Whether we like it or not, we’re storing more and more content in the cloud, and that content needs to be governed. Here are some things that I think about and talk about with clients when they are getting started with Information Governance (reg req’d):
- To paraphrase Ann Cavoukian – You can outsource your data but you can’t outsource responsibility. All of the rules and regulations that applied to your content in your data center still apply. If something goes wrong you are still, ultimately, responsible. You may or may not have company in court or jail.
- Content in the cloud is likely more secure than content in your data center. Remember all those breaches that were so widely publicized? Well, most of them happened to corporate data centres. Companies whose business is storing other companies’ data haver better tools and resources to secure data than you do; it’s their job.
- To be effective, managing and governing content in the cloud needs a modern, simplified approach. Trying to manage content like it’s paper or stored in on-premises repositories just isn’t going to work. You chose cloud content management because it’s a better, modern experience for your users, governing your info can’t break that.
- FOCUS ON THE VALUE OF YOUR INFORMATION. IF YOUR ENTIRE APPROACH TO GOVERNING INFORMATION IS BASED ON MINIMIZING RISK (LITIGATION, LEAKS, ETC.), YOU ARE NEVER GOING TO BE ABLE TO FOCUS ON LEVERAGING THE VALUE OF YOUR INFORMATION ASSETS. IT’S THE VALUE THAT’S GOING TO ENABLE YOU TO INNOVATE AND TRANSFORM YOUR BUSINESS. (colour and bolding as requested by a loyal reader – thanks, Dan)
- Start Something. Anything. Sitting around navel gazing is going to result in you being crushed. Pick something small, easy, and safe, but with tangible benefits and get going. You don’t need to have everything planned and analyzed to get started; you just need to have enough thought out to allow you to get moving. Remember, some governance is better than no governance.
- BONUS THOUGHT – Your information governance doesn’t need to be perfect, it merely needs to be good enough to get the job done and to allow you to meet your obligations.
This Box whitepaper (reg req’d) provides some additional thoughts about Information Governance for cloud-stored content, as well as details about how Box is tackling some of the necessary functionality. We (Box and I) would love to chat with you about Cloud IG. And as always, I’d love your feedback about this post and the paper.
 Ann Cavoukian is the former Privacy Commissioner for Ontario (1997 – 2014) and is currently the Executive Director of the Privacy and Big Data Institute at Ryerson University.