A data retention policy, or records retention policy, is an organization's established protocol for retaining information for operational or regulatory compliance needs.
When writing a data retention policy, you must determine how to: organize information so it can be searched and accessed later, and dispose of information that's no longer needed.
Some organizations find it helpful to use a data retention policy template that provides a framework to follow when crafting the policy.
A comprehensive data retention policy outlines the business reasons for retaining specific data and what to do with it when targeted for disposal.
A data retention policy is part of an organization's overall data management strategy. A policy is important because data can pile up dramatically, so it's crucial to define how long an organization must hold on to specific data.
An organization should only retain data for as long as it's needed, whether that's six months or six years. Retaining data longer than necessary takes up unnecessary storage space and costs more than needed.
Phishing attacks are the easiest way for cyber criminals to infiltrate business systems. Phishing attacks start with a deceptive email designed to impersonate a reputable vendor, a well-known institution, or even a trusted co-worker or manager.
The email invites you to click on a malicious link, sign in to a spoof website, or download a bad attachment. That’s all it takes to hand over the keys to your kingdom.