Myspace recently made the headlines after losing 12 years’ worth of user uploads following a server migration. Where at first the company claimed they would recover the files, they’re now publicly admitting that no such recovery is happening.
Due to this total data loss, some songs, videos and photos are lost forever. There are some questions as to whether this data loss was deliberate. (The allegation is that the company simply didn’t want to pay to migrate and store the 50 million songs it lost.)
Whether an innocent incident or not, this argument has sparked further debate into how long providers are obliged to host and store your data. They can’t do so for eternity, so when is it acceptable to delete it?
The Myspace migration mishap might seem largely insignificant to the business world. After all, even if millions of MP3s and photos have been lost, the world keeps spinning without them.
But what if it had been your business data that had been lost? Your customer data? Your files, insights and records? If that were the case, the Myspace incident wouldn’t be a blunder, it would be a complete catastrophe.
Indeed, the Myspace debacle highlights a key consideration that businesses cannot afford to ignore. In short, when buying software, it pays to pay attention to the vendor’s ‘dull’ data storage policies.
It might be ‘dull’. However, the importance of querying data storage policies and processes is paramount. It needs to happen, and it needs to happen before you hand over your precious data to the guardianship of a third-party software vendor.
Ultimately, you are responsible for your data. Even when using third-party vendors. So, don’t skip the data storage details. You need to query the policies and processes that are going to keep your data safe. A good place to start is with these three overarching considerations:
1.Where is your data stored?
2.How long is your data stored for?
3.What is their migration process?
It’s not enough, though, to ask these questions. You need to delve into them. And you need to know the type of answers that make for a good data storage policy.
So, the first of the three considerations is where you want your data to be stored. This, for the most part, boils down to the cloud vs on-prem debate. The right choice here is dependent on the type of data you process and the type of access you need to it. It’s also affected by the type and size of your business. So, it’s important to consider which option provides a better infrastructure for you.
For example, you might be better off with on-premise hosting if you’re a highly regulated company in need of more control. Meanwhile, using a secure third-party data centre can be quicker and more convenient.
Whether you choose cloud, on-prem, or a mixture of both, you then need to ask how the vendor keeps your data secure. How do they protect it from threats, malfunction and damage? Take time to look at data retention policies, your compliance requirements, and the vendor’s recovery procedures. Remember, there’s no such thing as GDPR compliant software.
The next consideration is perfectly highlighted by Myspace’s data loss. How long is the vendor obligated to store your data for?
Most vendors will specify how long they hold on to your data — specifically, they outline how long they keep it if you leave their service. But if the vendor is storing data that’s integral to your business, you need to know how long they’ll store it for (including while you are a customer).
So, when you find this out, ask yourself, is it long enough? Can you extend the data storage time if you need to?
That also brings us to another protection and compliance issue. Make sure you’re clear on how the vendor deletes your data when they no longer need to store it.
Finally, you need to vet the vendor’s data migration process. Sometimes, migration is necessary — but it can run into hurdles that put the data at risk.
So, be sure to question how the vendor will ensure the safety of your data during migration. For example, do they back up your data? If Myspace’s data loss fiasco has told us anything, it’s that migration and data backups should go hand in hand.
This will relate back to your data retention policy. Is anything extra done to protect data when it’s being moved, extracted, and transformed?
In short, plan for the worst. If you’re prepared for a Myspace scale data loss, then you can mitigate the damages if anything does happen during data migration.
The headlines circling Myspace right now are more than just an anecdote or isolated story. The incident is one that brings with it a key lesson to business owners and consumers alike.
Paying attention to ‘dull’ data storage policies might not sound fun. But, for businesses and consumers alike, it’s an integral step. So, make sure you’re doing all you can to avoid losing the information, content and insight that keeps your world spinning.