a desire to “cut risks [regarding] data that could have been defensibly deleted.” That makes sense given enterprises are extremely focused on minimizing their risk. That’s made abundantly clear by a 2023 Economist survey in which 90% of executives say that identifying risks has become more important for their organization.
What kind of risk does undeleted data pose?
For one, it increases the potential impact of a cyberattack. Cyber crime is big business, and it’s on the rise. According to IT Governance, there were 2,814 known data breach incidents in 2023, affecting more than 8.2 billion records. That’s a sharp increase from the 1,063 security incidents affecting 480 million records in 2022.
And each incident is becoming more expensive. IBMreports that the average cost of a data breach was $4.45 million in 2023. That’s a 2.3% increase over 2022, and a 15.3% increase over 2020.
Storing data longer than necessary can also escalate an organization’s legal risk, as well as the costs of eDiscovery. Similarly, for government organizations, it can intensify costs and risk related to complying with the Freedom of Information Act (FOIA) and similar legislation.
In addition, having old data lying around increases the chances that someone will use faulty data for decision making. If you don’t have good data quality processes in place, bad data can easily creep into analytics and infect your strategic planning.
Lastly, failing to follow retention policies can clog up your organization, hampering productivity.
For a couple of decades now, business leaders have been hearing about the benefits of big data. In some cases, that has led to the impression that having more data is always better.
But analysts and data scientists say that isn’t always true.
Depending on which study you read, data analysis professionals typically spend somewhere between 40% and 80% of their time cleaning and configuring data. That’s a problem for businesses because these roles are some of the highest paid in most organizations. According to Indeed, data scientists in the US make ~$124,000 per year, and their earnings can be even higher in certain areas. If these professionals are spending all their time cleaning data, companies won’t be able to reap the full value of their expertise. And the more bad data an organization has, the more time data cleansing tasks consume.
But failing to defensibly delete files in a timely manner doesn’t only affect data analysts—it can hamper line of business professionals as well. In the same way that the phenomenon of analysis paralysis can make it difficult to decide which files to destroy, it can hamper other business decisions as well.
In a recent survey, 74% of those surveyed say they are making ten times more decisions every day than they were three years ago. More than three-quarters (78%) say that they are sorting through more data than ever before, and 86% say this huge influx of data is complicating the decision process. As a result, seven out of ten feel so overwhelmed that on at least one occasion, they gave up on making a decision, and 89% of business leaders say this situation has negatively affected their organizations.
Your employees need data to make good decisions—but it needs to be accurate, up-to-date data in manageable volumes. A data cleanup effort can help make that possible.
Defensibly destroying files on schedule can also help reduce expenses. Paper files can be particularly costly to store and manage. First you have the cost of the paper, plus the expense of file cabinets or boxes, plus real estate or off-site storage. Then you have to add in the lost time that employees spend managing documents and searching for files. Iron Mountain calculates that businesses waste $600 per employee on paper files, and they spend another $1,500 per file cabinet or box per year to manage those paper files.
While storing digital files isn’t as costly from a storage and real estate perspective, IT costs for hardware and/ or cloud services, and staff time can still add up. As the volume of data stored increases, so does the cost of compliance—as well as the potential fines for non- compliance. More data is also more expensive to secure— and more costly if the organization experiences a data breach. And excessive data drives up labor costs by hindering efficiency and productivity.
So while it might seem like keeping old files isn’t that expensive, the true costs are far higher than most people realize.
The last reason to clean out your old files is a little bit harder to quantify. Getting rid of redundant, obsolete and trivial (ROT) information can help promote a data culture, an organizational ethos that values data-driven decision- making.
Experts say that fostering this mindset among employees can be extremely valuable. “The benefits of a data-driven culture is to examine and organize the data with the goal of better serving one organization’s customers and consumers,” says Alan Duncan, Vice President Analyst at Gartner. “It also bolsters and speeds up business decision-making processes.”
Forrester’s Kim Herrington agrees, writing, “While the tech sets the stage for an insights-driven transformation, nurturing a people-centric data culture is as important, especially as tech and data executives understand how employees are, and are not, making good decisions.”
But while most executives want to build a data culture, few of them are succeeding. A recent Harvard BusinessReview report finds that only 20.6% of those surveyed say their companies have established a data culture. This is actually a decline from 28.3% who said the same four years earlier.
In that same report, 79.8% of business leaders say that cultural obstacles—not technology—is their biggest barrier to becoming more data-driven. Given these results, it’s not surprising that only 23.9% of respondents indicated that they have built a data-driven organization.
Launching a single initiative to clean up data ROT won’t be enough on its own to build a data culture. But these kinds of projects do help to send the message that a company takes its data very seriously. And when combined with other efforts, defensible data destruction can help you instill positive data practices throughout your organization.
With more than 73,000 customers in North America, Iron Mountain has long been a leader in secure shredding. Whether you need onsite or offsite, bulk or recurring shredding services, Iron Mountain has the capabilities you need.
Ideal for organizations that are making real estate changes, including transitioning to remote or hybrid work, clean start services help you optimize space, reduce risk, and enhance sustainability. Clean Start includes assessment, shredding, workflow optimization, digitization, and more.
Get the expert advice you need to review, improve, and accelerate your data retention, privacy, classification, metadata, or other information governance initiative. We can help you develop policies and implement programs that meet your compliance and risk management goals.
Augment your staff with deep subject-matter experts and certified RIM professionals who are available on a full-time or part- time basis. Contracting with Iron Mountain makes it easy to find qualified help, whether you need general support staff or senior analysts.
These technology-driven solutions help you identify what records you have and take action to transform to a more digital way of working. It includes Smart Assign record coding, Smart Reveal photographic services, and Smart Sort reorganization.
Many information governance professionals are well aware of these benefits to cleanup projects. In fact, when the IG World survey asked practitioners which type of projects they would like to complete, the top two vote- getters were a legacy data cleanup project (54%) and defensible deletion of information (39%).
If your organization is ready to get started with a cleanup project this year, these tips can help:
To learn more, check out the Information Governance course in Information Economics Academy and visit Iron Mountain Information Governance.
Get a FREE consultation today!