Box Announces Governance – Another Step Towards #ECMnext


mis-megaphoneSo Box came out and announced Box Governance this week. For those of you thinking that Box is just one of the surfeit of file sharing providers on the planet, think again. Box has been steadfast in stating that they are providing content management and this week’s announcement is further proof of that.

Box Governance provides three important capabilities: 1) Retention Management; 2) Content Security Policies (really should have something about “sensitive information” in the name); 3) Defensible eDiscovery. While having these capabilities available is in and of itself a major step forward, it’s also important to note that organizations that choose to deploy Box can now claim compliance with a number of government and industry regulations and standards (e.g.: PII, FINRA, SOX, SEC 17a-4). However, the most important thing about this announcement, in my opinion, is that it serves to remove additional barriers to including Box in the conversation when talking about Enterprise Content Management vendors (pay attention Gartner, Forrester, IDC, et al). Coupled with Box’s Enterprise Key Management (my post on the topic) announcement earlier this year, organizations relying on FUD (Fear, Uncertainty, Doubt) to exclude Box from consideration are losing rationale for doing so. Security and information governance are what separates true managed content from just another shared drive, and Box has them. Bleat all you want about cloud not being secure and cloud content repositories being unmanaged messes, it’s not working anymore.

Since BoxWorks last September (my thoughts) Box has made a number of feature additions, announcements, integrations, and alliances that are moving it closer to being able to deliver the right balance of System of Record and System of Engagement. At this point it’s still a little ugly and cumbersome for administrators to configure the backend to deliver the various governance, workflow, and security bits to work properly, but that’s what the team at Box Consulting is paid to help with. Those paid to worry about security, legal, regulatory, and audit have less to worry about now than a few months ago. From a content consumer/contributor perspective it’s all pretty slick and that’s what it’s all about.

It’s no coincidence that a white paper I wrote for Digital Clarity Group was released yesterday. The paper is about the next generation of ECM (#ECMnext) and how Enterprise File Sync and Share (EFSS) platforms will provide it. We’d (Box, DCG, me) love to get your thoughts on the paper. Feel free to reach out to any of us (you can reach me via email at chris.walker@phigsimc.com as I am no longer with DCG) to rant or rave. There’s no data collection, fees, marketing gates or other intrusive nonsense to get the paper, so download The Next Generation of Enterprise Content Management to your heart’s content.

Image taken from http://ontheedge.dezignstuff.com/survey-ends-today/1404/mis-megaphone

The Metamorphosis of Enterprise Content Management


Butterflies

Image by Luna sin Estrella, used under Creative Commons 2.0.

Regardless of what you’ve been hearing, Enterprise Content Management (ECM) is not dead. For years ECM has been harangued as being overly cumbersome, overly expensive, overly difficult, and underwhelming when it came to delivering benefits. That’s all about to change…

The manner in which ECM is delivered is going to change. Taking a cue from what consumers have come to expect in terms of the technology they use for personal reasons, a subset of Enterprise File Sync and Share (EFSS) vendors, led by Box, are emerging as purveyors of ECMnext – the next generation of Enterprise Content Management platforms. The focus is on how and why people create, consume, and share content, supported by a foundation that provides the security and governance required in today’s digital business environment.

This whitepaper explores the short-comings of legacy ECM platforms, and how ECMnext vendors can step up and deliver what we’ve wanted out of ECM all along. While there’s still a ways to go for ECMnext platforms to be able to completely replace legacy ECM platforms, the basic building blocks are in place and the roadmaps are pointing in the right direction.

You can download the whitepaper directly from here.

If you need a little more evidence that ECM is changing, take a look at Box’s announcement about their governance functionality: Introducing Box Governance – Delivering Control and Compliance in the Cloud.

If you’d like additional insight, this 15 minute podcast from February 2015 features Connie Moore of Digital Clarity Group and me discussing EFSS and ECM.

Wake Up! ARMA Canada


Alarm-ClockI just spent the last few days (May 25th – 27th) at the ARMA Canada conference in Calgary. As you’d expect it was great to get together with people that I typically only engage with online. But that’s not the reason I go through the effort and expense of attending. I come to this and other conferences to learn and see what’s new, and maybe make some new connections (that whole networking thing). Unless there’s something really compelling (there wasn’t, for me) I do much of my learning on the trade show floor rather than by attending sessions. I try to figure out what’s new, innovative, and exciting by talking to the vendors and attendees.

  • What’s new? Other than RSD’s first appearance (I think) at ARMA Canada, nothing really.
  • What’s innovative? Nothing really.
  • What’s exciting? Nothing really.

The problem seems to be that the Records Management community is not evolving with the times. Sure, they say “information governance”, but I’m not convinced they know what it means or what the implications are. They talk about social media, but do they use it (there was actually a session during which they were taught to tweet). They talk about cloud but then do nothing about it other than give in to the boogie man prognostications. Shit! Even the younger RM folks are sounding like the older ones who are close to retiring.

Based on what I saw and heard at the conference, I hold no optimism that the state of Records and Information Management will join the 21st century any time soon. RIM professionals are complaining about not being given the dues and respect they deserve (and they DO deserve it) but they have to take it, not wait for it to be handed out. ARMA Canada as an association is not helping. They’ve had pretty much the same content, speakers, and vendors since I went to my first conference in 2008. Yes, the names have changed, but you know what I mean.

I’m not sure how, but ARMA Canada needs to freshen things up a bit. Dump the vendors that do nothing but SharePoint stuff or physical records management; that stuff hasn’t changed since the shelf was invented. Attract vendors that represent the new way of doing business and are influencing and enabling digital transformation of business. Solicit speakers that want to do more than talk about how to build another functional file plan or how to implement an ECM platform. ARMA Canada needs a slate of speakers and vendors that represent a balance of what today’s realities are, and what the very near future will hold for managing information.

I’ll wait until I see what the agenda for next year’s conference is, but if it’s pretty much like this year’s this is likely my last ARMA Canada conference for a while. And if things don’t change fast, the RIM profession will be further marginalized, and I’ll likely contribute to the further marginalization; not because we dislike RIM and RIM professionals, but because the rest of us have to move forward to succeed.

Just to add a little positivity …

Over dinner with a friend of mine I got a good look at Oracle’s Document Cloud (I think that’s the name). It’s Oracle’s offering to the EFSS (I HATE that name) market. It’s really, really slick. The version I saw (not sure if it’s generally available yet) looks as easy to use as Box (which is what I use for my business). I know a couple of things about where Oracle is going with it, but not a ton. One thing that I do really like about it is that it sits on top of Oracle Web Center Content so all the security, metadata, workflow, and retention are taken care of. By the way, for those of you who care; Oracle’s Web Center Content is likely the best kept secret amongst ECM platforms. It’s a secret because Oracle really sucks at marketing it.

A few people asked me about the PHIGs (Principles of Holistic Information Governance) that I put together a couple of years ago; you can download them here.

Image taken from http://www.a-tips-of-life.com/tag/awake/

Case Study: Managing Information – How and Why


This is the second case study type thing I’m trying. It’ll likely be the last for a while as I have nothing left that I can publish without getting sued. Ah, the joys of being an independent consultant. Anyways …

This case study has to do with the project referenced in the two posts linked below. You may want to read them to get a better overall view of the project :

  1. Don’t Blame SharePoint;
  2. Guerrilla Tactics – IG Whether or not They Want It.

The document I’m sharing is part of a set of four docs that were delivered to the client. The purpose of each document is explained in the case study document.

The client in the case study builds electricity infrastructure; they are heavily regulated. They took the decision a while back to use SharePoint as their ECM pillar (though they don’t really know what ECM is). They also don’t have an Information Management strategy, nor any type of dedicated information governance structure. Though they rely heavily on information, and generate tons of intellectual property, they don’t do much about treating information as an asset. As far as they are concerned, information is IT’s problem and the business is just a client.

I was working as a subcontractor with ARC Business Solutions on this project. One of the key contributors to the project and the document was Chris Riley. You can follow Chris on Twitter at https://twitter.com/HoardingInfo. We knew early on in the project that the client was in ECM trouble and needed help. Though not part of the project mandate we wrote the docs up anyway (No. We didn’t bill the client extra.).

Without further ado … click the link and check it out: Managing Information at client name.

Feedback is appreciated.

The image in this post is my first attempt at visually representing the Principles of Holistic Information Governance. Click on it for the original PHIGs post and a larger version of the image.

Chris Riley, along with Shadrach White, is a co-author of Enterprise Content Management with Microsoft SharePoint.

AIIM2015 – Quick Thoughts


IMG_1301This year the annual AIIM Conference was held in San Diego, California; way better than last year’s location which was really a few hotels sitting on reclaimed swamp land or something. And it was great to reconnect with people and meet some new folks and blah, blah, blah ….

Overall I found this year’s event much better than last year’s. This could be because: A) I had no responsibilities as a speaker or representative of any company in any form; B) The content was just way more compelling to me. Either way the AIIM crew, led by Georgina Clelland (recently promoted to VP of something at AIIM, deservedly so), deserves huge congratulations. If I’m not dead or incapacitated I fully intend to be at the 2016 conference in New Orleans, Louisiana.

On to the good stuff …

Priorities

IMG_1324I have to say that I was pretty dismayed, though completely unsurprised, that most people and organizations still view managing information from the risk / compliance side of the ledger. Even one of the vendors I spoke to understood that their tools could do so much more if they were employed for insight and analytics, rather than for responding and defending against discovery and compliance issues. During the conference AIIM ran an informal, unscientific survey about organizational priorities; the results are over there <-.

Information Governance

Information Governance seemed to be a hot topic this year, with at least a couple of roundtables and one panel discussion dedicated to it. Good news, right? Sort of. Between the sessions I attended and discussions I had, no one offered up a definition of Information Governance. In fact, one of the IG vendors went so far as to say that they don’t do IG, they’re merely a small part of it. For the record, this is the same vendor that opined their tool could be used for value as well as risk. Regardless of the lack of a cohesive definition (just shows that what the IGI, I, and others have said is true) it was apparent that IG is an important topic.

Enterprise File Sync and Share (aka The mmppfff Problem)

You don’t think that file syncing and sharing is important or disruptive? I don’t know how many sessions at the conference covered the topic, but I attended three:

While Lubor’s session was not explicitly about EFSS, it doesn’t take a genius to figure out where things are headed. Actually, you could say that we’re already there, but just not in a very polished way. In his session, Alan pointed out that, while working for some client or other, he and his team stopped counting once they’d reached 130 EFSS vendors.

EFSS is a big deal. No, it won’t kill ECM; depending on the vendor, it will BE ECM. Don’t believe me? Think about ECM vendors coming out with their own EFSS offerings. Some because it’s the future, some because it’s the only way to defend against the likes of some of our favourite EFFS players (130+? Holy Carp!)

Bits and Pisces

Lane Severson and I chatting about big data, analytics, data scientists (that kinda stuff) – if your data scientist type people don’t understand your business and context, they’re not worth it.

The guys in the corner from a three-letter ECM vendor now flogging an EFSS solution – if you can’t answer the simple questions, why are you here? Seriously. Why?

You know who you are – a roundtable session is not where you talk about your product for 20+ minutes to the point the AIIM monitor person has to step in and tell you to give everyone else a turn. That said, once you stopped talking it turned into a pretty good session.

Surprised but not by the absence of some of the EFSS players. You should have been there; I think it would have worked out better than last year.

Panel moderators should be like hockey referees; we don’t know they’re there until a fight breaks out.

Enterprise File Sync & Share – It’s Not What You Think It Is


Stop EFSSWhen Gartner came out with their Magic Quadrant for Enterprise File Sync and Share (EFSS) back in July 2014 I laughed a little because I find the idea of an EFSS market, well, laughable. Yes, I know they put in a whole bunch of stuff about what could or should be part of the market, but boiled down it seemed to me that EFSS per Gartner is little more than the old Microsoft Briefcase. I.e.: a feature of a larger solution. Let’s face it; EFSS is little more than email and consumer grade cloud storage. One of the names that’s been bandied about to replace EFSS is ECC – Enterprise Content Collaboration. I don’t like it very much, either.

If I were Box, EMC, Alfresco and most of the other vendors on the MQ I’d be more than a little irked. Most of the vendors have invested heavily, organically or via acquisitions (sometimes both), to come up with some pretty cool and innovative solutions (not products) that allow people on both sides of the firewall to work together. These solutions allow organizations to impose various levels of automation, governance, and security to critical content. Being categorized as a File Sync and Share provider is frankly insulting. I find it insulting to the vendors as well as the customers.

Some of the vendors have been more successful than others, but I don’t think it’s germane at this point to come up with a list of winners and losers as the market (whatever its true name ought to be) is still fairly nascent. At most we’ll be able to make some guesses as to who will survive intact for the next few years and who won’t. Depending on the original exit strategy, being acquired is a perfectly valid form of survival. Will success of the wrongly-labelled EFSS players be measured against the same metrics that are currently being used for the incumbent (some would say legacy) Enterprise Content Management (ECM) players? Why would I even bring this up?

Gartner EFSS MQ - July 2014

The Gartner Magic Quadrant for Enterprise File Synchronization and Sharing is available from Gartner as well as from some of the mentioned vendors including Syncplicity, Box, Alfresco, and Citrix.

Note: For what it’s worth OpenText should have been included in the MQ, based on Tempo Box, which I used when I was working there. As for what’s coming up from OpenText, I’m looking forward to seeing what OpenText Core is all about.

If you look at the MQ, some of the players are ECM incumbents (Microsoft, IBM, EMC, Alfresco), which is another reason why I find the EFSS market and associated MQ a bit of a giggle. In all but a few scenarios the ECM incumbents are competing not only against the new entrants and upstarts, but they are competing against themselves. For all practical purposes, some of the new players can provide solutions every bit as capable of meeting functional requirements as the incumbents, but with much better experiences. Sure, they’ll have to collaborate and form alliances with other vendors, but how is that really any different than what’s going on today? Where ECM currently has an advantage over the new players is in ultra-regulated environments for certain business processes. That, however, will change as the tools improve, as legislation changes, and as purchasing organizations see the FUD (Fear / Uncertainty / Doubt) for what it really is.

I recently completed an ECM assessment for a Canadian university; they asked me to assess why Alfresco wasn’t as successful as they’d anticipated (it wasn’t Alfresco’s fault – please read You Are the Problem for some details). They asked that I recommend that they either press on with Alfresco or dump it and go with SharePoint. When I brought up the option of using a cloud solution they were adamant that this was something they did not want to do. The reason they gave was based entirely on FUD, lack of understanding of current day realities, and lack of understanding of what their users (internal and external) want and need. So I included an appendix putting forward a solution based on one of the MQ’s upper right vendors. That vendor is perfectly capable of meeting the university’s requirements on all fronts.

As a consultant it’s my job to not only deliver what my clients pay me to deliver, it’s also my job to educate them and to present alternatives that they may not necessarily be thinking about. In the case of the university, a cloud based solution based on a platform provided by one of the vendors in the MQ is perfectly viable, despite my client’s prejudices.

When it comes to Box and others in the (to be renamed) EFSS market, we’re not far from the point where they can punt the incumbent ECM vendors to the curb. They’ve got some solid foundations in place and a pretty decent roadmap for the future. How the various players build on their foundations is going to depend on what they see as their core strengths and where they see the most potential. Box is taking a platform approach, Dropbox is pinning its future on Microsoft, and Huddle is focussed on collaboration. The others all have game plans that include features and functions and deployment options. I’m fairly certain that all the players are going to find their fit, but it’s not going to be EFSS. EFSS is purely table stakes, as others have said. I think we’re going to see fragmentation in the market sooner rather than later. I think we’re going to see more and more occasions where someone does what I did and puts one of the (for now) EFSS players up as an alternative to ECM incumbents. What I’m really looking forward to seeing is when/if the ECM incumbents actually change their game, not just add features, to keep up with the times. I suspect it’ll happen later rather than sooner.

A lot of people and companies, me included, have been going on about Information Governance (IG) for a while now. In a previous post I wrote about ECM not living up to its promises and being supplanted by Information Governance. What does this have to do with the space that isn’t EFSS? I’m glad you asked …

I attended BoxWorks in September 2014 (my thoughts, if you’re interested) and I’ve also been pretty interested in the whole not-EFSS space for a while; I’ve concluded that Box and some others are going to supplant the legacy ECM vendors even as ECM transitions to being a collection of functions required to deliver IG. Between the vendors that provide the core platform and 3rd parties that provide additional functionality, I’m fairly certain that most of what’s defined as IG activities and technologies could be provided. Take a look at the two graphics below; the first represents the facets of IG and the 2nd represents the various technologies that make up IG.

IGI Annual Report - IG Facets

Think about the various players in the un-EFSS market. How many of the facets (activities) in the above graphic could be handled by those players or their partners? Don’t worry about whether or not you agree or don’t that all the facets belong under IG; choose the ones that matter to your organization.

IGI Annual Report - IG Technology  Markets

Of the technology categories in the above graphic, how many could warrant inclusion, to at least some degree, of not-EFSS players and their 3rd party partners?

The two graphics above were produced by the Information Governance Initiative, in their inaugural Annual Report. Their inclusion here does not mean that I necessarily agree with what’s in the graphics or in the report, though I do recommend reading it (get it here, free subscription required).

Closing Thoughts

There are going to be some EFSS vendors (e.g.: https://www.sync.com/ – not included in the Gartner MQ) that are going to be pure play EFSS vendors, and that’s cool for them and customers that want that level of functionality. However, for most of those mentioned in the MQ the EFSS part of what they do is truly table stakes, to borrow a phrase. If I take a look at Box, Alfresco, Microsoft, EMC, OpenText (I am including them even though Gartner forgot to), etc., what they’re really providing is part infrastructure and part platform. Labelling them as EFSS makes about as much sense as calling SAP accounting software and lumping them in with Quicken.

It’s the infrastructure and platform pieces that set Box, Alfresco, Microsoft, EMC, OpenText, et al apart from the true EFSS players. With the pure EFSS players what you get is what you get, that’s it. With the EFSS+ players (I just made that up) what you get is foundational. What you do with that foundation is up to you and the potential will increase as the players mature. As much as organizations have built their information governance and management strategies around legacy ECM platforms, they’ll be able to do the same with EFSS+ platforms.

in this podcast Connie Moore and I discuss the EFSS market, as well as ECM. Brought to you by Digital Clarity Group. http://www.digitalclaritygroup.com/dcg-podcasts-efss/

Cloudy With a Chance of Success – the Update


I originally posted this back in November 2011. A lot has changed since then, but there’s also a lot that hasn’t. One of the biggest things that’s changed is that Enterprise File Sync and Share (EFSS) has gained a ton of legitimacy over the last little while.

I’m reposting this for a couple of reasons: 1) There’s much in the post that is still relevant; 2) I’ll be posting something in early January that’s related and want to use this post as a kind of introduction.

I debated whether or not I should edit the original post but decided against it. I’ve simply added some comments where I felt they were necessary to clarify things, likely as much for me as for you.

CloudsThis post was inspired by this article on CMSWire by @billycripe and by the Cloud themed tweet jam hosted by CMSWire on November 17, 2011. As usual this is just my opinion.

I’m not an expert on cloud computing, I’m just some guy that likes to be able to access the content I need to do my work, from wherever I happen to be, using whatever device I feel like using at the moment. Take this post, for example; it was written on a laptop and a tablet, in a dining room and a swimming pool (not really in the pool since my tablet isn’t waterproof though that would be mega-cool).

I agree with Billy Cripe’s thoughts that Agile can (ought to) be applied in the development of cloud based ECM solutions. However, as Billy correctly states, “Managing content is not the goal of most businesses.” Most businesses exist to make money by providing products and/or services that consumers want. Businesses rely on information in order to get their stuff done, whatever their stuff is. In order to fully exploit information, the tools (i.e.: information stores) that the businesses rely on need to be connected to each other (so do the people – the tools need to facilitate this). Content / information management tools (cloud or not) need to be part of bigger picture business solutions. We need to build solutions that deliver “I need to share this” in the context of why it needs to be shared (answer why you need to share and you’ll likely figure out who and what).

Re-reading this now it seems as of the above is meant to imply that the topic is legacy ECM systems. That may have been true originally, but it’s not now. I’m really looking at this in terms of anywhere that content can be stored.

No sane person can argue the value and validity of the cloud. Except me. I’m not daft enough to think that cloud computing doesn’t have value or is not a valid approach to take. However, I do think that we’re not going to realize the full potential of the cloud (and by extension, content) if we simply limit its scope to content management. Yeah, I know that there are other things that are done in the cloud, such as CRM, payroll, and accounting.

We’ve gotten to the point where there really is no need to keep much on premises anymore.

When I refer to “cloud” I am referring to more than just the data centre, if that’s not obvious.

Content Wherever I Am

One of the cool things about content in the cloud is that my content is wherever I am. (Okay, so it’s not really my content, it’s my organization’s content.) That’s not the point, though. The point is that I can work with content wherever I happen to be, using whatever device I choose. This does assume that the chosen content repository is able to be synched appropriately. Wouldn’t it be cool, though, that if in addition to being able to work with the content and share it with collaborators (the work variety, not the WWII Nazi variety) the content could also be appropriately tagged, filed, and placed under retention at the point that I plunk it into the repository? I.e.: Cloud repositories need to become extensions of ECM and ERM systems, probably through federation.

So the whole thing about federation is a little off. This really should be thought of as centralized policy administration and enforcement.

Correctly Connecting Corporate Content

Content is spread throughout an organization; cloudification just increases the spread. When I say content, I mean anything that is stored on digital media that serves any legitimate business activity. (For obvious reasons I am excluding physical content.) A key to widespread cloud acceptance is to be to able access / leverage content in order to execute a business activity, regardless of where the various pieces of content reside. An agent in a social services organization should not have to know or care that a citizen’s information is spread over a number of repositories that could be on-premises, in a private cloud, and in a public cloud. The agent is there to service the needs of the citizen, not to figure out some (likely) convoluted architecture just to try and find stuff.

CMIS is a step in the right direction, but where CMIS falls short is that it doesn’t address non-CMS (think ECM) repositories. What we need is something that allows connecting everything that we need, when we need it. Device and location should not be factors. In fact, the only thing that a user should worry about is whether or not they have the right content to do the job. Governance, classification, and security ought to be just taken care of.

If the scope opens up to include non-ECM tools, how much of a factor is CMIS? Look at what’s happening in the broader EFSS space with open standards and open API’s.

Speaking of Governance…

Until the governance issues get sorted, I doubt very much that we’ll see widespread adoption of public cloud services. Smaller organizations, organizations with lax regulatory / privacy regulations, and organizations that can bully providers into rock-solid SLA’s may be able to go full public cloud, but I doubt they will. I think the reality is that organizations will end up having hybrid environments of cloud and on-premises.

When I say governance I am not only referring to the poo that legislators, regulators and litigators throw in our way. Governance needs to address issues such as:

  1. what can / should be stored in the cloud
  2. service level agreements
  3. disaster recovery / business continuity
  4. security
  5. classification / categorization
  6. retention & disposition (thanks to @JamesLappin & @AlanPelzSharpe for bringing this up)

Governance of cloud content has to deal with all of the things that we need to deal with for on-premises stored content, with the added complication that we also have to deal with where the damn box is and if some foreign government can get at it whenever they bloody well feel like it. Canada’s Anti-terrorism Act and the United States’ PATRIOT Act are not going to be very helpful in encouraging organizations to move to the cloud in a big way.

With so many employees using consumer devices and consumer services it’s better to accept the potential peek from the government than it is to continue to deny things and have content out in the wild.

Parting Shots

  1. Hybrid (cloud / on-premises) will be in the majority
  2. Governance (internally & externally imposed) has to be figured out
  3. Integration / interoperability are critical
  4. Privacy concerns and government snooping are major inhibitors (@ron_miller wrote a pretty good piece about this)
  5. If we’re not careful we’ll just move the mess from our hard drives to someone else’s
  6. Some Systems of Record will end up in the cloud, if they’re not already there
  7. Services are where it’s at

Bonus Material

I couldn’t decide which song I wanted to use for this post, so you’re getting three:

  1. CCR – Have You Ever Seen the Rain?
  2. CCR – Who’ll Stop the Rain?
  3. SRV – Couldn’t Stand the Weather

A couple definitions for those that think it should be “on-premise”

  1. http://oxforddictionaries.com/definition/premise
  2. http://oxforddictionaries.com/definition/premises

 

ECM Isn’t


No ECMI finished reading this article from CMS Wire (I don’t mean I actually read the whole article) and it got me thinking …

Between that article, others I’ve read, and some of the projects I’ve been working on this year, this whole ECM thing is a total crock. The vendors, the consultants, the analysts, and the professional bodies are conspiring against the customers and themselves to prevent success (what defines success on a quarter by quarter basis beggars belief).

“We just bought an ECM and we’re not sure what to do with it.” is something one of my clients said to me earlier this year. Actually, a variant of that statement is something I’ve been hearing ever since I got involved with ECM. So clients don’t really know what they’re doing. Right? Sort of.

Clients have been listening to those of us who make our livings by “doing ECM” for far too long. Vendors sell licenses and get compensated on how things went over a fiscal quarter, plus the annual support and maintenance fees. The fact that less than half of the licenses purchased have actually been deployed means bugger all. Consultants (I’m one, BTW) come in and develop all sorts of strategies to help manage or govern information (they’re not the same thing) without any stake in what goes on after the engagement is over. Analysts, many of whom are paid by vendors and service providers, come up with all sorts of nifty schemes for scoring offerings and invent new sectors. Professional associations put on marvelous conferences where you get to listen to prognostications from vendors, consultants, and analysts that further … the agendas of vendors, consultants, analysts, and professional associations.

I don’t for a minute mean to imply that there is any malice intended in any of this; there likely isn’t. The problem is that we’re in a vicious cycle that we created. We’re all afraid to step back and admit that we ballsed it up, big time. ECM was a good idea at the time. Times have changed, sunshine. ECM is dead (assumes that it was actually alive in the first place) and has been replaced by Information Governance (IG) (which is not a synonym for records management, as a certain professional organization would have you believe). The promise of IG is … I don’t know what the promise is; there’s a bunch of marketing departments out there that will let you know. As far as I can tell IG is ECM with some Big Data, ediscovery, and analytics stuff thrown in (yeah, I’m simplifying); as my dad used to say, “Same shit, different day.”

Despite the changes over the last few years, the stuff I want to see is still the exception; getting value out of information and solving business problems. In a recent client engagement the client told me that they wanted to move HR documents into SharePoint. Why? Because, SP is our ECM pillar. What’ll you do with the docs once they’re in SP? What do you mean?

The above snippet is an example of ECM gone wrong. Move your stuff into a managed repository as a replacement for shared drives. Holy Crap!!! The vendors dig this stuff. The consultants love figuring out a migration strategy. The analysts love another data point. The professional associations love another case study. The client loves … well they love nothing because they’re not getting any real value other than ticking a checkbox.

Who the hell manages information for the sake of managing information? Don’t you want something that leverages information to create value? What if someone just said that there’s a bunch of stuff they need to do that relies on information and that they need to secure that information? What if they could do that without running out and financing some account exec’s BMW or Caribbean vacation?

I’m not suggesting that organizations not buy ECM related software and services. I’m just suggesting that before they do they actually figure out what the end game is and what they’re missing to achieve it. The longer I stay in this game the more I’m certain that achieving ECM-ness is really a matter of processes and will, rather than spending tons on software licenses.

If an organization doesn’t have the processes and will to get their information under control and leverage it, spending butt-loads on software will get them nowhere. If they do have the processes and will, they’ll be able to make stuff happen without the big spend (they’ll likely have to spend some coin, but not what you’d think – integration is wonderful).

Which brings me to …

Cloud. Oh yes! Cloud services are here to stay and we need to figure out how to make them work within all the rules and constraints that apply to us. Jamming our fingers in our ears and ignoring things is not going to work. Going forward, cloud services and mobile devices are part of the mix. We better dump the outdated ECM model and wise up to the fact that the model has changed (for the better, IMO). Cloud services and consumer devices are going to be the norm, but they are not going to be the only thing. There will, for the foreseeable future, also be on premises components. The key is going to be to stop thinking about the enterprise. Really, it is. Any organization is an agglomeration of businesses, each with their own needs in terms of information, governance, processes, tools, etc. Why then go for an enterprise play? Solve stuff one business at a time, one opportunity at a time. Connect the dots as you move along.

Industry research has shown over and over that organizations run multiple content repositories from multiple vendors. They run them for different purposes driven by different factors. What makes any vendor, cloud or otherwise, think that this is going to change? I actually think the vendors secretly agree, but it makes for crappy marketing to say it out loud.

Organizations are hybrids of various businesses. Why can’t this industry understand, then, that managing content requires a hybrid approach? I don’t think this is going to change anytime soon.

Claims processing, mortgage approvals, patient diagnoses, learning material production, repair manuals, safety procedures, employee onboarding … tell me how to make these things better, cheaper, easier, and more efficient, without compromising confidentiality and privacy. Tell me how I can execute these things wherever I or my colleagues happen to be. Tell me how your stuff is gonna work with stuff I already have to make this happen. Don’t tell me that I need to buy 3,000 seats of something and you’ll build me something.

Bottom line … make the customer the center of your universe. Focus on what the customer sees as value. The proportion of organizations that operate purely on fear and risk is pretty small compared to organizations that need to focus on value. Focus on selling me something and I won’t sign anything until the last day of the fiscal quarter; I used to work for a couple of vendors, I know how the game works.

Here’s a couple things you ought to read:

  • Joe Shepley wrote this piece in late November; heed his words and you will actually accomplish something.
  • Chris Riley wrote this earlier this week; he’s as fed up as I am. Maybe a little more.

To wrap things up:

  • ECM isn’t
  • Policies, people, and procedure are way more important than tools
  • Offence (value) before defence (risk)
  • Cloud and on-premises are like wine and cheese; better together but don’t always smell so good and sometimes give you a headache
  • Information is like wine; better when shared. But share according to who’s got a palate refined enough to appreciate it.

YOU are the problem


I wanted to try something a little different for this post. I’m doing an assessment of what went wrong with Alfresco for a Canadian university. They purchased Alfresco back in 2008/09, initially to handle some of their web content needs. Things haven’t gone so well. Below is a quick wrap up email I sent to the project sponsor after the first few days of stakeholder (patient?) interviews …

I just wanted to give you a quick recap of the last few days:

  • Of the people I spoke to, no one advocated for getting rid of Alfresco
  • Unless something to the contrary comes up in the next few weeks, there is no reason to believe that Alfresco is the problem
  • Alfresco was likely the wrong choice back in 2008/09, but the product and company have since matured to the point where it’s no longer the case
  • There is a general feeling that Alfresco is/was underfunded, under-resourced, and lacking in executive buy-in / mandate
  • It appears that there is no executive support or commitment to mandating Information Management practices using Alfresco as a standard tool set to implement
  • There was/is an element of Alfresco (or any ECM platform) being a magic bullet, rather than a platform on which to build solutions
  • It seems that all the Alfresco initiatives over the years have been done as individual projects, rather than under a program of managing information
  • The consulting services engaged focused on the mechanical & “how to” aspects of Alfresco and related tools, without any of the advisory & “what should we do, why we should do it” services

At this point it’s my opinion that the problems are cultural and environmental. If the culture and environment change Alfresco will succeed, providing the right resources are engaged in the right way. If the culture and environment don’t change Alfresco will fail, as will any other platform brought in.

Guerrilla Tactics – IG Whether or not they want it


Gas Mask VeggiesOn September 18 the Information Governance Initiative hosted a twitter chat to discuss their 1st annual report. At some point in the chat I referred to myself as using Guerilla tactics to apply Information Governance practices in client projects.

Question 3 of the chat was “Do you have any active InfoGov projects under way at your organization?” Now, I’m a consultant so for me the question’s really about my clients’ organizations. My answer to the question was “No. My client has biz projects that are being framed by good #infoGov practices.” Followed by my comment “I am turning into an IG Guerrilla Tactician.”

Just because your client doesn’t have IG budget, programs, or projects, doesn’t mean that good IG practices can’t be infused into the projects that are happening.

I have yet to work on an Information Governance project for a client – they just don’t want to hear about it. That doesn’t mean that I execute projects while ignoring IG practices. For example: I am currently working on a couple of SharePoint projects for a client. One project is to develop a site for their regulatory team to build and submit applications to a regulator. The second project is to create and publish field reference manuals. Both of these projects have concrete business objectives; neither has any sort of IG or IM as part of the mandate. In fact, until I got involved no one was even thinking about applying any sort of overarching IG/IM policies or procedures into any of the projects, much less on an organization wide basis.

The client’s environment is rife with poor information governance and management practices:

  • Content duplication;
  • Emailing attachments instead of links;
  • Information silos;
  • Keep everything forever;
  • No centralized accountability for information;
  • Won’t mention the fustercluck that is their SharePoint environment;
  • No metadata standards or taxonomy;
  • Severely limited search capability;
  • No use of automation for capture, tagging, sharing, or routing of information;
  • A rudimentary file plan and retention schedule that is largely ignored;
  • Etc.

The funny thing is that many people at the client know that much of what they’re doing is wrong, even if they don’t know why it’s wrong. What they don’t know is how to eliminate the bad practices and replace them with good practices (forget “best practices” they really only exist in theory). They also don’t know, in all cases, what a good practice is.

We start with Principles of Holistic Information Governance (PHIGs). The clients like them because they’re common sense and written in English; they’re also loose enough so they can be adjusted for the business being supported / addressed. We also use an iterative approach to designing and building the solution (it’s very agile-like) that involves all the major business and technical stakeholders (the pure tech stuff takes place off-line). Our focus in these projects, beyond solving the problem, is really on two things: 1) eliminating waste (effort and info); 2) delivering a solid user experience. We also impose a lot of rules around how information is created, managed, and delivered. To illustrate:

  1. Thou shalt send links, not attachments (client VPN is an obstacle that’s being dealt with in a separate project);
  2. Thou shalt use versioning rather than sending more copies with “v2_0_3_d_SOMEGUY_Edits” in the file name (change mgt and training required);
  3. Thou shalt label thy contributions appropriately (we’ll help by implementing some workflows and forms);
  4. Thou shalt not make copies when thou needst them not (metadata and user roles will help users find what they need, proper backup & restore will be implemented);
  5. Thou shalt not keep thy stuff indefinitely (ah, retention and disposition policies will finally be enforced);
  6. Thou shalt not facilitate unauthorized access to information in thy care and keeping (keep it in the repository, where it can be secured);
  7. Thy content is not thine, it’s thy employer’s.

As we’re working on things like metadata models, user roles & groups, user interfaces, and other stuff, we’re doing so with the view that we’ll be creating a set of practices that the organization can adopt for all projects going forward. We’ve even got a couple of really hot SharePoint people on the project that are helping us to define repeatable SP practices. There’s only one tiny problem with our approach …

can-of-worms

At a recent Steering Committee meeting, our venerable Project Manager invited two guest speakers: 1) Jason – to talk about SP standards and best practices; 2) me – to talk about PHIGs and IM best practices. Jason and I said the same things, albeit focusing on our particular areas of expertise. All was well until the VP of IT realised that while we were doing some really good things on the project, these things were totally under the radar. Much to her credit, instead of demanding that we revert to the client’s methodologies (which were in part responsible for the current situation), she began asking what needed to be done to leverage the good things we’re doing on this project and apply them across the organization.

So what’s next? Well, the client is having me get involved in at least one more of their projects; SharePoint will be the deployment platform and IG will provide a foundation. It’s not a SP or IG project; it’s an HR project that relies on information. Sometime in October Jason and I will be invited to speak to the corporate governance council; Jason will talk about SharePoint and I’ll talk about PHIGs. The whole point of our attendance will be about how to get this heavily regulated client to adopt good practices for managing their information and the technologies they use to access it. Pretty cool, I think (I might even wear a tie).

Sometimes you’ve just got to sneak IG into your clients’ projects the same way that you sneak veggies into a recalcitrant child’s diet.

%d bloggers like this: