Data Retention and Security

JD Edwards Data Security

Data Retention and Security

Holding on to too much data puts your organization at risk.

Defuse your data, de-risk your JD Edwards environment.

#defuseyourdata

Listen on demand - JD Edwards
Security & Data Retention Webinar

Download: Fundamentals of
Data Retention & Security document

Oracle content specialists

Are you holding on to a ticking time bomb?

For many years, the approach most companies have had is to keep as much data as you can - almost to hoard it.  It is seen as valuable and essential - only to be removed as a last resort.

However, if data is not useful to you operationally, or required to be held legally, then you should consider completely removing that data.

Reducing your company’s data footprint can lessen your exposure and minimize your risk.

Running a lean JD Edwards system helps your business be more agile.  A smaller enterprise database can be restored faster.

The cost of inaction

As the quantity of data in your ERP system grows, so too does the risk of data or security breaches.

Compensation claims and fines are affected by the amount of data, and the number of data items stolen.

Read more: Legal Compliance & Liability >
Developing a structured and thorough retention policy for your organization’s data will ensure that the records stored in your JD Edwards system are managed effectively.

The process of building the Data Retention Policy will lead you to examine differing industry and country specific legal retention periods.

A Data Retention Policy should address compliance with statutory obligations not only for the retention but also for the disposal of data.  Legal acts and in some cases supplier and or customer contracts determine how long data must be kept.

Retention of too much or too little data can result in serious implications for an organization.

Local and national governments (and other organizations) can have specific clauses in their contractual agreements, detailing what documents and data should be stored, and how long for.  This gives a clear instruction that if you are dealing with these organizations, a definite amount of data should be available, if requested.  That data does not have to be in a live environment, or even an on-line environment, but it should be reasonably accessible.

Read more: Data Retention Case Studies >

The first step was to determine a Data Retention Policy which would provide the guidelines for both Archiving and Purging of data.

J.F. Shea’s IT department sought guidance from the business on developing a company Data Retention Policy.  Further clarification was taken, by the business, from legal experts. 

Considering the guidance and the fact that new homes are commonly covered by a 10-year builders’ warranty, it was decided that the data would be kept for 14 years from the community close out date.  It was agreed upon that Communities closed over 5 years would be moved out of the production environment and into an Archive environment.


JD Edwards Performance Improvement

Working with each of the responsible Business Analysts and Business Unit Leaders Data Retention Policies were negotiated and agreed.

A crucial part of this process was to re-align the business customers with the purpose of the JD Edwards system.  This included discussing how much data was both relevant and essential to execute and support the business process within the transactional system, versus what needed to be used for reporting across various business intelligence systems.

Justin Ellis, IT Manager – Supply Chain at La-Z-Boy went through an internal sales process to overcome misconceptions and negative connotations around purging and archiving.

There was also a feeling by some users that they needed all the data in the production environment just in case it was required.

One year on, attitudes towards archiving and purging JD Edwards data have changed dramatically.  Justin is now proactively approached by users asking if they can purge and archive a certain JD Edwards module.

Read more: Industry articles on Security >

JD Edwards Data Retention Policy

As your company’s JD Edwards system continues to grow, there is usually a broad consensus internally that end of life data could and should be archived.  In many cases, companies look to their auditors or legal advisors to understand the official guidance around this.  However, by developing a Data Retention Policy upfront, you can have a far more comprehensive approach to Data Archiving.

Once each department agrees their data retention requirements, you have a policy that can be referred to and followed for Data Archiving and Purging activities.  This allows for much farther-reaching and consequently more effective Data Archiving activities.

Aggregate has put Data Retention Policies in place across many departments and continues to push forwards with this important work.  


JD Edwards Archiving as a Service

Atalian Global Services aligned the company’s Data Retention Policy with the U.S. requirement of keeping financial data for a total of seven years.

The most recent three years of Production data will be retained on the production database before being moved to the archive database for four years, meeting the U.S. requirement to retain data for seven years. Thereafter, archived data older than four years is purged from the archive database.


Access the Case Studies in full ⇒