Saturday 04 July 2026 09:04:24 GMT+02:00

Netcrook

HomeManifesto
News
Techcrook
Geocrook
WikicrookTeamAppContact
EnglishItalianoArabic

WIKICROOK

Retention period

The time data is kept before it is deleted or archived under a policy.

A retention period is the time an organization keeps data before deleting it or moving it to archive storage under a defined policy. It applies to email content, logs, backups, metadata, and audit records, and it should be chosen based on legal, business, and security needs.

In cyber security, retention matters because data kept longer is data that can be exposed, copied, subpoenaed, or abused. Long retention can turn ordinary logs or mailbox metadata into a detailed record of contacts, timing, and behavior. Defenders use short, purpose-limited retention to reduce that exposure, while preserving enough evidence for incident response and compliance. Attackers also benefit from excessive retention: old archives, stale logs, and forgotten mail stores often contain credentials, sensitive business context, or access trails that help with reconnaissance. Good retention policy balances availability and privacy, and should be paired with deletion controls, archive rules, and review of who can access stored data.

← WIKICROOK index