5 key implications for information lifecycle management in 2023 

Discovering how best to use the vast amount of data your firm creates and collects is one of the key tenets of any firm’s strategy. Although the importance of effective use of data is now far better understood than ever before, centric to converting data to actionable insights is an organisation-wide information lifecycle management framework. One that is failproof and comprehensive across how information is collected, used, stored and then safely disposed.  

What are the five trends in information management?

With the volume of worldwide data expected to reach 175 zettabytes by 2025, and multi-million-dollar penalties for data and information breaches, knowing how to properly manage and protect your records and data is more critical and mandatory than ever before. Outlined below are the implications of the five biggest trends in information management for 2023.  

Hybrid working necessitates the re-invention of information access

The hybrid model is here to stay and as digital transformation accelerates rapidly, remote employees working from flexible locations create an inherent information leakage and data security risk, in most cases, unintentionally. Firms must not merely tighten, but completely redesign their policies around secure access to information across access points and devices.

Most managed to scamper through the last 2 years of pandemic induced chaos with a patchwork of quick fixes, which will not survive the back-to-business volumes in 2023. 

The diversity of content formats being managed is also growing exponentially. The boom in collaborative tools, applications and video-conferencing software is adding to the weighty volume of data generated alongside existing physical and digital records. The number of stakeholders in charge of this field has multiplied and they must all operate from one information security framework that ensures compliance, protection and interoperability.  

They must also seek to better understand how to collaborate within the changing confines of a hybrid working model, whilst taking a risk management first approach to all processes.

Awareness of the potential of breakdowns in handling data and information is integral to ensuring zero breaches and failures. Employees, wherever they are working from, must also be considered an integral part of the firm’s defences against data breaches. Ensuring that employees are engaged in proper data management processes is more critical than ever. 

Focus data remediation initiatives on ESG and privacy regulations

Data protection has come to the fore in recent months and will take a front seat as the pace of tech enabled transformation continues. Climate conscious geo-political and corporate mandates are compelling firms to report their emissions output and track their environmental progress. This will only intensify on the back of more regulatory change expected in 2023.  

Data remediation initiatives emphasising ESG and privacy laws will be crucial to respond to new legislation and demonstrate information resiliency. From a compliance perspective, businesses need to be careful about the type of data they collect. Storing data without consent or legitimate business purposes can raise compliance issues and security concerns.

Here again, data remediation, helping businesses to get rid of duplicate, unnecessary or unused data is a necessary step in improving compliance, sanitising data management and ensuring data network security, enabling organisations to focus on business as usual.  

Data residency will take center stage

In response to the global demands of the hybrid workplace, cloud-based services are naturally increasing, but in a multi-cloud environment it can be difficult to keep track of the tentacles of the information spread. Knowledge around data residency, including what information you should hold, where it is stored, which regulatory frameworks it is governed by and who within your organisation has access to it is critical to data security and privacy. 

In most parts of the world, businesses operate under local data regulations that dictate how the data of a nation’s citizens must be collected, processed and stored within its borders.

The primary reason enterprises choose to store data in different locations is often related to regulations, data policies and taxes. However, companies are allowed to transfer data after complying with local data protection and privacy laws. In this scenario, businesses must notify users and get their consent before obtaining and using their information. 

AI can be used to aggregate, analyse, present data clearly and extract the most relevant information, so that businesses can make the right decisions around data sovereignty.

Subsequently, AI can also be applied for content search and redaction – whereby personal identifiable information is hidden in documents from unauthorised access – and better integrate systems and overcome silos. From an information lifecycle viewpoint, AI can be used to identify and delete unnecessary data, and to support compliance and governance. 

Keep continued focus on data quality and stewardship

Businesses continue to build vast newer streams of data sitting in databases and on applications – with little idea of what to do with it. Fortunately, many organisations are becoming aware of this knowledge gap and increasingly investing in formal governance programs, with a renewed emphasis on data privacy. The role of the ‘data steward’ or ‘data broker’ as a prime participant in technology and business initiatives is taking center stage.

And as a result, this concerted effort to increase the awareness and prioritise data handling principles and standards within an organisation is a welcome development following years of data breaches resulting in reputational damage and falling customer trust.  

This increased focus on the value and quality of data is leading to increased vigilance in ensuring data sets are accurate, valid, complete and up to date, with artificial intelligence (AI) being used to detect incomplete, inconsistent or out of date data. Data reduction efforts such as these can lead to cost-savings when obsolete data no longer needs to be stored.  

Don’t ignore physical information assets

As offices reopened following two years of downsizing of real estate, businesses realised how much space was taken up by obsolete IT equipment and discarded digital assets. While information has a lifecycle, so too do physical assets used for information management.  

With an increased focus on the circular economy and meeting carbon neutral pledges, picking an asset lifecycle management partner is crucial to ensuring that disposing of old IT assets and phy-gital records is done with data security and compliance in mind. Understanding which records, assets and information an organisation has, what needs to be digitised and what can be automated is now an essential element of the modern office environment. 

Ultimately, global businesses should look to 2023 with an intention to elevate and prioritise their information and data security, management and destruction practices.

Data, records and information management has long been an overlooked and underinvested area, with little certainty about who has ultimate corporate ownership. If organisations do not develop processes, assign dedicated functional ownership and invest in technology, they will struggle to ensure compliance, value recovery and security of their information assets. 

Greg Lever is the Senior Vice President & General Manager for Asia Pacific, at Iron Mountain.