It used to be that “information” meant file boxes or filing cabinets containing paper-stuffed manila folders, stacks of slides or spools of microfiche. Today, however, information comes in all types, sizes and formats – everything from paper invoices to IM chat files to online videos and Tweets – some of which is created in a traditional manner (through enterprise applications) and some of which is user-generated both inside and outside the walls of the organization. This information moves in and out of the organization like the tides, surging across both public and private networks, created at both the core and the edge of the enterprise.
Many enterprises have embraced the rapid pace of technology, staying on the cutting edge. In adopting these hot new technologies from different vendors as they become available, they have benefited from process automation, workflow efficiencies and improved knowledge worker productivity. For many, however, information management has been an afterthought and addressed in an ad hoc manner. This results in increased data privacy risks, high costs of storing and managing information, and information liability due to poor compliance and discovery readiness.
Good information management combines technological innovation and intelligent processes around that information. This marriage of technology and processes delivers cost savings, compliance and data protection. Similar to Maslow’s famous hierarchy of needs, you start with basic needs – storage and protection – and progress to the stage where information becomes actionable and drives revenue growth. Following this methodical approach up to the pinnacle of information management nirvana calls for a step-by-step approach. And just as Maslow suggested in his hierarchy, organizations can meet higher-level needs only after they’ve satisfied the more foundational ones. Failure to follow these steps will result in, at best, only short-term gains and leave those larger goals unrealized.
The following is an overview of those needs – starting with the most basic (storage) and progressing to the aspirational (value) – to help organizations articulate their path to information management nirvana.
An enterprise should first focus on building a strong base of secure storage. Building a secure storage foundation with easy and reliable access to information when and where it is needed is a cornerstone of any successful information management strategy.
This foundation should be secure, scalable, available and provide distributed coverage for today’s global enterprises. The key capabilities that the foundation has to provide are: capture, transport, retention, access and disposition. Information security and privacy must be assured by this foundation. Not just the storage of data but also the movement of data has to be secure. Secure transport of data is essential for verifiable and reportable chain-of-custody for both physical and electronic information – key metrics for demonstrating compliance.
In building the foundation, one must also consider scale. The explosion of information means the need for storage will always be bigger than what an organization can dream of. So the challenge becomes how to build for scale without needing to make a large investment in capacity that will go unused in the immediate future. Cost-effective scalability can be achieved by leveraging storage services that scale as the business needs grow. In addition to being cost-effective and scalable, storage should also be protected to reduce the risk of loss. Information has to be available and recoverable in the midst of various human and system errors, failures and catastrophic situations.
Storage may be on-premise or off-premise (cloud storage or offsite record centers) depending on the needs, maturity and size of the organization, as well as the type of storage application and the nature of information being stored. It should also address the storage of information across different media and formats, including tape and paper.
Once enterprises have a solid foundation of storage, the focus can shift to how it can be managed by a more efficient, system-driven process. A process approach is essential for the repeatability and consistency needed to realize gains – lower costs, quicker access – over the long term. Processes should be system-driven to enable the automation that is necessary when dealing with large volumes of data, helping to reduce operational risks.
Information management in this step is “operationalized” to deliver on the business goals of improved efficiencies and reduced cost. The focus in this step is on processes that leverage both technology and the people.
Major efficiency improvements come once you understand what information you have, how it is utilized and how best to invest in the infrastructure to support it. When it comes to its value to the business, not all information is created equal; cost and risk play a central role in how information should be managed. Understanding the inherent types and categories of information will go a long way in reducing the cost of managing that information.
At this point, it becomes tempting to start focusing on the top line value of information. Without the appropriate controls, however, information can become a liability and not an asset. Leveraging the aforementioned secure foundation and cost efficiencies, an enterprise can now address the risks associated with their information. The risk of information is managed through the development of policies.
Policy control delivers information governance and helps organizations proactively manage information liability. When delivered at the global level, across the organization and the systems within, policy control can help pave the way toward realizing the value inherent in information while eliminating any risk factors.
All information in an organization should not be kept forever; doing so can put the business at risk. Proper classification of information – by format, by use, etc. – enables the development of granular policies for access, retention and destruction. Many organizations do not have defensible policies for unstructured information in place because of the complexity of classification and unrealistic policies that are impractical to enforce due to the sheer volume and speed of this information. Broader classification by application, department or user is easier to develop and automate than finer-grain classification that can be difficult to develop and implement. Relying on user-driven classification is unrealistic in most cases, given the large data volumes that users are dealing with. Developing policies prior to the introduction of a new class of information ensures that business risk can be proactively managed.
Some organizations launch into massive software integration projects to achieve policy integration, producing an unwieldy Frankenstein monster of integration. This leads to unrealized value and wasteful spending. What is critical at this step is holistic policy control across all information, applied consistently across information types, media and formats. This does not necessitate tight integration of systems but rather uniform policies across systems. A practical approach is to have integration as light as possible and as late as possible that still allows the enterprise to achieve policy goals. In other words, do not make policy control so cumbersome that organizations are tempted to skip to the realization of business value. A practical approach with prioritization to reduce risk is far more likely to succeed.
It’s important in this stage to involve multiple stakeholders in the organization to help drive needs. In addition to the IT staff, the key stakeholders are legal departments and record managers. In this stage, organizations also have the opportunity to implement best practices and technologies for discovery, compliance monitoring and supervision, archiving and records management.
Information technologies have long struggled to demonstrate how they increase revenue. Automating the information workflow and enabling efficient information access can help make business processes more efficient. Improving business processes, whether customer facing or internal, can result in top-line value and competitive advantage for the business.
The ultimate goal of managing information is to gain business insight and make information actionable. As an organization’s ability to analyze information grows, it gains deeper business insight. As this information analysis becomes more real time, the business has an opportunity to dynamically transform itself using that information. As a result, businesses learn how to create new revenue models and develop business agility.
While technologies for data warehousing and business intelligence have been around for a while, there is a fresh wave of interest in the industry for extracting value from data. What does an organization do with the large repository of data that they store? What about the data that organizations don’t bother to capture because they don’t know how to extract value from it? More and more, organizations are beginning to see that this vast amount of data should be used to unleash value for the business. Information management in the past helped IT reduce cost and mitigate risk; now it has a business purpose: to deliver top line value.
The innovation in collecting, processing, analyzing and realizing value from large amounts of datahas come not from the quantitative analysts on Wall Street, but from social media and search companies. They have shown that data is good – the more the better.
Every company can be a data-driven business. Companies can leverage their customer data, operational data and supplier data to move faster and make better decisions. Data will help improve customer-facing business processes, reduce time to market and make businesses agile.
In considering the hierarchy of needs for information management, an organization will never completely satisfy the lower-level needs of storage and efficiency. In fact, these needs will continue to evolve and grow with the evolution applications and infrastructure. However, an organization that goes about strategically addressing the lower-level needs will have the processes, culture and architecture in place to better adapt and evolve.
Register or login for access to this item and much more
All Information Management content is archived after seven days.
Community members receive:
- All recent and archived articles
- Conference offers and updates
- A full menu of enewsletter options
- Web seminars, white papers, ebooks
Already have an account? Log In
Don't have an account? Register for Free Unlimited Access