Category Archives: Collaboration
451 Group Says to Automate Information Governance
In a 451 Group report Defining and driving ‘information governance’ in the era of the cloud and ‘big data’, analysts David Horrigan, Carl Lehmann and Alan Pelz-Sharpe position the importance of information governance. The introduction is particularly interesting:
“Information governance means different things to different actors in the enterprise; hence, defining and implementing information governance is much easier said than done. Nevertheless, now is the time to do so because it has become possible to automate much of the process, and the potential benefits of doing so now far outweigh the cost and effort.”
We define information governance as the need to control the content within your organization. It includes the policies created to comply with regulations for privacy and accessibility, and internal policies for confidential company information and intellectual property. It even extends to include website quality and brand integrity. More importantly, it should encompass how these policies are enforced and updated to fit how an individual organization is actually using the information. As highlighted in the 451 Group quote above, automating this process offers significant benefits despite the costs.
Top Security Challenges with SharePoint Collaboration
In today’s business environment successful companies rely upon the rapid and efficient exchange of information. Collaboration between employees is a critical part of this equation and a key driver for increasing competitiveness and productivity. Effective collaboration requires timely access to information— both structured (databases) and unstructured (file systems, online content and communications).
Many companies have invested in SharePoint for managing their unstructured information. However, few have realized the potential efficiencies and productivities that SharePoint offers because of concerns about the security of the information stored in it. Worse still, many continue to maintain legacy document management systems to store sensitive information and continue to incur the associated software maintenance, labor and hardware costs. This drastically reduces the ROI on their SharePoint investment.
LV= Improves Site Quality, Brand Integrity and Accessibility
LV= employs over 5,500 people and serves around five million customers with a range of financial products. As a trusted UK brand, the Web Content Team required a solution for scanning site quality, brand integrity and accessibility to extend LV=’s credibility to the Web.
The Challenge
The Web Content Team at LV= knew that for their website and a dozen subsidiary sites to be viewed as professional and usable, they should be both error-free and accessible. To achieve this level of professionalism, the team relied purely on daily manual reviews of key Web pages for spelling, broken links and accessibility.
The challenge was that deep into the sites, the team did not know if any broken links, typos or brand inconsistencies existed unless it was brought to their attention by a site user. This posed a significant problem when destination links (particularly external links) were broken.
To better serve its five million customers, LV= required a solution that could scan content regularly to provide a more efficient process for addressing site quality. Furthermore, LV= needed to ensure all its Web pages complied with the UK’s Equality Act 2010 and WCAG 2.0 AA accessibility standards as content was changed and updated.
SharePoint Security: Will using folders cause problems with document duplication?
Previously I’ve blogged about two folders vs. metadata SharePoint security topics. The first was on the best way to secure documents and the second on when will folder navigation breakdown. In my last post of the series I’ll look at whether or not using folders for controlling document permissions will cause problems with document duplication:
Problem
Folders hide content. If it takes a long time for a user to find an important document, he or she is more likely to make a local copy of that document. Alternatively, that user might also move it to a folder higher up the tree to avoid having to search for it again in the future.
BYOD and Enterprise Mobile Security
Bring your own device (BYOD) is one of the hottest trends in 2013. One of the major concerns is enterprise security on these devices. Here is a snapshot of some recent surveys on the topic:
- “… Only 9 percent of respondents [in a survey on SANS Mobility/BYOD – Security Survey] felt completely aware of all mobile devices accessing their enterprise infrastructure and applications. At the same time, nearly 40 % felt they were fully aware of their devices, while nearly half did not have the level of awareness that they should.”
- A Gartner survey “found that many enterprises are allowing personal mobile devices to connect to the enterprise network. BYOD demand was higher in the BRIC countries where more Generation Y (Gen Y) employees are working. With the proliferation of BYOD, there are many security issues for enterprises to consider before they invest in mobile computing. According to the survey, the top issues were “use of privately owned devices” and “deployment of new enterprise mobile platforms.””
- An eWeek article “BYOD, Virtualization Affect Enterprise Security: F5 Networks” reported survey results that showed, “While respondents acknowledged BYOD as critical to an organization’s ability to achieve the level of security it wants, one-third of respondents admitted they are not prepared to provide adequate security to protect against threats associated with BYOD. Despite this, two-thirds of respondents said BYOD was having a somewhat to extremely high impact on security.”
Do You Know Where Your Policies Are?
When an organization fails to manage policies, the organization quickly becomes something it never intended.
Policies define the organization’s governance culture and objectives. Without the guidance provided by well-written and effectively managed policies, corporate culture may morph and take the organization down unintended paths. Policies set the standard for acceptable and unacceptable conduct by defining boundaries for the behavior of individuals, the operation of business processes, and the establishment of relationships.
Let’s be clear. Policies in and of themselves do not ensure the right corporate culture. Merely creating thousands of policies is not the answer; in the case of policies often “less is more.” Even when well-written policies are issued, the game isn’t over. An organization can have a wide array of policies that “sit on the shelf” or are not adhered to resulting in the organization ending up in very hot water.
In my experience, policy management processes are in disarray introducing risk in today’s complex, dynamic, and distributed business environment. The typical organization lacks a structured means of policy management with an inconsistent maze of templates and processes with policy documents that are out of date (e.g., old versions), unauthorized, and scattered across file shares, SharePoint sites, and other content management systems. Inconsistency in policy management means processes, partners, employees, and systems behave like leaves blowing in the wind. Organizations struggle with policies that are out-of-date, ineffective, and not aligned to business needs. Policy inconsistency opens the doors to liability, as an organization may be held accountable for policy that is not appropriate or complied with.
Benefits (and Risks) in Social Computing
As we get ready to head to Denver for the 2013 NewsGator Collective, I got to thinking about the benefits and risks of social computing. In 2010, Deloitte produced a presentation on The Value of Social Computing that included a Forrest quote, “Social computing is not a fad, it will impact on almost every role, at every kind of company.” Fast-forward three years and Forrester was right; enterprise social computing is an important strategic platform for increasing workforce collaboration and knowledge management.
The benefits of social computing are vast – improved productivity, streamlined communications, retention and engagement of employees, process innovation — and the list goes on. For those using Microsoft SharePoint, using a third-party solution, like NewsGator Social Sites, further enhance SharePoint’s native social capabilities to deliver additional value and benefits to users with the ability to create diverse communities, breakdown information silos and open up internal communications.
Six Content Compliance and Security Predictions for 2013
It’s t
hat time of year again when analysts, journalists and companies try to predict the year ahead. I’d like to throw my opinion into the ring to offer some practical predictions for 2013 in the content compliance and security space.
1. Risk Managers Will Do More with Less
Risk managers will continue to be asked every day to do more with less to meet changing and more stringent regulatory compliance requirements; despite decreasing resources, less funding and frozen or smaller headcounts. Organizations in 2013 will need to look to content compliance solutions to provide a constant, consistent and automated method of enforcing paper policies and organizational requirements governing PHI, PII and other sensitive information including research, financials, and HR and board documents. Automating compliance helps to protect the organization from violations caused by lack of policy knowledge, “whoops” moments, and in rare cases malicious intent.
Forrester Research Shows Most Data Breaches Come from Within
A Forrester survey of employees across North America and Europe found that the bring-your-own-device (BYOD) trend is fuelling mobile security concerns within enterprise.
Some key findings reported in The Information Daily Limited (formally eGov Monitor) include:
- 75% of data breach come from within a company
- Of these, 63% result from an employee losing or misplacing corporate assets;
- And 12% were breached with ill intent
- Physical theft of items like laptops and smartphones is part of the 63% as well, as is “inadvertent misuse” of company privileges and equipment
- Around 30% of respondents do not think there is enough separation between consumer and corporate data on mobile devices
Subscribe to our RSS Feed 
Follow Us on Twitter 
Find us on LinkedIn 