Thursday, February 25, 2021
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
    • Compliance & Risk
    • Information Security
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
    • Compliance & Risk
    • Information Security
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Compliance

Compliance in the Cloud: What You Want Out Of Your Preservation Plan

5 Factors to Consider for a Compliance-Friendly Plan

by Ismael Alaoui
August 30, 2019
in Compliance, Featured
cloud shapes by keyboard in black and white

Establishing a sustainable preservation plan is key for compliance and risk management. Onna’s Ish Alaoui outlines five key factors to weigh when looking to preserve data from cloud-based applications.

The number of cloud-based applications and productivity tools used in the workplace is growing by the day. From Slack and GSuite to Dropbox and Office 365, today’s top workplace applications allow organizations to work at an accelerated pace. Although our productivity is skyrocketing, so is our production of data, leaving in-house legal teams scrambling for a scalable preservation plan. Between ever-changing compliance requirements, taking a proactive approach toward risk management is important now more than ever. Here are some key factors to consider when trying to establish a sustainable preservation plan in the cloud.

1. Defensibility

On cloud-based apps, data is extremely ephemeral and easy to modify. Although this may be a convenient aspect in day-to-day operations, it poses a risk when it comes to long-term defensibility. Responsible legal teams know that it’s critical to keep an original, defensible copy of everything in their organization. If ever the day comes for litigation, having access to an original copy might be key for providing evidence – not to mention, knowing when and how certain information was modified is just as important for internal knowledge as it is for external legal compliance. For these reasons, it’s a good idea to look for a solution that offers file versioning or audit logs. This way, your team can maintain a comprehensive trail of all user activities and ensure the utmost defensibility.

2. Scalability

Let’s face it, it’s difficult to predict just how much data storage your organization needs. In our cloud-based world, the proliferation of data can feel so out of control that it’s hard to put your finger on an exact capacity. For these reasons, scalability is your best friend. When shopping around for a preservation plan with multiple vendors, you might ask yourself, “do we really need that much storage?” or “how do we even budget for this?” The answers to those questions, unfortunately, aren’t black and white. For this reason, we can’t stress enough how important it is for legal teams to collaborate with their IT teams to get a baseline for their storage needs. Even then, it’s good to have some flexibility in your plan for the future. Keep an eye out for preservation plans that offer “pay as you go” pricing. This will ensure that you won’t get cut off from storage you didn’t know you needed. Having enough storage is critical to having information readily available for compliance — it’s better to be safe than sorry!

3. Granularity

A defensible and scalable preservation plan is only as good as it is useful — that’s where granularity comes in. Granularity gives legal teams the power to break through data clutter and find exactly what they need. For example, when data is organized based on things like users, folders, channels and dates, legal teams are able to filter through files much faster and keep only what they need. The more data an organization has, the more expensive it gets, so having a granular preservation plan is also extremely cost-effective. Additionally, keeping preserved data granular will aid in risk management, compliance and overall data hygiene.

4. Security

Employing strict security measures in your preservation plan is an absolute must. Doing so will help protect against data privacy threats, external and internal access breaches and misuse or loss of data. When looking for a trusted preservation solution, it’s important to dig into its storage structure. Do their servers operate on a private network? Do they use OAuth 2.0 protocol? Do they encrypt their data? The answer to all of these questions should be a strong “yes.” You should also look out for the proper security certifications such as the EU-US privacy shield, ISO 27001 and Soc 2 Type II, just to name a few. This is another instance where we urge legal teams to connect with their IT teams so they’re asking the right questions and getting the most secure solution possible.

5. Automatic Sync

The last thing you want to worry about is not knowing the last time your data was synced. If the time ever comes for litigation or compliance, you want to feel confident that all of your information, through its many forms and modifications, is there waiting for you. For this reason, we recommend going with a preservation solution that has an auto-sync feature. Having a solution that updates and preserves files in real time is a surefire way of having the information you need in a moment’s notice. After all, compliance is not a one-time event, and treating it as such can cost your organization significant time, money and resources. An automatic sync feature will allow your team to mitigate risk and comply with regulations at a much lower long-term cost.

As cloud collaboration apps continue to dominate the workplace, legal and IT teams dive deeper into a cloud-based world. It’s important to consider these five factors when forming a preservation plan that is compliance-friendly. By doing so, you’ll set your organization up for success for both today and tomorrow.


Tags: Cloud Compliance
Previous Post

GDPR Compliance and First Year Takeaways

Next Post

Navigating New Paid Leave Laws

Ismael Alaoui

Ismael (Ish) Alaoui has been leading the technical team at Onna as Director of Engineering since its inception in 2015. Ismael has a bachelor’s degree in Computer Science and a master’s degree in Information Technology from Virginia Tech, where he also built an extensive security engineering background. Specifically, he specialized in smart-card-based development and cryptography. Ismael is extremely passionate about Onna’s vision and is excited about building a team at the forefront of industry-leading innovations.

Related Posts

woman looking at horizon from mountain top

What’s on the Horizon for Anti-Corruption Enforcement?

February 25, 2021
cannabis leaf on $100 bill

The Intersection of EDD and Banking Cannabis

February 24, 2021
gold cup award on red background with stars

Ethisphere Announces the 2021 World’s Most Ethical Companies

February 23, 2021
illustration of hand holding flashlight illuminating hidden stairs

The Corporate Transparency Act: Pulling Back the Veil

February 23, 2021
Next Post
pregnant business woman at desk writing in planner

Navigating New Paid Leave Laws

Access realtime data
Addressing systemic racism in the workplace SAI Global
Dynamic Risk Assessments with Workiva
Top 10 Risk and Compliance Trends

Special Coverage

Special COVID page graphic

Jump to a Topic:

anti-corruption anti-money laundering/AML Artificial Intelligence/A.I. automation banks board of directors board risk oversight bribery CCPA/California Consumer Privacy Act Cloud Compliance communications management Coronavirus/COVID-19 corporate culture crisis management cyber crime cyber risk data analytics data breach data governance decision-making diversity DOJ due diligence fcpa enforcement actions financial crime GDPR GRC HIPAA information security KYC/know your customer machine learning monitoring ransomware regtech reputation risk risk assessment Sanctions SEC social media risk supply chain technology third party risk management tone at the top training whistleblowing
No Result
View All Result

Privacy Policy

Follow Us

  • Facebook
  • Twitter
  • LinkedIn
  • RSS Feed

Category

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Whitepapers

© 2019 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
  • Articles
  • Vendor News
  • Podcasts
  • Videos
  • Whitepapers
  • eBooks
  • Events
  • Jobs
  • Subscribe

© 2019 Corporate Compliance Insights