Information Governance Must Change


Information governance (IG) is all the rules, regulations, legislation, standards, and policies with which organizations need to comply when they create, share, and use information. Governance is mandated internally and externally. (PHIGs IMC Inc – 2014)

IGI Facets of IG 2015

The above graphic, courtesy of the Information Governance Initiative, presents facets of Information Governance. I don’t agree that everything in the graphic belongs under IG, but it does illustrate how all encompassing and complicated IG is.

With cloud content management, collaboration, and storage offerings becoming more and more accepted, IG needs to adapt. No longer can organizations govern and manage information as if it’s paper or as if it’s stored in on-premises, silo’d repositories. Vendors and their clients have rethought how to work with information; users have come to expect great experiences when working with information in the course of their daily jobs; now we need to rethink how we govern and manage information.

We’re at a point where the whole IG profession must change. It’s not just about the people practising the profession adapting, it’s also about how we actually execute that needs to change. Coming out of a couple conferences a while back I put my thoughts down. Read them for a little more insight, if you wish. I’m convinced that we’re at a point where, together, we can make a huge impact on how IG gets done, and actually get adopted by information workers. At 10am PDT on June 29th Box’s Jessica Fain and I will be chatting about How to Succeed at Information Governance in the Cloud; join us and join in on the discussion – we’d love to get your thoughts.

Three’s Company


Threes CompanyWhat follows in this post is pure fantasy and speculation, directly out of my head. Or not.

Over the past few weeks I’ve been talking to vendors and some end user types about Information-Governance-as-a-Service (IGaaS). Forget for a moment that no one vendor does all aspects of IG, or that there’s not even a universally accepted definition of IG. Focus instead on the lighter touch that’s required today when so many enterprise tools are required to have a consumer experience about them. Also think about Content-as-a-Service (CaaS, defined here) and what that means for building the apps needed to work with, manage, and govern content.

To save time, let’s get the fawning out of the way:

  • Box – I am unashamedly and unabashedly a fan;
  • Egnyte – see Box. I’m not getting into what Egnyte announced in this blog as there are plenty of great summaries around the web, including Egnyte’s site;
  • GlassIG – more quietly, but see Egnyte.

Pay attention to all three of those companies if you are remotely interested in Information Governance and/or Management. There are other companies that I think are pretty damn good, but when it comes to managing and governing content in cloud or hybrid environments, these are my three. Oracle Web Center Content would be my go to for on-premises ECM (w/some nascent cloud capabilities like file syncing).

When I mentioned to someone at Egnyte a while back that if they added governance to what they already had they could absolutely kill things, I wasn’t thinking about what came out in Egnyte Protect, announced earlier yesterday (June 7,2016). I was thinking more about things that the AIIM and ARMA crowds, especially ARMA, would consider governance. You know, stuff like retention management, legal holds, classification … all that records management-y goodness.

So, even though I was a little, initially, underwhelmed with what Egnyte did release, I sat back and thought that it’s not necessarily a bad thing. What was released is good and what’s coming up is good. Without getting too deep into the weeds, let me paint a little picture for you …

Let’s pretend, for the sake of discussion, that my organization just went out and procured Box as a content management platform. Let’s also pretend that I’ve got stuff stored in SharePoint and network drives, and that in addition to the standard security stuff, I also have to deal with internal policies and external regulatory requirements, a lawsuit or two, some retention requirements, …, you know, a bunch of IG stuff. Let’s also pretend that I want to monitor who’s doing what with content to determine its effectiveness. In other words, let’s say I need to manage and govern content like it’s 1999, but my content isn’t all paper or in one convenient spot that’s on my infrastructure. My point is, the what of what we need to do hasn’t really changed all that much; why, and especially how, have. Ideally, I want to, as much as possible, centralize policies and controls. Enter my IG Mirepoix (yeah, I just made that up) …

In order to meet the requirements outlined above, one could go to each of the individual repositories and do what’s necessary, hoping that things stay in sync EgnyteBoxGlassIG Logoand no one ever forgets to do anything in any of the repositories. Even if all that happened, there’s still nothing in place to handle any of the records management, legal hold, and discovery functionality needed. Note to self – go buy more software that needs to be installed, configured, and maintained. Or …

Deploy Egnyte Protect to handle my security and analytics across all the in-scope repositories; deploy GlassIG to handle the records management and related functions. The fact that two tools are needed is not an issue as the tools will be used by different roles in the organization.

I know mega-suites were all the rage for a while, but look what happened. I like the approach outlined above because it’s a best of breed approach. Each tool gets used for the stuff it’s best at. There are areas of overlap between Egnyte Protect and Box, and between GlassIG and Egnyte Protect, but it’s using the three tools as complementary technologies that, I believe, provides the greatest overall value to organizations.

unFUDding Cloud Content Management


child-1099770_1280Yesterday (May 30, 2016) I read this article which contends that Box, Dropbox, and others are not content management platforms. I was considering not linking to the article and just putting up screen shots of the main points, but I decided on the link instead. The article is nothing but FUD (Fear, Uncertainty, Doubt) being spread by an on-premises content management provider (props for dropping Gartner, Forrester, and AIIM names though). As a bit of a refresher on where I stand, you might want to read this whitepaper I wrote last year (sponsored by Box, 12 pages long). By the way, I tried to post a comment to the article, but it seems the site’s not taking comments (mine had a couple links).

Without further ado I’ll get into the counter arguments to the author’s “five reasons why cloud file sharing platforms can’t touch document management software platforms from an enterprise functionality standpoint” …

  1. Security at all costs – If the author had written something about data residency I would have bought it, probably. However, the author goes on about a bunch of FUD, and does nothing to dispel it. The author also illustrates her lack of knowledge, not only of security issues, but also of the capabilities of the cloud players. She implies that many think that on-premises security is better, which we know isn’t the case. Major hacks and leaks have come primarily from on-premises data centres.
  2. Document storage and beyond – uhm, just plain wrong. Sure, it may take a combination of tools to achieve the same level of functionality that one could achieve with a traditional, legacy suite such as OpenText, Filenet, or Documentum, but is that really a bad thing? Haven’t we already accepted that the whole ECM world is actually changing and the way forward is platforms, integrations, and API’s? I have. Has someone forgotten the abysmal success rate of traditional ECM deployments?
  3. Not yet ready for primetime – What? This is 2016, technology is changing and advancing more rapidly than ever. No one has a 10+ year window any more to demonstrate anything. Those traditional ECM players you mention are precisely the reason people and organizations are going to the cloud. Traditional ECM platforms are old and out of date. Yes, some are making changes, re-architecting, and adding CLOUD -FREAKIN’-CAPABILITIES-DAMMIT!!!
  4. Migration issues – Really? You really want to go there? How ‘bout migrating from OpenText to SharePoint? Or from Documentum to Filenet? Or from what you’re selling to anything else? Or from file shares to whatever the hell you want to name? Migration sucks. Always has sucked. Always will suck. Cloud or on-premises makes no friggin’ difference.
  5. Performance concerns – hahahahahahahahahahahahahahahahaha!!! Ha. That’s cute.
  6. It’s ON-PREMISES for ***** sake!

Now I’m just angry and irritated. I need a drink.

I’m not saying that everyone should move everything to the cloud, but at the very least think a bit and don’t buy into the nonsense spouted by some people who may have something to gain by spreading FUD. The fact is that managing content in the cloud, whether via cloud capabilities of legacy vendors or via the “new” vendors, is perfectly viable. The key is to know what your requirements are before choosing a technology.

For a different take on this, check out this excellent post by Paula Smith on Linkedin.

Two Continents, Two Information Governance Conferences, One Conclusion


IRMS2016 Innovation Keynote 08Over the last few weeks I attended the AIIM Conference (the theme was Digital Transformation in Action) in New Orleans, Louisiana, USA and the IRMS Conference (the theme was Information Superheroes) in Brighton, UK. It was my third time at AIIM, at which I did one of the roundtables, and it was my first time at IRMS, at which I did the opening keynote (a genuine honour to have been selected). Both the AIIM roundtable and the IRMS keynote (slides available here) were innovation themed. This post is not going to be so much a recap of the conferences as much as it will be my take on how innovation, disruption, and transformation fit into the whole Information Governance / Management (IG/M) space, and how AIIM and IRMS and their members (individuals, sponsors, vendors) may be affected.

Since my session at both conferences was about innovation, that’s the filter I am applying, with a twist. In his opening keynote at AIIM, John Mancini mentioned Slack as the type of vendor (new, innovative, disruptive) that’s become more important in our space, but was not present at, arguably, the most important conference in that space. Slack, which I use with some industry peers, is a marvelous tool for collaborating and sharing content. Via integrations with other tools it can be a part of an enterprise information / content management play. Other vendors that are critical players in the IG/M space include companies like Box, Dropbox, Splunk, Egnyte, Microsoft, Facebook (yes), …, the list is huge. The point is that there are hundreds of vendors out there that are producing platforms and apps that people use EVERY. SINGLE. DAY. to work with and analyze the information they need to do their jobs. I’m talking about the simplest stuff (creating a document or email) to the most complex data analytics. People are doing these things using everything from supercomputers to mobile phones; in dedicated buildings and on tops of mountains.

For fun, take a look at this page on Box’s site; each of these Box technology partners could and should make up part of an organization’s IG/M technology package. So why were most of them missing from AIIM and IRMS? By asking that question I do not mean to imply that vendors like IBM, HPE, Onbase, Laserfiche, OpenText, etc. don’t innovate. They do. They’re just not overly exciting anymore. They are the legacy, staid, established vendors. Sorry guys, but as good as you are you’re just not cool anymore. I got excited about the Documentum-LEAP thing, but that didn’t last more than 5 or 6 minutes.

Since I kind of do the industry analyst thing on occasion, I do know why some of the cool vendors don’t bother with AIIM, IRMS, and other similar conferences[1]; they don’t get the leads. However, I think they are missing a marvelous opportunity to educate and transform the market, including the associations themselves. I believe that these vendors need to look at two or three years of conference investment before they can reasonably expect to use the conferences as sales opportunities. That said, these vendors, individually, probably have little idea of what they’re really on to. And let’s face it, individually most of them aren’t significant in a IG/M or RIM (Records and Information Management) context. It’s as a whole solution built of the best bits for the job that they shine. And that is a beautiful thing.

I think the whole IG/M space, including the associations, is having a bit of a tough time with its own transformation. It’s not an analog to digital thing; it’s more of what should we be doing and to whom should we be doing it. Both conferences featured sessions about the evolution of the space and those who practice in it, but not enough, in my opinion. The transformation of the space was missing. I.e.: what is IG/M going to look like in the not too distant future? Like it or not, there are some key vendors out there that are going to have a massive influence on what our profession will look like, and they weren’t at either conference.

One of the things I’ve been seeing lately is this concept of “content as a service”. Essentially it’s having a managed repository serving as a platform on which to build actual business solutions. The back-end takes care of all the IG/M stuff like versions, policies, security, etc, while applications that solve actual business problems are built on top of the platform. Why am I mentioning this in this particular post. BECAUSE THAT’S EXACTLY WHAT THE WHOLE IG/M or RIM PROFESSION SHOULD BE DOING FOR THE ORGANIZATIONS THEY SUPPORT!!!

Very soon, if you’re only (don’t take this the wrong way) a records manager or archivist your career will be over. The titles may stay the same, but the skill sets and thought processes must evolve. All information, regardless of medium or storage location, must be in scope. I think that with the right mindset, training, and skills, today’s information professional can become tomorrow’s internal management consultant and strategic advisor. I’ve said more than once that information assets must be treated with the same gravity and urgency that financial assets are treated. There is, in my view, a small window of opportunity for those of us currently in the profession, in whatever role, to make that happen. You / we can specialize in certain disciplines that make up IG/M, but we’ve got to have an understanding of the whole.

Everything we information professionals do ought to be done in support of the core business of the organizations we work for. This does not mean we take a subservient approach to doing our jobs. Far from it. How many other professions are as well placed as we are to actually understand what’s happening? How many other professions have as holistic a view into an organization as we do? As professionals we need to look around our organizations and start to ask what problems or challenges we can help with. And it’s not just how to file something, how to prepare for litigation, how to defensibly delete something, or how to save money on storage. We need to be asking questions about how to grow the business, how to better compete, how to better serve citizens, i.e.: ask strategic, forward looking business questions.

We need to be pushing IRMS, AIIM, ARMA, and every other professional organization we belong to to ask those same questions of companies and of vendors. Associations need to be our voices, especially when it comes to defining what our profession will look like in the future. We need to step up and make sure our associations are positioned to attract the right vendors / sponsors, to answer the right questions for end-user organizations, and to provide the thought leadership that we as professionals need in order to learn and grow.

Miscellaneous Closing Thoughts

You’ll notice I’ve stayed away from using the term ECM; that’s because it doesn’t matter anymore, if it ever really did. What matters is solutions. ECM is just background stuff, which is exactly as it should be.

I’m scratching my head a bit over the IRMS offering the Foundation Certificate in Information Governance (FCIG); there seems to be quite a lot of overlap with AIIM’s Certified Information Professional (CIP) thing. Don’t get me wrong, the FCIG is a good thing that covers a little bit that the CIP doesn’t. Is it enough to warrant a separate certificate / certification? Is it a manifestation of the differences between the North American and UK markets? I dunno. I do, however, wish the IRMS and AIIM all the best with their programs.

This being my first IRMS conference, I didn’t know what to expect. What I encountered was a massive attack hug (thanks Emily), a wonderfully warm reception from the entire IRMS executive and the event organizers, and a fantastic experience in Brighton. This was definitely a records management focussed conference, with most (80%+?) participants being from one form of public sector or another. Now, many of you know what I think about pure records management and may assume that I started to itch and twitch, but I didn’t. I think there is an openness to a more holistic approach to managing information that doesn’t seem to be present at other records focussed events I’ve been to. There was also a much more palpable sense of community and intimacy than what I’ve previously experienced.

One Conclusion

That one conclusion I alluded to in the title …

This profession of ours is as much in a state of transition as the industries and professions we support. I don’t really know with any certainty what that’s going to look like in the next few years. However, I think those of us practising our profession had better embrace a little uncertainty, tempered with a lot of flexibility and creativity.

Information surpassed people as an organization’s most valuable resource a few years ago. There is no reason to believe that things will ever go back to the way they were. More than likely the value of information will continue to increase as its volume grows. Therefore, those of us who really know how to govern and manage it, how to leverage its value, and how to mitigate its risks … well, there’s no stopping us.

[1] If you added information governance / management related sessions to Boxworks, it could actually be a better info gov conference than AIIM, in terms of having relevant vendors show up.

5 Things – Innovation


duck-416972_1280This was taken from the next to last slide (full presentation available here) from my keynote session at the IRMS Conference in Brighton, UK from 15-17 May, 2016. These things were also included in the ebook Digital Transformation in Action by John Mancini, that was put out in advance of the AIIM Conference in April 2016.

These are five things, in my view, that you need to do if you want to foster innovation, transformation, and disruption (the good kind) in your organization.

  1. Focus on value, forget risk. – If your entire approach to managing information is based on minimizing risk (litigation, leaks, etc) you are never going to be able to focus on leveraging the VALUE of your information ASSETS. It’s the value that’s going to enable you to innovate and transform your business.
  2. Start Something. Anything. – Sitting around navel gazing is going to result in you being crushed. Pick something small, easy, and safe, but with tangible benefits and get going.
  3. Don’t try to change the world. – Closely related to “Start something.” Trying to change the entire organization is going to take time and resources, so don’t try to do it all at once. Start with something that you know isn’t working optimally and change that. Then move on to the next thing, and the next thing, and the next thing, ….
  4. Blow stuff up, make people cry. – Change, disruption, transformation, and innovation require that things get messy and people get upset. Don’t worry about it. Find the internal champions and sponsors that’ll have your back. Maintaining the status quo hasn’t worked up until now, what makes anyone think it’s a reasonable path forward?
  5. Get out of the way! – You want your people to innovate, transform, and disrupt, but you’re still relying on out-moded and out-dated managerial structures. Stop. Create an atmosphere that encourages people to go out on a limb and try something new. Give them the freedom to try, but define some reasonable boundaries for them.

The ducks may or may not have appeared in a previous “5 Thoughts / Things” post, but my 4yr old liked them so there they are.

%d bloggers like this: