- July 16, 2020
- Bill Tolson|
- Information Security|
- Lawful Access to Encrypted Data Act
Companies continue to struggle with the ever-growing mountains of data flowing into and out of their systems. Gone are the days of manually filing a couple of hard-copy records per day. Now, information workers send and receive on the average 50 MB (or more) of data per day.
The sheer data volume of employees must deal with cause numerous issues, including what data to keep and delete, how to secure sensitive data, ensuring data privacy for customers and employees, and providing accurate and streamlined litigation response.
Many companies are finally understanding that relying on employees to classify, move, and manage their data based on complex corporate policies is an issue and in fact, have not worked at all for most companies. Problems include:
On the bright side, new information management and archiving cloud platforms offer new capabilities to help secure and simplify the information management and eDiscovery processes for employees.
One of the questions I still run across is the question of records management versus information governance. To state the obvious; records management does not equal information governance.
“Information governance, or IG, is the set of multi-disciplinary structures, policies, procedures, processes and controls implemented to manage information at an enterprise level, supporting an organization's immediate and future regulatory, legal, risk, environmental and operational requirements.” From Wikipedia
“Records management, or RM, is the supervision and administration of digital or paper records, regardless of format. In this context, a record is content that documents a business transaction or is required for regulatory compliance. Records management activities include the creation, receipt, maintenance, use and disposal of records. The goal of records management is to help an organization keep the necessary documentation accessible for both business operations and regulatory requirements.” Above definitions are from TechTarget’s SearchCompliance site.
I understand that many of you will not completely agree with the above definitions however, I think most will agree that records management is not the same as information governance, rather its a subset of IG. In the past, Records Managers were focused on those 5% of company data that was considered a record – ignoring the other 95% of unstructured corporate data. Because of that, companies have been willing to let non-records be “managed” by individual employees causing data to be spread across the enterprise (including individual employee computers.
The issue with this situation is two-fold:
The difficult question now is how can we ensure all data is captured, consolidated, and managed in a central repository to ease archiving, ensure compliance, and better protect sensitive information. In my consulting days, I ran across several companies that were trying to address this very question.
I once consulted for a multinational bank that removed all local computer storage capability and deactivated all USB ports on all employee computers - forcing all data to be saved into enterprise storage repositories for archiving and management.
Additionally, a privately held company I also consulted for setup a system to capture all employee data by forcing all files to be saved to the “My Documents” folder on their computer, which was periodically synced with central data management resources for content control, sharing, and retention/disposition.
As you can imagine, many/most employees were not wildly enthusiastic about these processes citing lack of control of “their” data. In fact, the biggest roadblock to data consolidation is the culture of many companies that employees “own” their data…
Digital transformation is pushing many CTO/CIOs to the cloud for cost savings but also for the next generation technology now available in the big cloud platforms such as Microsoft Azure. This digital transformation cloud strategy is highlighting the fact that a cloud repository can act as a great consolidated archive with unlimited storage, scalability, higher security, and new capabilities such as machine learning-based auto-categorization.
The next logical step is to move employee content to the cloud for lower cost, but more importantly, actual information governance for all data, not just records. By managing all unstructured data, you can ensure old data is eventually disposed of, responsive content easily searched for and put on litigation hold, and all data indexed and easily searchable.
Archive360 has the perfect data migration and Azure-based cloud solution for information governance challenges. Archive2Azure allows you to centralize and manage all unstructured data in your Azure subscription in its native format instead of expensive enterprise file shares and relying on employees to actually manage their data.
Archive2Azure also provides the capability to extend and manage file shares in Microsoft Azure, providing additional IG capability such as access control, retention disposition, search, encryption, and audit/reporting, all at a much lower cost per GB.
The webinar will focus on:
For more information on information related to this blog, check out the following blogs:
Your legal, compliance and security teams rely on having an immutable copy of all of your emails. Office 365 archiving does not support journaling. So what should we do?
This eBook provides actionable tips to empower IT to solve the problem.
Bill is the Vice President of Global Compliance for Archive360. Bill brings more than 29 years of experience with multinational corporations and technology start-ups, including 19-plus years in the archiving, information governance, and eDiscovery markets. Bill is a frequent speaker at legal and information governance industry events and has authored numerous eBooks, articles and blogs.