No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Compliance

Compliance in the Cloud: What You Want Out Of Your Preservation Plan

5 Factors to Consider for a Compliance-Friendly Plan

by Ismael Alaoui
August 30, 2019
in Compliance, Featured
cloud shapes by keyboard in black and white

Establishing a sustainable preservation plan is key for compliance and risk management. Onna’s Ish Alaoui outlines five key factors to weigh when looking to preserve data from cloud-based applications.

The number of cloud-based applications and productivity tools used in the workplace is growing by the day. From Slack and GSuite to Dropbox and Office 365, today’s top workplace applications allow organizations to work at an accelerated pace. Although our productivity is skyrocketing, so is our production of data, leaving in-house legal teams scrambling for a scalable preservation plan. Between ever-changing compliance requirements, taking a proactive approach toward risk management is important now more than ever. Here are some key factors to consider when trying to establish a sustainable preservation plan in the cloud.

1. Defensibility

On cloud-based apps, data is extremely ephemeral and easy to modify. Although this may be a convenient aspect in day-to-day operations, it poses a risk when it comes to long-term defensibility. Responsible legal teams know that it’s critical to keep an original, defensible copy of everything in their organization. If ever the day comes for litigation, having access to an original copy might be key for providing evidence – not to mention, knowing when and how certain information was modified is just as important for internal knowledge as it is for external legal compliance. For these reasons, it’s a good idea to look for a solution that offers file versioning or audit logs. This way, your team can maintain a comprehensive trail of all user activities and ensure the utmost defensibility.

2. Scalability

Let’s face it, it’s difficult to predict just how much data storage your organization needs. In our cloud-based world, the proliferation of data can feel so out of control that it’s hard to put your finger on an exact capacity. For these reasons, scalability is your best friend. When shopping around for a preservation plan with multiple vendors, you might ask yourself, “do we really need that much storage?” or “how do we even budget for this?” The answers to those questions, unfortunately, aren’t black and white. For this reason, we can’t stress enough how important it is for legal teams to collaborate with their IT teams to get a baseline for their storage needs. Even then, it’s good to have some flexibility in your plan for the future. Keep an eye out for preservation plans that offer “pay as you go” pricing. This will ensure that you won’t get cut off from storage you didn’t know you needed. Having enough storage is critical to having information readily available for compliance — it’s better to be safe than sorry!

3. Granularity

A defensible and scalable preservation plan is only as good as it is useful — that’s where granularity comes in. Granularity gives legal teams the power to break through data clutter and find exactly what they need. For example, when data is organized based on things like users, folders, channels and dates, legal teams are able to filter through files much faster and keep only what they need. The more data an organization has, the more expensive it gets, so having a granular preservation plan is also extremely cost-effective. Additionally, keeping preserved data granular will aid in risk management, compliance and overall data hygiene.

4. Security

Employing strict security measures in your preservation plan is an absolute must. Doing so will help protect against data privacy threats, external and internal access breaches and misuse or loss of data. When looking for a trusted preservation solution, it’s important to dig into its storage structure. Do their servers operate on a private network? Do they use OAuth 2.0 protocol? Do they encrypt their data? The answer to all of these questions should be a strong “yes.” You should also look out for the proper security certifications such as the EU-US privacy shield, ISO 27001 and Soc 2 Type II, just to name a few. This is another instance where we urge legal teams to connect with their IT teams so they’re asking the right questions and getting the most secure solution possible.

5. Automatic Sync

The last thing you want to worry about is not knowing the last time your data was synced. If the time ever comes for litigation or compliance, you want to feel confident that all of your information, through its many forms and modifications, is there waiting for you. For this reason, we recommend going with a preservation solution that has an auto-sync feature. Having a solution that updates and preserves files in real time is a surefire way of having the information you need in a moment’s notice. After all, compliance is not a one-time event, and treating it as such can cost your organization significant time, money and resources. An automatic sync feature will allow your team to mitigate risk and comply with regulations at a much lower long-term cost.

As cloud collaboration apps continue to dominate the workplace, legal and IT teams dive deeper into a cloud-based world. It’s important to consider these five factors when forming a preservation plan that is compliance-friendly. By doing so, you’ll set your organization up for success for both today and tomorrow.


Tags: Cloud Compliance
Previous Post

GDPR Compliance and First Year Takeaways

Next Post

Navigating New Paid Leave Laws

Ismael Alaoui

Ismael Alaoui

Ismael (Ish) Alaoui has been leading the technical team at Onna as Director of Engineering since its inception in 2015. Ismael has a bachelor’s degree in Computer Science and a master’s degree in Information Technology from Virginia Tech, where he also built an extensive security engineering background. Specifically, he specialized in smart-card-based development and cryptography. Ismael is extremely passionate about Onna’s vision and is excited about building a team at the forefront of industry-leading innovations.

Related Posts

data spillage

Instead of Crying Over Spilled Data, Shore up Your Governance Practices

by Rich Hale
October 12, 2022

The reputational damage and compliance failures that result from a data spillage incident are well-known, and as the volume of...

amazon web services

Dark Clouds: Capital One Proves Financial Institutions Can’t Rely on Providers for Security

by Michael Volkov
September 7, 2022

Going by the online handle “erratic,” a former Amazon software engineer conducted an extensive hacking scheme that gave her access...

cloud with ladder to it and caution sign symbol

LogicGate Introduces Risk Cloud Quantify to Put Assessments in Terms of Real Dollars

by Corporate Compliance Insights
September 28, 2021

Illinois-Based Startup Launches New Function in No-Code GRC Platform After Raising $113M in Latest Funding Round Risk software startup LogicGate...

illustration of man on ladder with binoculars, 2021 outlook concept

Financial Services Compliance in 2021

by Erkin Adylov
January 25, 2021

Behavox CEO Erkin Adylov unpacks compliance trends that financial firms would be wise to focus on amidst the ongoing challenge...

Next Post
pregnant business woman at desk writing in planner

Navigating New Paid Leave Laws

Compliance Job Interview Q&A

Jump to a Topic

AML Anti-Bribery Anti-Corruption Artificial Intelligence (AI) Automation Banking Board of Directors Board Risk Oversight Business Continuity Planning California Consumer Privacy Act (CCPA) Code of Conduct Communications Management Corporate Culture COVID-19 Cryptocurrency Culture of Ethics Cybercrime Cyber Risk Data Analytics Data Breach Data Governance DOJ Download Due Diligence Enterprise Risk Management (ERM) ESG FCPA Enforcement Actions Financial Crime Financial Crimes Enforcement Network (FinCEN) GDPR HIPAA Know Your Customer (KYC) Machine Learning Monitoring RegTech Reputation Risk Risk Assessment SEC Social Media Risk Supply Chain Technology Third Party Risk Management Tone at the Top Training Whistleblowing
No Result
View All Result

Privacy Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2022 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe

© 2022 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT