The inability to retrieve accurate information from your ECM system can result in challenges including stalled product development and unresolvable customer complaints that may cost your bottom line millions of dollars.

One of the most common threats to a company’s ECM system is partial information loss, which is caused by everyday occurrences such as programmatic and user errors, viruses, malfeasance, and corruption.

Partial information loss incidents, which affect one, several, or thousands of documents, account for 80 percent of all information loss incidents, according to AIIM International and Strategic Research Inc. This chronic, inevitable form of data loss has cost numerous companies millions of dollars in lost productivity and potential revenue, hefty fines associated with the inability to produce information in response to regulatory and legal demands, and in many cases, severe negative brand exposure.

Partial information loss is a concern because often, the incidents go unnoticed until the information is needed weeks or months later. Many incidents go unreported because the IT department can’t justify conducting a full system restore for a granular amount of information.

The Special Case of ECM
ECM backup and recovery requires more effort than many other enterprise-class applications. If just one critical document or file is lost or corrupted, recovery entails an entire system shutdown or rollback. The shutdown negatively impacts productivity and causes the loss of all additions and changes made to the ECM system since the last backup. If the integrity and authenticity of the information is compromised, its usability is marginalized.

Clearly, ensuring the integrity and recoverability of ECM information at both a full system and granular level is critical to any enterprise. You must be confident that both metadata and content can be easily retrieved and authenticated in response to disasters, and to partial information loss incidents. After implementing security and recovery solutions, additional steps are required to ensure your ECM information is adequately protected.

Think Granular
The complex, business-critical information within your ECM system calls for a specialized form of protection. To effectively protect against the effects of ECM partial information loss incidents, solutions enabling granular recovery of ECM content must be executed at the user, administrative, and system levels.

Although partial information loss does not affect the entire repository like a system failure or natural disaster, the consequences are often equally damaging. An incident will frequently cause the loss or corruption of workflows, audit trails, and other metadata which is often more valuable than the content with which it’s associated.

Granular recoverability is critical in any ECM implementation. Disaster recovery procedures can be dangerous for retrieving one, several, or hundreds of lost documents. Bringing the entire repository offline and rolling it back to an earlier version exposes the entire repository to additional information loss. Supplement your disaster recover plan with the ability to backup and restore at a granular level.

However, in the case of partial information loss incidents where you need to recover granular information, you’re not going to want to take the entire system offline. The only way to recover from these incidents and maintain information integrity is to enhance your existing repertoire of backup and recovery solutions with an ECM-specific information protection tool. The tool should capture and recover granular information while your ECM system stays online, and should validate the integrity of information during the backup process. Corrupt information should be rejected and flagged for an administrator so that corrective action may be taken. This ensures that only clean information is captured during the backup process and that all recovery requests will be successful.

To avoid these consequences, it is important to fully understand regulatory requirements. Look to see what other companies are doing to address data retention and other compliance mandates.

Therefore, if an ECM system routes documents through an approval process, and if one of those documents is accidentally lost—it cannot be restored back to the state it was at before the loss occurred. The only option is to route it back through the approval process until it reaches the stage it was at prior to the deletion and suffer the permanent loss of annotations and other properties' metadata that can't be recreated. This opens the door for compliance risk since the approval process, which specifies who approved what when, is not the original, but a recreation.

A granular, application-aware backup and recovery solution offers the ability to quickly restore only the affected information back to its original state, with the original metadata intact, avoiding disruptions to critical operations and facilitating compliance.

Ensure Continuous Application Availability
While talking about applications, one of the biggest challenges is maintaining application availability. While ECM system availability isn’t always held to the same standards as other applications, quality of service and uptime are still important metrics for measuring IT and line-of-business performance, particularly in today’s global environment where maintaining constant availability is increasingly critical.

When evaluating ECM backup and recovery policies or plans, consider how much ECM downtime and data loss is tolerable. While traditional backup and recovery solutions are ideal for recovering from disasters, if a partial information loss incident occurs and an ECM-aware recovery solution isn’t in place, the ECM repository will most likely be taken offline to restore the lost data and incur additional information loss. Keep in mind that when it comes to e-discovery and compliance requirements, the timeliness of producing information is critical.

Perform Proactive Integrity Checks
Because complex relationships between documents, sub-documents, workflows, and metadata surround ECM information, it is especially vulnerable to data corruption. Worse, it is often difficult to detect partial information loss. Data corruption often goes undetected until someone unsuccessfully tries to access the data for a business need. It also appears during repository migrations and upgrades, where it can halt migration scripts.

It’s one thing to identify the problem, and another thing entirely to be able to fix it. Correcting corruptions requires extensive knowledge of ECM platforms and its underlying metadata schemas. In many cases, an ECM-specific granular recovery solution helps correct corrupted metadata by recovering it back to its original, uncorrupted state. However, it is also critical to conduct an in-depth analysis of information integrity on a regular basis, and develop a plan with ECM system experts to rectify integrity issues that aren’t easily corrected.

The captures should be incremental, meaning that they capture only the additions or changes that are made to ECM information, which minimizes any impact on system performance.

Minimize The Data Loss Window
Capturing ECM data every 15 minutes will almost automatically reduce your data loss window by a significant margin. The more frequent you can be in your backup while the system is online, the smaller your window, and the better you are able to meet ever-increasing recovery point and recovery time objectives.

There are ways to recover information from ECM systems that don’t result in system downtime, additional data loss, data synchronicity issues, and compliance risk. There are solutions that provide cost-effective ways to reduce unplanned downtime, recover quickly from partial information loss, facilitate compliance, and decrease the frequency with which the ECM system needs to be taken down for backup and recovery. These solutions supplement traditional enterprise backup and recovery solutions and can be easily integrated into existing enterprise continuous data protection schemes.

Implement Records Management
Organizations should implement and enforce stringent records management and retention policies to mitigate civil and financial risks from regulatory non-compliance. Regulatory non-compliance can result from inconsistent records management, accidental deletions, data corruption, and essentially any other event not in accordance with business practices and regulatory guidelines. If these policies already exist in your organization, it is important to review them regularly to make sure they comply with new and changing regulations.

ECM backup and recovery solutions should be sensitive to retention policies, consistently capturing, recovering, and disposing of information based on retention policies specified in your ECM system. The solution should ensure that records are recoverable during the specified retention period, and that they are permanently expunged once the retention period has expired.

By maintaining corporate best practices and adhering closely to retention policies, ECM administrators can be more confident that information is continuously managed throughout its lifecycle, regardless of where it resides.

Minimize the Number of Chefs in the Kitchen.
To ensure rapid recovery from partial information loss incidents while minimizing required recovery resources, the process should be manageable by a single administrator. There is no need to convene a data recovery committee meeting to identify the least impactful means of retrieving one, several, or even thousands of lost or corrupt documents.

Due to the complex nature of ECM systems and the critical information contained within them, it is of utmost importance to look at your current ECM backup and recovery strategy and take into consideration the best practices discussed above. Partial information loss, although not as well-recognized as other forms of loss, can have a greater negative impact on your company’s bottom line over time, and should be an integral part of your overall ECM backup and recovery strategy.