Plutora Blog - IT Governance, Release Management, Software Development
What Is Data Lifecycle Management? Understanding the PhasesReading time 8 minutes
If you make the decisions about IT systems and procedures, you may have heard about data lifecycle management (DLM). As with many things in the IT world, data isn’t just created and shipped off to customers. There’s more to it than that. Data is something that affects every department, employee, executive, customer, and user. So if you’re the one making the decisions and you’re looking to find out more before diving in, you’re in the right place!
In this post, I’m going to explain what DLM is and why you should be implementing DLM practices. I’ll then go into the phases, including how Plutora’s analytics can help.
What Is Data Lifecycle Management?
Data lifecycle management describes a process used to control data in your organization. To properly understand DLM, it’s useful to think from the perspective of a single piece of data, a datum.
Adapt governance to meet engineering teams where they are for continuous compliance and automatic auditability.Learn More
Let’s imagine you have a sales process with a variable customer price. The price is set at the moment the item is sold. That price has relationships to other pieces of data, such as what was sold, who bought it, and when the sale was made. However, for the purpose of understanding DLM, forget about the relationships; the price is our datum.
What happens to that datum as you progress through time is the data lifecycle. The datum has been created by the action of the sale. At that point, it’s saved in a specific location in a database. It may then be accessed to be used in analysis or shared with a range of employees and systems. After a while, there will come a time that the price is no longer relevant. The policies you put in place to make this process logical and repeatable is DLM. Therefore, data lifecycle management can be simply defined as the policies and procedures used to control data throughout its life.
Why Should You Be Using Data Lifecycle Management?
In essence, DLM makes sure your organization’s data is accessible and in the right place at the right time. This has four key benefits for any business:
- Compliance. DLM ensures your company’s data practices are compliant with laws and regulations, both locally and internationally.
- Governance. By making a repeatable and understandable DLM process, you’re improving organizational governance and IT governance while also benefiting employees.
- Data loss prevention. Because DLM defines how data is processed, stored, and shared, it can establish practices that prevent loss, for example by guaranteeing local and off-site backup.
- Process improvement. With a good DLM strategy, data is easily accessible, clean, and usable. This means processes can be more efficient and more easily automated.
A good DLM strategy is required if you want to achieve these four benefits in your organization. One that’s repeatable, understandable, manageable, and largely automated. In the next section, I’ll discuss what this means by introducing the phases.
As you can see with the below headings, there are six phases: data creation, data storage, data use, data sharing, data archiving, and data destruction. Since it’s a lifecycle, the steps are usually presented in a cyclical fashion—data that is archived or destroyed creates new data about the event, which reenters the cycle. If you’re confused about the arrow from data destruction to data creation, it’s usually information about the destruction.
It’s worth noting that different people consider there to be a different number of phases (usually between four and seven). Generally, these all describe the same things but combine similar phases or when there are alternatives (e.g., destroy or archive). I prefer six steps because it feels the neatest and most intuitive.
1. Data Creation
All data is created somewhere. However, a large amount of created data is lost. Data may be created on personal drives, it may be written down but not saved, it may be encapsulated in odd and unusual data types, etc. Whatever the case may be, this data is important. Therefore, data creation exists in DLM to maximize correct data collection.
In more detail, data creation consists of data capture and acquisition. The DLM strategy defines the data types used across the business, as well as where they’re used, what they’re used for, and who can use them. Alongside specifying file types, it’s common to specify the sensitivity of the data. This is where governance begins to slot in as data may be private, sensitive, restricted, or public. This protects your organization’s intellectual property as well as your customer relationships.
2. Data Storage
Data storage in DLM refers to implementing data redundancy and security strategies, as well as storing data in such a way that it can’t be accidentally altered. This is something that I’m sure is familiar to most of you: data should be stored so that it has no single point of failure. Similarly, data storage must be compliant with contracts and local laws. That may mean only storing it on servers within your country or only storing backups on encrypted drives.
In addition, you’ll need to define various data recovery plans. That is, if a failure occurs, you should have a plan for continuing to access the data. That may be by using a temporary backup while you recover the drive or another strategy. This is where there’s a subtle difference between data storage and data archiving. Data storage refers to active data. Users and systems need to be able to access it quickly in their daily processes. It should be in the live databases as well as the backups. If one of these has a failure, your strategies should minimize downtime. Meanwhile archived data isn’t active. It’s OK to have a delay, so you can store it on drives that aren’t on the network.
3. Data Use
When it comes to data use, DLM defines who and what can use the data. If you’ve set up phases one and two correctly, this phase is relatively straightforward. Users and employee roles map to data sensitivity rules in DLM.
The only caveat I want to make to the above is that with automated analysis, reporting, and visualization, you may be able to make more data available to users than initially thought. If some of you are asking why you would do this, think about the value of data, which is often underestimated. Processed, second-order data may not reveal confidential or sensitive information and may improve outcomes and increase user efficiency.
4. Data Sharing
Data is constantly being shared. That’s a fact. And it’s something that no amount of restrictions will be able to stop. Employees, users, customers, friends, executives, and board members will either share data in the platforms they’re provided or do so by other methods. Therefore, data sharing is, in my opinion, the most vulnerable point in an unmanaged or poorly managed data lifecycle. The more people who share data via unofficial methods, the higher the risk that it’s not compliant with governance and legal or policy regulations.
It’s important to think of all the stakeholders as people. The harder you make it, the more likely they are to use their own methods. A good platform for your data, such as Plutora’s, can help as it allows users to easily view and share data. In addition, education and notification procedures should be implemented. These should respect users and communicate the sensitivity of the data.
5. Data Archiving
I’ve already semi-introduced data archiving in the data storage phase. I made the point of difference, stating that data archiving is all about storing data after its active life. That is, users and systems won’t need it day to day. While you may want to access it ad hoc for reporting and analytics, it’s OK if it takes a while to get the data.
Data should always be archived before it’s destroyed. DLM strategies define when, where, and for how long you need to archive data. This will vary depending on what the data is. It may be something that has legal regulations, such as personal, research, or medical data. Or it may simply be internal company documents. Your strategy needs to define how you deal with all types of data defined in phase one. In addition, data archiving defines the security of the archive and how to access it.
6. Data Destruction
The final stage of DLM is data destruction. This phase has two sides to the coin. There needs to be a strategy for destroying active data from phase two, as well as archived data from phase five. Again, this needs to comply with internal governance policies and local or international laws. What that means will depend on the specific type and sensitivity of the data.
If you want to learn more about DLM, Plutora has developed a white paper that explores it in detail. Click here to check it out!