// THREAT DETECTION AND DATA PRIVACY TERM

Data Retention

Data retention refers to the policies and practices an organization establishes for storing information for a specified period, often mandated by legal or regulatory requirements, before it is securely deleted or destroyed.

Data Retention — illustration from Wikipedia
Image via Wikipedia

TECHNICAL DEFINITION

Data retention is a core component of data governance and information lifecycle management, outlining organizational policies and procedures for maintaining digital data storage for specific durations to meet regulatory compliance, legal discovery obligations, and operational requirements, typically culminating in secure data disposition.

BACKGROUND

Security information and event management (SIEM) is a field within computer security that combines security information management (SIM) and security event management (SEM) to enable real-time analysis of security alerts generated by applications and network hardware. SIEM systems are central to security operations centers (SOCs), where they are employed to detect, investigate, and respond to security incidents. SIEM technology collects and aggregates data from various systems, allowing organizations to meet compliance requirements while safeguarding against threats. NIST's definition for a SIEM tool is an application that provides the ability to gather security data from information system components and present that data as actionable information via a single interface.

READ MORE ON WIKIPEDIA

SYNONYMS & ALIASES

  • Data storage policy
  • Information retention
  • Record retention schedule
  • Data archiving policy
  • Data holding period

USAGE NOTE

Proper data retention policies are critical for mitigating legal risks, reducing storage costs, and ensuring compliance with industry-specific regulations like GDPR, HIPAA, or CCPA.

DEVELOPERS

Organizations developing technology related to Data Retention.

  • Veritas Technologies

    Develops enterprise data management and protection solutions, including backup, recovery, and information governance tools essential for managing data retention policies, e-discovery, and compliance in cybersecurity and defense.

  • Splunk

    Provides a platform for security information and event management (SIEM) that collects, indexes, and analyzes machine-generated data from various sources, requiring robust data retention capabilities for security forensics, compliance, and threat intelligence.

  • Varonis Systems

    Specializes in data security, governance, and compliance, offering platforms that help organizations monitor, protect, and manage sensitive data, including enforcing data retention policies to meet regulatory and security requirements.

  • Proofpoint

    Offers cloud-based security and compliance solutions for email, data, and social media, including advanced archiving and e-discovery tools critical for data retention to support legal, regulatory, and incident response needs in defense organizations.

  • OpenText (formerly Micro Focus ArcSight)

    Develops SIEM and log management solutions that enable organizations to collect, analyze, and retain vast quantities of security event data for extended periods, crucial for threat detection, incident response, and long-term compliance.

  • Rubrik

    Provides data security, backup, and recovery solutions that focus on data immutability and ransomware recovery, with integrated data retention policies to ensure data availability and compliance for critical defense infrastructures.

  • IBM Security

    Offers a comprehensive suite of cybersecurity products, including QRadar SIEM and data security solutions, which incorporate advanced data retention and governance capabilities to manage security logs and sensitive data for defense clients.

RELATED TERMS IN COMPLIANCE & PRIVACY