A while ago I was pointed to an article proclaiming that Information Governance is no longer necessary (ROFLMAO). I laughed because I think its grasp on reality is about as firm as that of whoever proclaimed that ECM is dead. However, once you get past the intermangling of “governance” and “management”, there are a couple threads that have validity.
Today’s technology and architecture are definitely built to encourage sharing and collaboration, and that is an awesome thing. As for a good digital workplace being a “bellwether of your company culture”, humph. “Digital workplace” is very tool and mechanics oriented, and has little to do with defining culture. A digital workplace (i.e.: tools) enables a culture that encourages trying stuff out, collaboration, openness, whatever. And the digital-ness of one’s workplace depends highly on what and where one’s workplace is. By the way, I am of the opinion that if paper can be eliminated from the workplace paper should be eliminated from the workplace (please insert caveats about having the right tech available and the required bandwidth). The more digital “aides” we have to help us do our core jobs and not have to worry about governance and management of information, the better.
(information) Governance is needed. Always has been, always will be. The level (think rigour) of governance required, and the manner in which governance is implemented vary depending on what information is in scope, what your regulatory obligations look like, what your internal policies are, and on and on and on.
The way work gets done and the tools used have changed to the point that governance has to change, rather than go away. The reality is that governance needs to be more stringent than ever before. Solution architectures today are designed to include multiple services, applications, data centres, and service providers. Regardless of how nimble and user-delighting the solution is, the governance requirements and challenges are exponentially tougher than when all you had was a single custom application that no one liked but it did the job.
We’re being handed ever more simple and elegant devices and apps with which to do our jobs. But, as everyone ought to know, the easier things look to the user, the tougher it was to build it and maintain it, and to impose an appropriate level of governance.
Fortunately, the tools we’re using to do information governance and management are changing as well. Egnyte, Dropbox, Box, Google, and a host of others are delivering applications and experiences that make many aspects information governance and management easier and more lightweight, and hidden from the everyday user. Even some of the legacy ECM vendors are getting in on the act.
Goodbye Governance? I don’t think so. What I find a bit amusing about the article is that it was written by someone who works in a space that, from a tool perspective, is littered with stories about failures that could have been prevented with … GOVERNANCE! Governance, you’ve come a long way, baby. (quote plagiarized from some 1970’s ad campaign for a product that’s no longer legal to advertise).
In this video, from Boxworks 2016, I express some of my thoughts about information governance, and how Box is approaching it. For those of you interested in ECM, cloud, and information governance, Boxworks 2017 is coming up in October. You should go. Maybe I’ll see you there.
If you love the video so much that you want your very own copy, you can download it right over here.
Whether we like it or not, we’re storing more and more content in the cloud, and that content needs to be governed. Here are some things that I think about and talk about with clients when they are getting started with Information Governance (reg req’d):
- To paraphrase Ann Cavoukian – You can outsource your data but you can’t outsource responsibility. All of the rules and regulations that applied to your content in your data center still apply. If something goes wrong you are still, ultimately, responsible. You may or may not have company in court or jail.
- Content in the cloud is likely more secure than content in your data center. Remember all those breaches that were so widely publicized? Well, most of them happened to corporate data centres. Companies whose business is storing other companies’ data haver better tools and resources to secure data than you do; it’s their job.
- To be effective, managing and governing content in the cloud needs a modern, simplified approach. Trying to manage content like it’s paper or stored in on-premises repositories just isn’t going to work. You chose cloud content management because it’s a better, modern experience for your users, governing your info can’t break that.
- FOCUS ON THE VALUE OF YOUR INFORMATION. IF YOUR ENTIRE APPROACH TO GOVERNING INFORMATION IS BASED ON MINIMIZING RISK (LITIGATION, LEAKS, ETC.), YOU ARE NEVER GOING TO BE ABLE TO FOCUS ON LEVERAGING THE VALUE OF YOUR INFORMATION ASSETS. IT’S THE VALUE THAT’S GOING TO ENABLE YOU TO INNOVATE AND TRANSFORM YOUR BUSINESS. (colour and bolding as requested by a loyal reader – thanks, Dan)
- Start Something. Anything. Sitting around navel gazing is going to result in you being crushed. Pick something small, easy, and safe, but with tangible benefits and get going. You don’t need to have everything planned and analyzed to get started; you just need to have enough thought out to allow you to get moving. Remember, some governance is better than no governance.
- BONUS THOUGHT – Your information governance doesn’t need to be perfect, it merely needs to be good enough to get the job done and to allow you to meet your obligations.
This Box whitepaper (reg req’d) provides some additional thoughts about Information Governance for cloud-stored content, as well as details about how Box is tackling some of the necessary functionality. We (Box and I) would love to chat with you about Cloud IG. And as always, I’d love your feedback about this post and the paper.
 Ann Cavoukian is the former Privacy Commissioner for Ontario (1997 – 2014) and is currently the Executive Director of the Privacy and Big Data Institute at Ryerson University.
Two key changes from last year really made me happy:
- Box’s enterprise customers (at least the ones on the panel during the analyst event) are calling Box content management (advanced content management, even);
- Box is unequivocally stating that Platform is the base upon which the Box application is built – they weren’t so clear about that last year.
On a personal level, the first of those makes me the happiest because, along with Cheryl McKinnon of Forrester (my reaction to Box’s inclusion in the Forrest Wave), I was the first analyst / person-who-should-know type that came out and unabashedly called Box an Enterprise Content Management vendor. Here’s my post from June 2015 when I first called Box ECM (you can also get to the whitepaper I wrote on the topic via that post). Whatever. I’m just happy and gratified that Box is finally being seen as what they are. I’m guessing they’re pretty pleased about it as well.
Remember in this post I included a footnote stating that BoxWorks could be a better Information Management / Governance conference than the AIIM conference (I didn’t even mention that records management conference or organization)? Yeah, nothing took place at BoxWorks that made me change my mind.
On to my thoughts about the conference happenings … I’m not going to recap all the announcements; they’re available on the Box site over here and elsewhere on the web and on Box’s site. There were a bunch of announcements about making Box more usable, intuitive, and user friendly, but they didn’t tell me that Box Capture for Android is coming. Box Desktop, Files, and Notes are much needed improvements that are coming, and will make for a much better user (yeah, I said “user”) experience.
If I’ve got this all right, Box Platform can serve up Relay (workflow) and Governance (governance), as well as versioning and all the other mundane content management stuff as a service. While that’s very cool and all, what I really find exciting is that there is a growing ecosystem of partners / developers that include companies like Cognizant, as well as in-house IT shops, ISV’s, and small niche / boutique app developers. The potential implications are pretty cool for all the stakeholders. For example – during his session at the analyst event, Jeetu Patel (heads up Platform and Strategy for Box and is a really nice guy) mentioned that: A – all companies are becoming digital companies (glad he gave up using all companies are becoming SW companies), and; 2 – there’s no templates for digital transformation (I am summarizing). So it seems that there is an opportunity for Box to do for digital transformation on an industry basis what SAP did for ERP on an industry basis. Between in-built capabilities and partnerships, Box has the beginnings of being able to build content-centric digital transformation on-ramps / roadmaps / whateveryouwanttocallthem. The Perkins+Will demo was really cool and a harbinger of what is possible.
What’s really cool and significant is that, if the implementation gets done properly, that whole thing about putting governance in the background and letting users just focus on their jobs will actually happen.
There’s also some other stuff happening with Platform and the application that, if done correctly, could make the whole auto-classification thing a reality. There are other ECM providers that have been working on it for years, to very little uptake. What’s happening, I believe, is that Box is trying to solve the same problems, but in a different way.
One of the product managers told me something to the effect that she was talking to her team and they were telling her they knew nothing about Information Management or Governance. She responded by telling them that they were actually delivering it. There’s a whole bunch more detail, but that’s actually a very cool story. It’s possible because Platform takes care of it in the back end.
Regardless of the size of a company, if they operate in a regulated industry they have to comply with the relevant regulations and legislation. At the same time, if you’re one of the smaller players you likely need to do more with less and can’t afford dedicated compliance solutions. Where Box fits is that they don’t know how to do it the legacy way, and this is a very good thing.
During the customer panel at the analyst session, one of the customers, in a highly regulated industry, was lamenting that they could not use Box for some of their controlled documents. The issue is that Box brings out new stuff too fast and the regulators and legislators simply cannot keep pace. That just sucks.
I asked Aaron Levie something along the lines of “do you think that current legislation and regulations hamper your ability to innovate?” I liked that he acknowledged that it’s the customers, not Box, that are actually being hampered. Box’s approach is to innovate to the spirit of the legislation or regulation, rather than to the letter. I.e.: they’ll satisfy the what, but the how may look a little different.
Odds ‘n’ Enns
- One of the most interesting, to me, integrations I saw at the conference had to do with SAP (apparently you don’t pronounce it “sap”). There’s this company based in Calgary, Alberta, Canada that effectively does for Box-SAP what OpenText Extended ECM does for OT-SAP. I don’t know a ton about it yet, but it is something I will be looking into and getting more familiar with. The fact that the folks at e-Wave Solutions have put effort into building a Box-SAP integration in addition to their Filenet-SAP integration (I think I have that right) is significant. They’re not just chucking up content that’s relevant to stuff happening in SAP. No, they’re doing it in an intelligent way that leverages / manages metadata and preserves the integrity of the “records”. That’s kinda cool. Like I said, I’ll be looking into this a bit more.
- One of the really good things about being an analyst at an event like BoxWorks is that you get one-on-one time with some key people at Box. The normal scenario is the analyst asks questions and the company person answers them. What I love about the people at Box is that we both get to ask questions and have an open, frank discussion.
- Thanks to the Box Governance Product Marketing people (thanks, Veena!!!) for inviting me to share some of my thoughts on Box Governance.
- Thanks to Aaron Levie for taking the time to come and chat with us analysts. I’m a bit of a sceptic at times, and I sometimes wonder if certain tech CEO’s are putting on a show for analysts, the press, prospects, etc. After sitting less than thirty feet from him and being able to look into his eyes, I’m pretty certain that Aaron Levie truly believes in what he and the rest of Box are doing.
- Lastly, a huge thank you to Joely, Signe, and Megan for making the analyst day and, especially, the analyst dinner truly excellent. The whole idea of going to a chef’s residence and having a home made meal in a more intimate setting … loved it.
- That pic is what greeted us as we walked into the chef’s home. There were leftovers.
The one thing that I didn’t hear anything about is a service organization that can make it (all this next generation ECMness) happen (Box Shuttle aside). I still believe that without the right services capabilities, things will not progress as smoothly as they could. Overall I’m pleased about Box’s progress over the last 12 months. You could even say I’m optimistic and excited for what they can achieve and change about ECM in the future. The recently announced OpenText acquisition of Dell EMC ECD (ya know, Documentum and LEAP) just made Box a more attractive option for ECM buyers. As one industry analyst type mentioned, it’s a changing of the guard in the ECM space. Among others, Box is leading the charge. Not to say I told ya so, but I told ya so.
Note: this post contains links to every craft brewery in British Columbia and Alberta that I could find. Sadly, I have yet to sample all of their wares.
Anyone who’s been paying attention lately, or who has met me in person, knows that I’m fairly passionate about Information Management and Craft Beer. Depending on the day, my passion for one is slightly higher than my passion for the other. What does one have to do with the other? I’m glad you asked. Please bear with me, this may take a while. Three things happened that resulted in a new vision for me:
- In late June at a networking event in Calgary I met Chris. Chris is one of the co-founders of Caravel Craft Brewery in Calgary. Over a couple pints of IPA from Last Best Brewing, Chris and I started chatting about beer. It turns out that we both love beer, though he knows a ton more about it than I do. My expertise is limited to knowing what I do and don’t like.
- A few weeks later, just prior to the Calgary Stampede, I saw a feature on CBC News about craft beer being shut out of official Stampede events because one of the Big Beer companies had the beer contract. One of the guys from Tool Shed Brewing was talking about how there is more than enough space and thirsty Stampeders for all to benefit. And, what better place and time to showcase all the wonderful Alberta craft beer producers.
- A snarky comment about whether a tour of Village Brewery could be used to make money led to a “why not” moment. I took the picture in this post during that tour, by the way. I also ate a cascade hop pellet – that was a mistake.
So far I’ve been able to find 156 craft brewers in British Columbia and Alberta. Starting with Alberta, I decided that I was going to reach out to all of them and pitch my services to them. I mean, they have a fair bit of paperwork to deal with, right? They produce alcoholic beverages which means much governmental regulation stuff to deal with. They use big shiny equipment which means maintenance and safety stuff. They do stuff which means various types of operating procedures. I’m betting that there is a lot of paper to deal with in a craft brewery and I want to help brewers get rid of it as much as possible. Basically, I want the brewers to be able to concentrate on brewing great craft beer, not pushing paper around.
So I wrote to all the breweries in Alberta telling them what I wanted to do and why. The first response I got was a phone call from the CEO of a brewery located in Calgary. The dude called within 15 minutes of my email and we chatted for about 20 minutes. However, he wanted to chat about craft brewery specific ERP (there is such a thing) rather than content management. So now I’ve got to go and reach out to a bunch of brewery management software vendors, mobile app developers, and consultants to see if we can collaborate (I think we can).
There is a market there, but information management / governance is not the springboard (something I’ve said for some time now, frankly). It’s going to rely on solving the immediate challenges the brewers have and moving on from there. I’m not saying IM and IG aren’t important, they’re just not the immediate need.
So what does the above have to do with the Cloud? Well, a lot, actually.
One of the really cool things I’ve noticed about the craft beer community is that it’s, well, a community as much as it is an industry, maybe more. Despite being competitors, craft brewers collaborate, a lot. Not only do they get together and jointly concoct sudsy, hoppy wonderbeers, they invite others to have guest taps and share brewing facilities to help each other out.
Now, if I look at many of the companies involved in cloud content related stuff, I notice the same thing. Perhaps not with the same level of artistry and fun, but it’s there. If you look at companies like Google, Dropbox, Egnyte, Microsoft, Box, Splunk, GlassIG, …. etc., you’ll notice the level of collaboration and cooperation that exists. In fact, it’s this very collaboration and cooperation that’s going to allow many of these companies to be the core set of cloud technologies that make up the next generation of Information Management and Governance solutions. Craft brewers being what they are, I suspect that cloud apps are going to be of far more interest to them than on-premises solutions.
In the same way that craft brewers experiment with techniques and ingredients, cloud vendors experiment with features, functions, methods, and requirements. Just as brewers have an openness about them, cloud vendors (the good ones) do as well. The end result in both cases is better end products for all. This Brews Brothers collaboration from Parallel 49 Brewing was pretty cool for beer fans; cloud vendors are seemingly announcing new collaborations every week that are pretty cool for those of us interested in managing and governing content.
156 BC and AB Craft Brewers
Information governance (IG) is all the rules, regulations, legislation, standards, and policies with which organizations need to comply when they create, share, and use information. Governance is mandated internally and externally. (PHIGs IMC Inc – 2014)
The above graphic, courtesy of the Information Governance Initiative, presents facets of Information Governance. I don’t agree that everything in the graphic belongs under IG, but it does illustrate how all encompassing and complicated IG is.
With cloud content management, collaboration, and storage offerings becoming more and more accepted, IG needs to adapt. No longer can organizations govern and manage information as if it’s paper or as if it’s stored in on-premises, silo’d repositories. Vendors and their clients have rethought how to work with information; users have come to expect great experiences when working with information in the course of their daily jobs; now we need to rethink how we govern and manage information.
We’re at a point where the whole IG profession must change. It’s not just about the people practising the profession adapting, it’s also about how we actually execute that needs to change. Coming out of a couple conferences a while back I put my thoughts down. Read them for a little more insight, if you wish. I’m convinced that we’re at a point where, together, we can make a huge impact on how IG gets done, and actually get adopted by information workers. At 10am PDT on June 29th Box’s Jessica Fain and I will be chatting about How to Succeed at Information Governance in the Cloud; join us and join in on the discussion – we’d love to get your thoughts.
What follows in this post is pure fantasy and speculation, directly out of my head. Or not.
Over the past few weeks I’ve been talking to vendors and some end user types about Information-Governance-as-a-Service (IGaaS). Forget for a moment that no one vendor does all aspects of IG, or that there’s not even a universally accepted definition of IG. Focus instead on the lighter touch that’s required today when so many enterprise tools are required to have a consumer experience about them. Also think about Content-as-a-Service (CaaS, defined here) and what that means for building the apps needed to work with, manage, and govern content.
To save time, let’s get the fawning out of the way:
- Box – I am unashamedly and unabashedly a fan;
- Egnyte – see Box. I’m not getting into what Egnyte announced in this blog as there are plenty of great summaries around the web, including Egnyte’s site;
- GlassIG – more quietly, but see Egnyte.
Pay attention to all three of those companies if you are remotely interested in Information Governance and/or Management. There are other companies that I think are pretty damn good, but when it comes to managing and governing content in cloud or hybrid environments, these are my three. Oracle Web Center Content would be my go to for on-premises ECM (w/some nascent cloud capabilities like file syncing).
When I mentioned to someone at Egnyte a while back that if they added governance to what they already had they could absolutely kill things, I wasn’t thinking about what came out in Egnyte Protect, announced earlier yesterday (June 7,2016). I was thinking more about things that the AIIM and ARMA crowds, especially ARMA, would consider governance. You know, stuff like retention management, legal holds, classification … all that records management-y goodness.
So, even though I was a little, initially, underwhelmed with what Egnyte did release, I sat back and thought that it’s not necessarily a bad thing. What was released is good and what’s coming up is good. Without getting too deep into the weeds, let me paint a little picture for you …
Let’s pretend, for the sake of discussion, that my organization just went out and procured Box as a content management platform. Let’s also pretend that I’ve got stuff stored in SharePoint and network drives, and that in addition to the standard security stuff, I also have to deal with internal policies and external regulatory requirements, a lawsuit or two, some retention requirements, …, you know, a bunch of IG stuff. Let’s also pretend that I want to monitor who’s doing what with content to determine its effectiveness. In other words, let’s say I need to manage and govern content like it’s 1999, but my content isn’t all paper or in one convenient spot that’s on my infrastructure. My point is, the what of what we need to do hasn’t really changed all that much; why, and especially how, have. Ideally, I want to, as much as possible, centralize policies and controls. Enter my IG Mirepoix (yeah, I just made that up) …
In order to meet the requirements outlined above, one could go to each of the individual repositories and do what’s necessary, hoping that things stay in sync and no one ever forgets to do anything in any of the repositories. Even if all that happened, there’s still nothing in place to handle any of the records management, legal hold, and discovery functionality needed. Note to self – go buy more software that needs to be installed, configured, and maintained. Or …
Deploy Egnyte Protect to handle my security and analytics across all the in-scope repositories; deploy GlassIG to handle the records management and related functions. The fact that two tools are needed is not an issue as the tools will be used by different roles in the organization.
I know mega-suites were all the rage for a while, but look what happened. I like the approach outlined above because it’s a best of breed approach. Each tool gets used for the stuff it’s best at. There are areas of overlap between Egnyte Protect and Box, and between GlassIG and Egnyte Protect, but it’s using the three tools as complementary technologies that, I believe, provides the greatest overall value to organizations.
Over the last few weeks I attended the AIIM Conference (the theme was Digital Transformation in Action) in New Orleans, Louisiana, USA and the IRMS Conference (the theme was Information Superheroes) in Brighton, UK. It was my third time at AIIM, at which I did one of the roundtables, and it was my first time at IRMS, at which I did the opening keynote (a genuine honour to have been selected). Both the AIIM roundtable and the IRMS keynote (slides available here) were innovation themed. This post is not going to be so much a recap of the conferences as much as it will be my take on how innovation, disruption, and transformation fit into the whole Information Governance / Management (IG/M) space, and how AIIM and IRMS and their members (individuals, sponsors, vendors) may be affected.
Since my session at both conferences was about innovation, that’s the filter I am applying, with a twist. In his opening keynote at AIIM, John Mancini mentioned Slack as the type of vendor (new, innovative, disruptive) that’s become more important in our space, but was not present at, arguably, the most important conference in that space. Slack, which I use with some industry peers, is a marvelous tool for collaborating and sharing content. Via integrations with other tools it can be a part of an enterprise information / content management play. Other vendors that are critical players in the IG/M space include companies like Box, Dropbox, Splunk, Egnyte, Microsoft, Facebook (yes), …, the list is huge. The point is that there are hundreds of vendors out there that are producing platforms and apps that people use EVERY. SINGLE. DAY. to work with and analyze the information they need to do their jobs. I’m talking about the simplest stuff (creating a document or email) to the most complex data analytics. People are doing these things using everything from supercomputers to mobile phones; in dedicated buildings and on tops of mountains.
For fun, take a look at this page on Box’s site; each of these Box technology partners could and should make up part of an organization’s IG/M technology package. So why were most of them missing from AIIM and IRMS? By asking that question I do not mean to imply that vendors like IBM, HPE, Onbase, Laserfiche, OpenText, etc. don’t innovate. They do. They’re just not overly exciting anymore. They are the legacy, staid, established vendors. Sorry guys, but as good as you are you’re just not cool anymore. I got excited about the Documentum-LEAP thing, but that didn’t last more than 5 or 6 minutes.
Since I kind of do the industry analyst thing on occasion, I do know why some of the cool vendors don’t bother with AIIM, IRMS, and other similar conferences; they don’t get the leads. However, I think they are missing a marvelous opportunity to educate and transform the market, including the associations themselves. I believe that these vendors need to look at two or three years of conference investment before they can reasonably expect to use the conferences as sales opportunities. That said, these vendors, individually, probably have little idea of what they’re really on to. And let’s face it, individually most of them aren’t significant in a IG/M or RIM (Records and Information Management) context. It’s as a whole solution built of the best bits for the job that they shine. And that is a beautiful thing.
I think the whole IG/M space, including the associations, is having a bit of a tough time with its own transformation. It’s not an analog to digital thing; it’s more of what should we be doing and to whom should we be doing it. Both conferences featured sessions about the evolution of the space and those who practice in it, but not enough, in my opinion. The transformation of the space was missing. I.e.: what is IG/M going to look like in the not too distant future? Like it or not, there are some key vendors out there that are going to have a massive influence on what our profession will look like, and they weren’t at either conference.
One of the things I’ve been seeing lately is this concept of “content as a service”. Essentially it’s having a managed repository serving as a platform on which to build actual business solutions. The back-end takes care of all the IG/M stuff like versions, policies, security, etc, while applications that solve actual business problems are built on top of the platform. Why am I mentioning this in this particular post. BECAUSE THAT’S EXACTLY WHAT THE WHOLE IG/M or RIM PROFESSION SHOULD BE DOING FOR THE ORGANIZATIONS THEY SUPPORT!!!
Very soon, if you’re only (don’t take this the wrong way) a records manager or archivist your career will be over. The titles may stay the same, but the skill sets and thought processes must evolve. All information, regardless of medium or storage location, must be in scope. I think that with the right mindset, training, and skills, today’s information professional can become tomorrow’s internal management consultant and strategic advisor. I’ve said more than once that information assets must be treated with the same gravity and urgency that financial assets are treated. There is, in my view, a small window of opportunity for those of us currently in the profession, in whatever role, to make that happen. You / we can specialize in certain disciplines that make up IG/M, but we’ve got to have an understanding of the whole.
Everything we information professionals do ought to be done in support of the core business of the organizations we work for. This does not mean we take a subservient approach to doing our jobs. Far from it. How many other professions are as well placed as we are to actually understand what’s happening? How many other professions have as holistic a view into an organization as we do? As professionals we need to look around our organizations and start to ask what problems or challenges we can help with. And it’s not just how to file something, how to prepare for litigation, how to defensibly delete something, or how to save money on storage. We need to be asking questions about how to grow the business, how to better compete, how to better serve citizens, i.e.: ask strategic, forward looking business questions.
We need to be pushing IRMS, AIIM, ARMA, and every other professional organization we belong to to ask those same questions of companies and of vendors. Associations need to be our voices, especially when it comes to defining what our profession will look like in the future. We need to step up and make sure our associations are positioned to attract the right vendors / sponsors, to answer the right questions for end-user organizations, and to provide the thought leadership that we as professionals need in order to learn and grow.
Miscellaneous Closing Thoughts
You’ll notice I’ve stayed away from using the term ECM; that’s because it doesn’t matter anymore, if it ever really did. What matters is solutions. ECM is just background stuff, which is exactly as it should be.
I’m scratching my head a bit over the IRMS offering the Foundation Certificate in Information Governance (FCIG); there seems to be quite a lot of overlap with AIIM’s Certified Information Professional (CIP) thing. Don’t get me wrong, the FCIG is a good thing that covers a little bit that the CIP doesn’t. Is it enough to warrant a separate certificate / certification? Is it a manifestation of the differences between the North American and UK markets? I dunno. I do, however, wish the IRMS and AIIM all the best with their programs.
This being my first IRMS conference, I didn’t know what to expect. What I encountered was a massive attack hug (thanks Emily), a wonderfully warm reception from the entire IRMS executive and the event organizers, and a fantastic experience in Brighton. This was definitely a records management focussed conference, with most (80%+?) participants being from one form of public sector or another. Now, many of you know what I think about pure records management and may assume that I started to itch and twitch, but I didn’t. I think there is an openness to a more holistic approach to managing information that doesn’t seem to be present at other records focussed events I’ve been to. There was also a much more palpable sense of community and intimacy than what I’ve previously experienced.
That one conclusion I alluded to in the title …
This profession of ours is as much in a state of transition as the industries and professions we support. I don’t really know with any certainty what that’s going to look like in the next few years. However, I think those of us practising our profession had better embrace a little uncertainty, tempered with a lot of flexibility and creativity.
Information surpassed people as an organization’s most valuable resource a few years ago. There is no reason to believe that things will ever go back to the way they were. More than likely the value of information will continue to increase as its volume grows. Therefore, those of us who really know how to govern and manage it, how to leverage its value, and how to mitigate its risks … well, there’s no stopping us.
 If you added information governance / management related sessions to Boxworks, it could actually be a better info gov conference than AIIM, in terms of having relevant vendors show up.
Last week the Information Coalition hosted an InfoChat. During the chat a question was asked about who the most important stakeholders in Information Governance projects are. I answered that I don’t believe in InfoGov projects.
Instead of writing a whole post about why I don’t believe in InfoGov projects I thought I’d give you all a break and, instead of reading my stuff, let you see and listen to me. 🙂
Anyway … my thoughts …
BoxWorks 2015 ran from September 28th to September 30th in San Francisco. Day 1 was for us analyst types and for CIO’s; the general conference ran on the 29th and 30th. Attendance numbers that I heard ranged from 6,000 to 9,000 – I have no clue how accurate these numbers are. Anyways, here’s my thoughts on some of the key announcements / moments, from my perspective … Oh, this Box post has all the goods from the event …
Aaron Levie’s fireside chats with Tim Cook, John Chambers, Ed Catmull – The Tim Cook chat was, I think, one of the most anticipated events of the conference for many people. It was good, nothing special for me. The chat with John Chambers, however, was the one that I found resonated most with me. I missed all but the last 5 minutes of the chat with Ed Catmull.
Best comment at the afterparty – “Is that One Direction?” For what it’s worth, One Republic is way better live than I thought they’d be. Too bad I only got to see them for about 30 of their 90 minute show.
Realization on the way home – Over the last 18 months or so I’ve met a lot of people from Box, either in person or on the phone. There’s not one where I’ve come away from meeting them thinking “what a dick.” That’s pretty impressive.
Jeetu Patel actually categorized Box as ECM during the analyst summit. He’s the first Box exec (I think) that actually made that statement.
I reminded Whitney Bouck that earlier this year I referred to Box as being part of the information governance landscape and that she wasn’t thrilled when I said that. She just smiled at me.
Proof that some people still don’t get it –
That some people (analysts, even) are still including Box in the same category as Dropbox, OneDrive, Google Drive, Egnyte, etc. is, I dunno, stupid, I guess.
Box Capture – see my quick review here.
Better image / video support in previewer – Box announced enhancements for interacting with 3D, video, and DICOM images directly within the Box previewer. The DICOM bit doesn’t interest me much, but it is impressive. The 3D and video (up to 4K, adapts to bandwidth issues) enhancements are going to be a big deal for the clients I deal with. Training, safety, and technical content will benefit hugely. Marketing, sales, media & entertainment, … any use case that relies on rich content and the ability to collaborate on it is going to benefit. Oh, and all this is delivered in HTML5.
Box Platform – In my opinion, the announcements about Box Platform and its separation from Box’s product group are huge. I know I got excited when Box made their original platform announcement (last year?), but now I think we’re really going to see the fruits of that decision.
Platform’s going to allow app developers, including Box, to focus on providing functionality to their users without having to worry about all the content services and security stuff (i.e.: pesky infrastructure stuff) in the back end. Jeetu Patel (SVP Platform & Chief Strategy Officer) estimates that folks building content apps spend about 80% of their time buggering about with infrastructure related stuff and only about 20% building the core functionality that users want/need. Now, I don’t think app developers will ever get to spend 100% of their time on only the core functionality, but even a 20% increase (very conservative, IMO) would yield significant benefits. Time to delivery, innovation, creativity, and quality would all improve.
The impact to corporate IT is going to be significant as well. To all you CIO’s and IT execs hesitant about cloud because in reality you’re worried about being marginalized or losing power / relevance: get over yourselves. The opportunity is there for you to shift from fixing printers and patching outdated systems that are barely able to stand up anyways to actually becoming MORE relevant by adding value to your organization and delivering functionality (apps) that add business value. And I strongly urge you to check out what John Chambers had to say. Read it however many times you need to to get it (this goes for the couple analysts that claimed Box is not a platform, as well).
This tweet from Jeetu Patel sums up nicely what the impact will be to users and developers:
Something else that makes Platform such a compelling story is that users won’t even know that they’re interacting with Box. They’ll simply use an app to get their work done, and all the content services will be in the back end. In many (most?) cases there won’t even be a need for users to have a Box account. IMO, this path leads to delivering on the original promise of Enterprise Content Management.
Content Management & Collaboration – There’s a lot in this bunch of stuff announced by Whitney Bouck (GM, Enterprise & SVP, Global Marketing), so I’m just going to focus on the stuff that really stands out to me.
The whole Box/IBM thing is “f**king brilliant”, as I said to a couple of Box and IBM execs at some high falutin’ gathering. Remember when I said that a hybrid approach was needed? Well, the Box/IBM partnership provides EXACTLY that. Box+Content Navigator and Box+StoredIQ (is it pronounced stored ick?) provide a unified view into Box and on-premises content, along with the ability to do some analysis, tagging, discovery, and classification. It’s boring stuff from an apps point of view, but for being able to put together an information governance strategy it’s absolutely critical and kinda sexy.
Box and IBM are working together on further integrations, including Datacap and Case Manager. There’s going to be a whole bunch more use cases that open up to them with these integrations. It’s not that Box couldn’t participate in these use cases previously, it just couldn’t be done end-to-end. Now, to the users’ benefit, there’s really no reason to jump into another tool to execute any portion. Human resources, mortgage & lending, claims management, incident investigations, etc. will all be able to be executed from within a single UI, regardless of whether the content is on-prem or in the cloud. That’s friggin’ cool. Oh, and the IBM MobileFirst for iOS is gonna have a pretty big impact on the whole Box partnership thing, too.
Hmm, I wonder if there’s any plan to hook Datacap to Box Capture. If not, THERE SHOULD BE. At the very least there should be some plans on the roadmap to provide similar capabilities.
Storage & Security – Perhaps some of the most significant announcements at the conference relate to changes in security and storage options.
Box’s Enterprise Key Management (EKM) announcement earlier this year was key (no pun intended) in eliminating some security concerns about moving content to the cloud. However, it turns out that EKM is expensive and a bit of a chore to configure and manage. In order to alleviate those concerns Box announced that, next year, customers will be able to use Amazon’s AWS Key Management System. This changes things from a hardware appliance based approach to a software based approach, without sacrificing security. It ought to make things less expensive and cumbersome for customers.
The one thing I don’t like about the whole key management thing is that customers lose the benefit of full text search. The partial solution to that is to rely on metadata for searching.
In the coming quarters customers are going to be able to choose from among three storage partners for storing their Box content (I think we can all guess who they are). In addition to storage provider flexibility, this will eventually afford customers the option of where (think data residency) to store their Box content. There are some details still to be worked out, but this could be massive for organizations that have operations across multiple jurisdictions and have to deal with a myriad of data residency issues. I fully expect that as time marches on there will be more choices for customers.
Between the EKM changes and the storage flexibility, I foresee the day when customers will be able to choose what gets stored where, and what portion of their content gets secured via the key management solution (it’s currently an all or nothing proposition).
The Crystal Ball – This was one of my favourite sessions. A bunch of folks from Box’s product team presented a bunch of stuff that: 1) will be delivered this year; 2) will be delivered next year; 3) may not even get on the roadmap (exploratory stuff, you know). All I’ll say is that there’s nothing I saw that shouldn’t make it into the product at some point, with one exception. But, it’s all about priorities, babies.
Metadata – Much of the good stuff that was announced is going to rely on having really solid metadata. Regardless of the release of Metadata Template Editor earlier this year (my thoughts about that), applying metadata to content in Box is still a huge pain and needs to be automated. I know Box is thinking about this and I hope that they deal with it sooner rather than later.
Services – Box is going to need to beef up their services organization. Even a year ago I think they could get away with having a roster of consultants that are almost exclusively technical in nature; that’s all changed. Between the IBM partnership and stepping out of EFSS into ECM, they’re going to need a services group that includes ECM and information governance SME’s, business solutions folks, and some other non-technical skill sets. Will they do this via partnerships or by bringing the skills in-house? I don’t know and I don’t think it makes a huge difference. All I know is that they need to do it fast.
As I said during the conference:
Box is going to need a services organization to support that.
Anti-Big Blue – The Box/IBM partnership has accelerated Box’s ability to provide ECM and information governance capabilities. However, for whatever reasons some organizations simply will not have anything to do with IBM (I know, weird, huh?). However, these organizations are still going to need the same capabilities. Will Box take steps to provide these capabilities or forego the opportunities?
Consumer and enterprise file synchronization and sharing popped up because people needed a way to easily share and collaborate on business content. This gave rise to the “Dropbox problem”, which is just stupid and ignores the real problem; organizations didn’t provide their people with policies and tools that allowed them to GSD. Today there are plenty of options, consumer and business grade, that provide a cool experience with the security and controls that business and IT need.
Organizations that haven’t sanctioned business grade file sync and share are foolish and open to a world of pain. If they think that their people aren’t chucking content around in the wild, well, think again. Go fix that problem, it’ll take all of 5 minutes.
The bigger problem today is figuring out what goes in the cloud and what doesn’t, and then providing access to it (don’t use this as an excuse to do nothing, start with something easy and low risk). The reality is that, for any number of reasons, not everything can be chucked into cloud based repositories. Even if an organization were committed to putting 100% of its content and processes into cloud services and repositories, that would not happen overnight. That reality means many, many organizations are going to require hybrid solutions.
The image above is not an unreasonable representation of what many organizations are faced with. It’s fair to say that even if you remove the cloud based services, organizations can’t adequately provide a single point of access to all of the on-premises content people need on a day to day basis. The problem is exacerbated when that content must be shared and collaborated on by disparate groups of stakeholders. Now add in other information governance and management requirements, such as metadata, classification, retention-disposition, e-discovery, process integration, legal and regulatory compliance, and security and the challenge is more difficult still. Toss in some cloud services and repositories and what do you end up with?
The real initial challenge was conceptually pretty simple: “I want access to content from wherever I am, using whatever device I want, and I want to work on that content with whomever I need to work on it with.”
The likes of Google, Dropbox, Microsoft (OneDrive, not SP online), Box, etc. solved that problem, but in doing so created other problems, both real and perceived. The perceived problem they created was a security one. Trust me, it’s less of a problem than most organizations storing stuff in their own data centres or networks is. The real problem they created was around information governance and management, which is a strong suit of many Enterprise Content Management (ECM) vendors.
ECM vendors like Alfresco, EMC (prior to selling off Syncplicity), OpenText, and Oracle tried to solve the initial problem, and did a fair job of it. The big problem there was cost. In order to use their file sync and share capabilities you had to be using their repositories. Sure, you could opt for a cloud deployment, but you’re still running a full-blown ECM platform (which is not necessarily a bad thing).
Google, Dropbox, Microsoft, Box, Alfresco, OpenText, and Oracle all work on the premise that your content is in their repository. If it isn’t, oh well. Syncplicity allows access to Documentum and SharePoint content, so I’ll categorize that one as a not quite semi-open option, though it does work on-premises and in the cloud.
Accellion, AirWatch (VMWare), Egnyte, and Citrix all offer hybrid solutions that may or may not work with ECM repositories in a limited capacity. However, from what I’ve seen from some of those guys the user experience is not always, shall we say, pleasant.
Of the ten vendors I’ve identified, not one is capable of providing secure, mobile access to all an organization’s content, and governing and managing it. Not one. Go and check out the latest Gartner (MQ) and Forrester (Wave) reports ranking the best of ECM and EFSS (silly market categorization); of all the vendors in those reports combined, not one can provide that combination of access, search, security, and governance.
Now, if a service were providing access to content in an ECM repository there would be no real need for that service to also provide all the information governance and management capabilities. Maybe I’m making the problem bigger than it really is. On the other hand, OneDrive, Google, and Dropbox have no governance / management capabilities to speak of, and what’s available from Box is 1st version functionality that has improving to do.
As far as I’m concerned:
- The initial problem has only been partially solved;
- There was not, is not, never will be a “Dropbox problem”;
- Sharing and collaborating on content is easier today than it was a couple of years ago;
- Platforms, apps, and API’s are the way forward;
- There’s still a long way to go, but holy crap have opportunities for innovation and transformation opened up.
 GSD – Get Sh!t Done
Over the last couple of weeks I’ve been approached by recruiters that wanted to chat with me about taking on some Information governance and information management work. Two of the opportunities are in Calgary, a little over 300kms from where I live, the other is local. One was for a credit union, one for a pipeline company, and the last for a provincial government ministry. All three organizations are looking for a senior resource that could deal across the enterprise to get programs in order, drive change, and be THE subject matter expert for all things related to governing and managing information. The proposed rates are as follows:
- Credit Union in Calgary , 3 days/wk onsite – $70-$75/hr, no travel expenses
- Pipeline company in Calgary, 5days/wk onsite – +/-$90/hr, no travel expenses
- Gov’t ministry in Edmonton (local) – $70/hr
Travel alone would cost me approximately $350/day, plus the mileage to drive between Calgary and my home (approx. 600km*$0.48/km = $288/trip). Add the expenses up, and over a 5-day week I’d need $51.25/hr just to cover my expenses. Obviously the travel thing isn’t an issue for local projects.
The travel thing is bad enough, but what really gets me is the total lack of value a recruiter or client places on my time or skill. These people have to understand that what I know and do is not a commodity skill set. I didn’t just learn this stuff in school last year. I, and my peers, spend a ton of time educating ourselves and getting better at what we do. We’ve got many, many years of experience that makes us the experts we are. We are not a bunch of generalists that are a dime a dozen. In every sense of the word we are professionals and deserve to be treated, respected, and compensated as such.
The other thing that really bugs me about this situation is that it’s indicative of many organizations not having a clue about the value of information. Information is an organization’s most or second most important asset. By going cheap on the resources that they’re trying to engage, they are going to get burned; it’s like hiring a barely qualified bookkeeper to manage financial assets. IT. WILL. END. BADLY.
You’re all familiar with ERP, right? Nobody complains when an SAP consultant comes in with a high hourly rate. They bring skills and experience that are hard to find, and they deserve to be compensated accordingly. As I told an executive at a Swiss bank several years ago, “This stuff’s (ECM) way harder than ERP.” He agreed. Prior to his role then, he’d spent 15+ years working on SAP projects, and we were about 3 months in on an ECM project. The way I figure it is if one is willing to pay premium rates for the skills needed to manage an organization’s financial assets, one should also be willing to pay premium rates for skills needed to manage information. After all, not everyone in an organization touches or is touched by ERP, but if it’s done right every soul in an organization and all their stakeholders ARE touched by information, whether they realize it or not.
My billing rates aren’t cheap, but they are reflective of my experience, skills, and the value I add. I’m nowhere near as expensive as the big consultancies, by the way. I understand the current situation with the Canadian economy and that our currency is taking a massive beating right now, but that does not mean I will be bent over just to win a project. It means that if there’s a good match between me and the potential client, I will be flexible, within reason.
If organizations are going to get serious about governing and managing information, and leveraging it as the asset it is, they are going to have to pay for the expertise they don’t have in-house. If they continue to try and cheap out, well, you get what you pay for. Good luck to ‘em, here’s a couple horseshoes.