By John Mancini
The sheer volume of data that is being created is a major asset for most organizations. But senior management must understand that without effective information governance policies in place, this data also carries enormous risks—both in terms of reputation and financial hits—should a security breach take place.
An information governance policy is pivotal to protecting an organization’s confidential data and its intellectual property, as well as the data of its customer base. It can also help to avoid negative publicity and a breakdown in customer confidence that may arise from a breach.
Organizations are busy discussing information governance, but, for many, that is about as far as it gets. Others are trying to implement a policy, but they aren’t doing it properly, leaving them wide open to data breaches.
According to a recent AIIM report, half of the organizations surveyed said they had data-related incidents in the past 12 months. In addition, 45 percent of business executives admitted that the lack of an information governance policy is leaving their organization wide open to litigation and data protection risks.
The biggest driver for information governance then comes as no surprise. According to AIIM’s survey respondents, 61 percent said compliance is the single largest motivator. This is followed closely by data losses at 51 percent and searchable knowledge at 48 percent, with reducing storage requirements via defensible deletion coming in at 35 percent.
Thinking Differently About Governance
Most organizations admit that their information governance policies are flawed, and they understand that automation is the future for effective information governance. However, many organizations seem incapable of making any changes to their policies to encompass the risks they know are there.
With the increase in severity and frequency of data incidents, information governance has now started to creep to the top of the business agenda. For 28 percent of the organizations surveyed, information governance is high on the senior management agenda, with more than 53 percent stating that they have recently launched new information governance initiatives.
Worryingly, though, 57 percent of respondents said senior management is only interested when things go wrong. But there’s little use in locking the house when the burglar has been there and gone!
Yet, senior management buy-in is absolutely critical if information governance is to be improved to such an extent that it can accurately govern today’s data.
Automation Is the Best Way Forward
There is also a consensus of opinion that automation is the way forward for information governance. A hefty 60 percent of respondents agreed that automation is the best way to keep up with volumes of electronic content, while 21 percent said they are already using automated declaration or classification of digital records. Unfortunately, a further 25 percent said they had no projects under way as yet.
Despite this recognition and actions taken by some organizations, the AIIM report found that there are still vast amounts of data that do not fall under any information governance, retention management or e-discovery initiative. These include emails, file-shares, cloud shares and even a high number of SharePoint and electronic content management systems.