Mining huge amounts of data
The problem is further compounded . Do you know where all this data resides?
Even if you can identify what server the data is stored on, are you able to find an individual record, phone-call or credit card transaction easily, without having to dedicate many hours on the search?
Is it on your in-house servers? You may have decommissioned systems that are still required at some stage, or even data on USB sticks, CDs, floppy disks or tapes (we can be talking about information that is up to 25 years old).
A gold-mine of data held in redundant or unsupported technology or end-of-life software..
Imagine credit card-holder details that you kept after the transaction went through, which now are in breach of PCI and GDPR regulations. It could even be health disclosure information that you needed at the time but don’t need any more. Is there any data which should be redacted?
How about calls recorded 4 years ago that discussed delicate financial details…some of this data is very much usable for business purposes and parts must again be redacted