A while ago I was pointed to an article proclaiming that Information Governance is no longer necessary (ROFLMAO). I laughed because I think its grasp on reality is about as firm as that of whoever proclaimed that ECM is dead. However, once you get past the intermangling of “governance” and “management”, there are a couple threads that have validity.
Today’s technology and architecture are definitely built to encourage sharing and collaboration, and that is an awesome thing. As for a good digital workplace being a “bellwether of your company culture”, humph. “Digital workplace” is very tool and mechanics oriented, and has little to do with defining culture. A digital workplace (i.e.: tools) enables a culture that encourages trying stuff out, collaboration, openness, whatever. And the digital-ness of one’s workplace depends highly on what and where one’s workplace is. By the way, I am of the opinion that if paper can be eliminated from the workplace paper should be eliminated from the workplace (please insert caveats about having the right tech available and the required bandwidth). The more digital “aides” we have to help us do our core jobs and not have to worry about governance and management of information, the better.
(information) Governance is needed. Always has been, always will be. The level (think rigour) of governance required, and the manner in which governance is implemented vary depending on what information is in scope, what your regulatory obligations look like, what your internal policies are, and on and on and on.
The way work gets done and the tools used have changed to the point that governance has to change, rather than go away. The reality is that governance needs to be more stringent than ever before. Solution architectures today are designed to include multiple services, applications, data centres, and service providers. Regardless of how nimble and user-delighting the solution is, the governance requirements and challenges are exponentially tougher than when all you had was a single custom application that no one liked but it did the job.
We’re being handed ever more simple and elegant devices and apps with which to do our jobs. But, as everyone ought to know, the easier things look to the user, the tougher it was to build it and maintain it, and to impose an appropriate level of governance.
Fortunately, the tools we’re using to do information governance and management are changing as well. Egnyte, Dropbox, Box, Google, and a host of others are delivering applications and experiences that make many aspects information governance and management easier and more lightweight, and hidden from the everyday user. Even some of the legacy ECM vendors are getting in on the act.
Goodbye Governance? I don’t think so. What I find a bit amusing about the article is that it was written by someone who works in a space that, from a tool perspective, is littered with stories about failures that could have been prevented with … GOVERNANCE! Governance, you’ve come a long way, baby. (quote plagiarized from some 1970’s ad campaign for a product that’s no longer legal to advertise).
In this video, from Boxworks 2016, I express some of my thoughts about information governance, and how Box is approaching it. For those of you interested in ECM, cloud, and information governance, Boxworks 2017 is coming up in October. You should go. Maybe I’ll see you there.
If you love the video so much that you want your very own copy, you can download it right over here.
Whether we like it or not, we’re storing more and more content in the cloud, and that content needs to be governed. Here are some things that I think about and talk about with clients when they are getting started with Information Governance (reg req’d):
- To paraphrase Ann Cavoukian – You can outsource your data but you can’t outsource responsibility. All of the rules and regulations that applied to your content in your data center still apply. If something goes wrong you are still, ultimately, responsible. You may or may not have company in court or jail.
- Content in the cloud is likely more secure than content in your data center. Remember all those breaches that were so widely publicized? Well, most of them happened to corporate data centres. Companies whose business is storing other companies’ data haver better tools and resources to secure data than you do; it’s their job.
- To be effective, managing and governing content in the cloud needs a modern, simplified approach. Trying to manage content like it’s paper or stored in on-premises repositories just isn’t going to work. You chose cloud content management because it’s a better, modern experience for your users, governing your info can’t break that.
- FOCUS ON THE VALUE OF YOUR INFORMATION. IF YOUR ENTIRE APPROACH TO GOVERNING INFORMATION IS BASED ON MINIMIZING RISK (LITIGATION, LEAKS, ETC.), YOU ARE NEVER GOING TO BE ABLE TO FOCUS ON LEVERAGING THE VALUE OF YOUR INFORMATION ASSETS. IT’S THE VALUE THAT’S GOING TO ENABLE YOU TO INNOVATE AND TRANSFORM YOUR BUSINESS. (colour and bolding as requested by a loyal reader – thanks, Dan)
- Start Something. Anything. Sitting around navel gazing is going to result in you being crushed. Pick something small, easy, and safe, but with tangible benefits and get going. You don’t need to have everything planned and analyzed to get started; you just need to have enough thought out to allow you to get moving. Remember, some governance is better than no governance.
- BONUS THOUGHT – Your information governance doesn’t need to be perfect, it merely needs to be good enough to get the job done and to allow you to meet your obligations.
This Box whitepaper (reg req’d) provides some additional thoughts about Information Governance for cloud-stored content, as well as details about how Box is tackling some of the necessary functionality. We (Box and I) would love to chat with you about Cloud IG. And as always, I’d love your feedback about this post and the paper.
 Ann Cavoukian is the former Privacy Commissioner for Ontario (1997 – 2014) and is currently the Executive Director of the Privacy and Big Data Institute at Ryerson University.
Two key changes from last year really made me happy:
- Box’s enterprise customers (at least the ones on the panel during the analyst event) are calling Box content management (advanced content management, even);
- Box is unequivocally stating that Platform is the base upon which the Box application is built – they weren’t so clear about that last year.
On a personal level, the first of those makes me the happiest because, along with Cheryl McKinnon of Forrester (my reaction to Box’s inclusion in the Forrest Wave), I was the first analyst / person-who-should-know type that came out and unabashedly called Box an Enterprise Content Management vendor. Here’s my post from June 2015 when I first called Box ECM (you can also get to the whitepaper I wrote on the topic via that post). Whatever. I’m just happy and gratified that Box is finally being seen as what they are. I’m guessing they’re pretty pleased about it as well.
Remember in this post I included a footnote stating that BoxWorks could be a better Information Management / Governance conference than the AIIM conference (I didn’t even mention that records management conference or organization)? Yeah, nothing took place at BoxWorks that made me change my mind.
On to my thoughts about the conference happenings … I’m not going to recap all the announcements; they’re available on the Box site over here and elsewhere on the web and on Box’s site. There were a bunch of announcements about making Box more usable, intuitive, and user friendly, but they didn’t tell me that Box Capture for Android is coming. Box Desktop, Files, and Notes are much needed improvements that are coming, and will make for a much better user (yeah, I said “user”) experience.
If I’ve got this all right, Box Platform can serve up Relay (workflow) and Governance (governance), as well as versioning and all the other mundane content management stuff as a service. While that’s very cool and all, what I really find exciting is that there is a growing ecosystem of partners / developers that include companies like Cognizant, as well as in-house IT shops, ISV’s, and small niche / boutique app developers. The potential implications are pretty cool for all the stakeholders. For example – during his session at the analyst event, Jeetu Patel (heads up Platform and Strategy for Box and is a really nice guy) mentioned that: A – all companies are becoming digital companies (glad he gave up using all companies are becoming SW companies), and; 2 – there’s no templates for digital transformation (I am summarizing). So it seems that there is an opportunity for Box to do for digital transformation on an industry basis what SAP did for ERP on an industry basis. Between in-built capabilities and partnerships, Box has the beginnings of being able to build content-centric digital transformation on-ramps / roadmaps / whateveryouwanttocallthem. The Perkins+Will demo was really cool and a harbinger of what is possible.
What’s really cool and significant is that, if the implementation gets done properly, that whole thing about putting governance in the background and letting users just focus on their jobs will actually happen.
There’s also some other stuff happening with Platform and the application that, if done correctly, could make the whole auto-classification thing a reality. There are other ECM providers that have been working on it for years, to very little uptake. What’s happening, I believe, is that Box is trying to solve the same problems, but in a different way.
One of the product managers told me something to the effect that she was talking to her team and they were telling her they knew nothing about Information Management or Governance. She responded by telling them that they were actually delivering it. There’s a whole bunch more detail, but that’s actually a very cool story. It’s possible because Platform takes care of it in the back end.
Regardless of the size of a company, if they operate in a regulated industry they have to comply with the relevant regulations and legislation. At the same time, if you’re one of the smaller players you likely need to do more with less and can’t afford dedicated compliance solutions. Where Box fits is that they don’t know how to do it the legacy way, and this is a very good thing.
During the customer panel at the analyst session, one of the customers, in a highly regulated industry, was lamenting that they could not use Box for some of their controlled documents. The issue is that Box brings out new stuff too fast and the regulators and legislators simply cannot keep pace. That just sucks.
I asked Aaron Levie something along the lines of “do you think that current legislation and regulations hamper your ability to innovate?” I liked that he acknowledged that it’s the customers, not Box, that are actually being hampered. Box’s approach is to innovate to the spirit of the legislation or regulation, rather than to the letter. I.e.: they’ll satisfy the what, but the how may look a little different.
Odds ‘n’ Enns
- One of the most interesting, to me, integrations I saw at the conference had to do with SAP (apparently you don’t pronounce it “sap”). There’s this company based in Calgary, Alberta, Canada that effectively does for Box-SAP what OpenText Extended ECM does for OT-SAP. I don’t know a ton about it yet, but it is something I will be looking into and getting more familiar with. The fact that the folks at e-Wave Solutions have put effort into building a Box-SAP integration in addition to their Filenet-SAP integration (I think I have that right) is significant. They’re not just chucking up content that’s relevant to stuff happening in SAP. No, they’re doing it in an intelligent way that leverages / manages metadata and preserves the integrity of the “records”. That’s kinda cool. Like I said, I’ll be looking into this a bit more.
- One of the really good things about being an analyst at an event like BoxWorks is that you get one-on-one time with some key people at Box. The normal scenario is the analyst asks questions and the company person answers them. What I love about the people at Box is that we both get to ask questions and have an open, frank discussion.
- Thanks to the Box Governance Product Marketing people (thanks, Veena!!!) for inviting me to share some of my thoughts on Box Governance.
- Thanks to Aaron Levie for taking the time to come and chat with us analysts. I’m a bit of a sceptic at times, and I sometimes wonder if certain tech CEO’s are putting on a show for analysts, the press, prospects, etc. After sitting less than thirty feet from him and being able to look into his eyes, I’m pretty certain that Aaron Levie truly believes in what he and the rest of Box are doing.
- Lastly, a huge thank you to Joely, Signe, and Megan for making the analyst day and, especially, the analyst dinner truly excellent. The whole idea of going to a chef’s residence and having a home made meal in a more intimate setting … loved it.
- That pic is what greeted us as we walked into the chef’s home. There were leftovers.
The one thing that I didn’t hear anything about is a service organization that can make it (all this next generation ECMness) happen (Box Shuttle aside). I still believe that without the right services capabilities, things will not progress as smoothly as they could. Overall I’m pleased about Box’s progress over the last 12 months. You could even say I’m optimistic and excited for what they can achieve and change about ECM in the future. The recently announced OpenText acquisition of Dell EMC ECD (ya know, Documentum and LEAP) just made Box a more attractive option for ECM buyers. As one industry analyst type mentioned, it’s a changing of the guard in the ECM space. Among others, Box is leading the charge. Not to say I told ya so, but I told ya so.
Note: this post contains links to every craft brewery in British Columbia and Alberta that I could find. Sadly, I have yet to sample all of their wares.
Anyone who’s been paying attention lately, or who has met me in person, knows that I’m fairly passionate about Information Management and Craft Beer. Depending on the day, my passion for one is slightly higher than my passion for the other. What does one have to do with the other? I’m glad you asked. Please bear with me, this may take a while. Three things happened that resulted in a new vision for me:
- In late June at a networking event in Calgary I met Chris. Chris is one of the co-founders of Caravel Craft Brewery in Calgary. Over a couple pints of IPA from Last Best Brewing, Chris and I started chatting about beer. It turns out that we both love beer, though he knows a ton more about it than I do. My expertise is limited to knowing what I do and don’t like.
- A few weeks later, just prior to the Calgary Stampede, I saw a feature on CBC News about craft beer being shut out of official Stampede events because one of the Big Beer companies had the beer contract. One of the guys from Tool Shed Brewing was talking about how there is more than enough space and thirsty Stampeders for all to benefit. And, what better place and time to showcase all the wonderful Alberta craft beer producers.
- A snarky comment about whether a tour of Village Brewery could be used to make money led to a “why not” moment. I took the picture in this post during that tour, by the way. I also ate a cascade hop pellet – that was a mistake.
So far I’ve been able to find 156 craft brewers in British Columbia and Alberta. Starting with Alberta, I decided that I was going to reach out to all of them and pitch my services to them. I mean, they have a fair bit of paperwork to deal with, right? They produce alcoholic beverages which means much governmental regulation stuff to deal with. They use big shiny equipment which means maintenance and safety stuff. They do stuff which means various types of operating procedures. I’m betting that there is a lot of paper to deal with in a craft brewery and I want to help brewers get rid of it as much as possible. Basically, I want the brewers to be able to concentrate on brewing great craft beer, not pushing paper around.
So I wrote to all the breweries in Alberta telling them what I wanted to do and why. The first response I got was a phone call from the CEO of a brewery located in Calgary. The dude called within 15 minutes of my email and we chatted for about 20 minutes. However, he wanted to chat about craft brewery specific ERP (there is such a thing) rather than content management. So now I’ve got to go and reach out to a bunch of brewery management software vendors, mobile app developers, and consultants to see if we can collaborate (I think we can).
There is a market there, but information management / governance is not the springboard (something I’ve said for some time now, frankly). It’s going to rely on solving the immediate challenges the brewers have and moving on from there. I’m not saying IM and IG aren’t important, they’re just not the immediate need.
So what does the above have to do with the Cloud? Well, a lot, actually.
One of the really cool things I’ve noticed about the craft beer community is that it’s, well, a community as much as it is an industry, maybe more. Despite being competitors, craft brewers collaborate, a lot. Not only do they get together and jointly concoct sudsy, hoppy wonderbeers, they invite others to have guest taps and share brewing facilities to help each other out.
Now, if I look at many of the companies involved in cloud content related stuff, I notice the same thing. Perhaps not with the same level of artistry and fun, but it’s there. If you look at companies like Google, Dropbox, Egnyte, Microsoft, Box, Splunk, GlassIG, …. etc., you’ll notice the level of collaboration and cooperation that exists. In fact, it’s this very collaboration and cooperation that’s going to allow many of these companies to be the core set of cloud technologies that make up the next generation of Information Management and Governance solutions. Craft brewers being what they are, I suspect that cloud apps are going to be of far more interest to them than on-premises solutions.
In the same way that craft brewers experiment with techniques and ingredients, cloud vendors experiment with features, functions, methods, and requirements. Just as brewers have an openness about them, cloud vendors (the good ones) do as well. The end result in both cases is better end products for all. This Brews Brothers collaboration from Parallel 49 Brewing was pretty cool for beer fans; cloud vendors are seemingly announcing new collaborations every week that are pretty cool for those of us interested in managing and governing content.
156 BC and AB Craft Brewers
What follows in this post is pure fantasy and speculation, directly out of my head. Or not.
Over the past few weeks I’ve been talking to vendors and some end user types about Information-Governance-as-a-Service (IGaaS). Forget for a moment that no one vendor does all aspects of IG, or that there’s not even a universally accepted definition of IG. Focus instead on the lighter touch that’s required today when so many enterprise tools are required to have a consumer experience about them. Also think about Content-as-a-Service (CaaS, defined here) and what that means for building the apps needed to work with, manage, and govern content.
To save time, let’s get the fawning out of the way:
- Box – I am unashamedly and unabashedly a fan;
- Egnyte – see Box. I’m not getting into what Egnyte announced in this blog as there are plenty of great summaries around the web, including Egnyte’s site;
- GlassIG – more quietly, but see Egnyte.
Pay attention to all three of those companies if you are remotely interested in Information Governance and/or Management. There are other companies that I think are pretty damn good, but when it comes to managing and governing content in cloud or hybrid environments, these are my three. Oracle Web Center Content would be my go to for on-premises ECM (w/some nascent cloud capabilities like file syncing).
When I mentioned to someone at Egnyte a while back that if they added governance to what they already had they could absolutely kill things, I wasn’t thinking about what came out in Egnyte Protect, announced earlier yesterday (June 7,2016). I was thinking more about things that the AIIM and ARMA crowds, especially ARMA, would consider governance. You know, stuff like retention management, legal holds, classification … all that records management-y goodness.
So, even though I was a little, initially, underwhelmed with what Egnyte did release, I sat back and thought that it’s not necessarily a bad thing. What was released is good and what’s coming up is good. Without getting too deep into the weeds, let me paint a little picture for you …
Let’s pretend, for the sake of discussion, that my organization just went out and procured Box as a content management platform. Let’s also pretend that I’ve got stuff stored in SharePoint and network drives, and that in addition to the standard security stuff, I also have to deal with internal policies and external regulatory requirements, a lawsuit or two, some retention requirements, …, you know, a bunch of IG stuff. Let’s also pretend that I want to monitor who’s doing what with content to determine its effectiveness. In other words, let’s say I need to manage and govern content like it’s 1999, but my content isn’t all paper or in one convenient spot that’s on my infrastructure. My point is, the what of what we need to do hasn’t really changed all that much; why, and especially how, have. Ideally, I want to, as much as possible, centralize policies and controls. Enter my IG Mirepoix (yeah, I just made that up) …
In order to meet the requirements outlined above, one could go to each of the individual repositories and do what’s necessary, hoping that things stay in sync and no one ever forgets to do anything in any of the repositories. Even if all that happened, there’s still nothing in place to handle any of the records management, legal hold, and discovery functionality needed. Note to self – go buy more software that needs to be installed, configured, and maintained. Or …
Deploy Egnyte Protect to handle my security and analytics across all the in-scope repositories; deploy GlassIG to handle the records management and related functions. The fact that two tools are needed is not an issue as the tools will be used by different roles in the organization.
I know mega-suites were all the rage for a while, but look what happened. I like the approach outlined above because it’s a best of breed approach. Each tool gets used for the stuff it’s best at. There are areas of overlap between Egnyte Protect and Box, and between GlassIG and Egnyte Protect, but it’s using the three tools as complementary technologies that, I believe, provides the greatest overall value to organizations.
Consumer and enterprise file synchronization and sharing popped up because people needed a way to easily share and collaborate on business content. This gave rise to the “Dropbox problem”, which is just stupid and ignores the real problem; organizations didn’t provide their people with policies and tools that allowed them to GSD. Today there are plenty of options, consumer and business grade, that provide a cool experience with the security and controls that business and IT need.
Organizations that haven’t sanctioned business grade file sync and share are foolish and open to a world of pain. If they think that their people aren’t chucking content around in the wild, well, think again. Go fix that problem, it’ll take all of 5 minutes.
The bigger problem today is figuring out what goes in the cloud and what doesn’t, and then providing access to it (don’t use this as an excuse to do nothing, start with something easy and low risk). The reality is that, for any number of reasons, not everything can be chucked into cloud based repositories. Even if an organization were committed to putting 100% of its content and processes into cloud services and repositories, that would not happen overnight. That reality means many, many organizations are going to require hybrid solutions.
The image above is not an unreasonable representation of what many organizations are faced with. It’s fair to say that even if you remove the cloud based services, organizations can’t adequately provide a single point of access to all of the on-premises content people need on a day to day basis. The problem is exacerbated when that content must be shared and collaborated on by disparate groups of stakeholders. Now add in other information governance and management requirements, such as metadata, classification, retention-disposition, e-discovery, process integration, legal and regulatory compliance, and security and the challenge is more difficult still. Toss in some cloud services and repositories and what do you end up with?
The real initial challenge was conceptually pretty simple: “I want access to content from wherever I am, using whatever device I want, and I want to work on that content with whomever I need to work on it with.”
The likes of Google, Dropbox, Microsoft (OneDrive, not SP online), Box, etc. solved that problem, but in doing so created other problems, both real and perceived. The perceived problem they created was a security one. Trust me, it’s less of a problem than most organizations storing stuff in their own data centres or networks is. The real problem they created was around information governance and management, which is a strong suit of many Enterprise Content Management (ECM) vendors.
ECM vendors like Alfresco, EMC (prior to selling off Syncplicity), OpenText, and Oracle tried to solve the initial problem, and did a fair job of it. The big problem there was cost. In order to use their file sync and share capabilities you had to be using their repositories. Sure, you could opt for a cloud deployment, but you’re still running a full-blown ECM platform (which is not necessarily a bad thing).
Google, Dropbox, Microsoft, Box, Alfresco, OpenText, and Oracle all work on the premise that your content is in their repository. If it isn’t, oh well. Syncplicity allows access to Documentum and SharePoint content, so I’ll categorize that one as a not quite semi-open option, though it does work on-premises and in the cloud.
Accellion, AirWatch (VMWare), Egnyte, and Citrix all offer hybrid solutions that may or may not work with ECM repositories in a limited capacity. However, from what I’ve seen from some of those guys the user experience is not always, shall we say, pleasant.
Of the ten vendors I’ve identified, not one is capable of providing secure, mobile access to all an organization’s content, and governing and managing it. Not one. Go and check out the latest Gartner (MQ) and Forrester (Wave) reports ranking the best of ECM and EFSS (silly market categorization); of all the vendors in those reports combined, not one can provide that combination of access, search, security, and governance.
Now, if a service were providing access to content in an ECM repository there would be no real need for that service to also provide all the information governance and management capabilities. Maybe I’m making the problem bigger than it really is. On the other hand, OneDrive, Google, and Dropbox have no governance / management capabilities to speak of, and what’s available from Box is 1st version functionality that has improving to do.
As far as I’m concerned:
- The initial problem has only been partially solved;
- There was not, is not, never will be a “Dropbox problem”;
- Sharing and collaborating on content is easier today than it was a couple of years ago;
- Platforms, apps, and API’s are the way forward;
- There’s still a long way to go, but holy crap have opportunities for innovation and transformation opened up.
 GSD – Get Sh!t Done
Over the last couple of weeks I’ve been approached by recruiters that wanted to chat with me about taking on some Information governance and information management work. Two of the opportunities are in Calgary, a little over 300kms from where I live, the other is local. One was for a credit union, one for a pipeline company, and the last for a provincial government ministry. All three organizations are looking for a senior resource that could deal across the enterprise to get programs in order, drive change, and be THE subject matter expert for all things related to governing and managing information. The proposed rates are as follows:
- Credit Union in Calgary , 3 days/wk onsite – $70-$75/hr, no travel expenses
- Pipeline company in Calgary, 5days/wk onsite – +/-$90/hr, no travel expenses
- Gov’t ministry in Edmonton (local) – $70/hr
Travel alone would cost me approximately $350/day, plus the mileage to drive between Calgary and my home (approx. 600km*$0.48/km = $288/trip). Add the expenses up, and over a 5-day week I’d need $51.25/hr just to cover my expenses. Obviously the travel thing isn’t an issue for local projects.
The travel thing is bad enough, but what really gets me is the total lack of value a recruiter or client places on my time or skill. These people have to understand that what I know and do is not a commodity skill set. I didn’t just learn this stuff in school last year. I, and my peers, spend a ton of time educating ourselves and getting better at what we do. We’ve got many, many years of experience that makes us the experts we are. We are not a bunch of generalists that are a dime a dozen. In every sense of the word we are professionals and deserve to be treated, respected, and compensated as such.
The other thing that really bugs me about this situation is that it’s indicative of many organizations not having a clue about the value of information. Information is an organization’s most or second most important asset. By going cheap on the resources that they’re trying to engage, they are going to get burned; it’s like hiring a barely qualified bookkeeper to manage financial assets. IT. WILL. END. BADLY.
You’re all familiar with ERP, right? Nobody complains when an SAP consultant comes in with a high hourly rate. They bring skills and experience that are hard to find, and they deserve to be compensated accordingly. As I told an executive at a Swiss bank several years ago, “This stuff’s (ECM) way harder than ERP.” He agreed. Prior to his role then, he’d spent 15+ years working on SAP projects, and we were about 3 months in on an ECM project. The way I figure it is if one is willing to pay premium rates for the skills needed to manage an organization’s financial assets, one should also be willing to pay premium rates for skills needed to manage information. After all, not everyone in an organization touches or is touched by ERP, but if it’s done right every soul in an organization and all their stakeholders ARE touched by information, whether they realize it or not.
My billing rates aren’t cheap, but they are reflective of my experience, skills, and the value I add. I’m nowhere near as expensive as the big consultancies, by the way. I understand the current situation with the Canadian economy and that our currency is taking a massive beating right now, but that does not mean I will be bent over just to win a project. It means that if there’s a good match between me and the potential client, I will be flexible, within reason.
If organizations are going to get serious about governing and managing information, and leveraging it as the asset it is, they are going to have to pay for the expertise they don’t have in-house. If they continue to try and cheap out, well, you get what you pay for. Good luck to ‘em, here’s a couple horseshoes.
So Box came out and announced Box Governance this week. For those of you thinking that Box is just one of the surfeit of file sharing providers on the planet, think again. Box has been steadfast in stating that they are providing content management and this week’s announcement is further proof of that.
Box Governance provides three important capabilities: 1) Retention Management; 2) Content Security Policies (really should have something about “sensitive information” in the name); 3) Defensible eDiscovery. While having these capabilities available is in and of itself a major step forward, it’s also important to note that organizations that choose to deploy Box can now claim compliance with a number of government and industry regulations and standards (e.g.: PII, FINRA, SOX, SEC 17a-4). However, the most important thing about this announcement, in my opinion, is that it serves to remove additional barriers to including Box in the conversation when talking about Enterprise Content Management vendors (pay attention Gartner, Forrester, IDC, et al). Coupled with Box’s Enterprise Key Management (my post on the topic) announcement earlier this year, organizations relying on FUD (Fear, Uncertainty, Doubt) to exclude Box from consideration are losing rationale for doing so. Security and information governance are what separates true managed content from just another shared drive, and Box has them. Bleat all you want about cloud not being secure and cloud content repositories being unmanaged messes, it’s not working anymore.
Since BoxWorks last September (my thoughts) Box has made a number of feature additions, announcements, integrations, and alliances that are moving it closer to being able to deliver the right balance of System of Record and System of Engagement. At this point it’s still a little ugly and cumbersome for administrators to configure the backend to deliver the various governance, workflow, and security bits to work properly, but that’s what the team at Box Consulting is paid to help with. Those paid to worry about security, legal, regulatory, and audit have less to worry about now than a few months ago. From a content consumer/contributor perspective it’s all pretty slick and that’s what it’s all about.
It’s no coincidence that a white paper I wrote for Digital Clarity Group was released yesterday. The paper is about the next generation of ECM (#ECMnext) and how Enterprise File Sync and Share (EFSS) platforms will provide it. We’d (Box, DCG, me) love to get your thoughts on the paper. Feel free to reach out to any of us (you can reach me via email at firstname.lastname@example.org as I am no longer with DCG) to rant or rave. There’s no data collection, fees, marketing gates or other intrusive nonsense to get the paper, so download The Next Generation of Enterprise Content Management to your heart’s content.
Regardless of what you’ve been hearing, Enterprise Content Management (ECM) is not dead. For years ECM has been harangued as being overly cumbersome, overly expensive, overly difficult, and underwhelming when it came to delivering benefits. That’s all about to change…
The manner in which ECM is delivered is going to change. Taking a cue from what consumers have come to expect in terms of the technology they use for personal reasons, a subset of Enterprise File Sync and Share (EFSS) vendors, led by Box, are emerging as purveyors of ECMnext – the next generation of Enterprise Content Management platforms. The focus is on how and why people create, consume, and share content, supported by a foundation that provides the security and governance required in today’s digital business environment.
This whitepaper explores the short-comings of legacy ECM platforms, and how ECMnext vendors can step up and deliver what we’ve wanted out of ECM all along. While there’s still a ways to go for ECMnext platforms to be able to completely replace legacy ECM platforms, the basic building blocks are in place and the roadmaps are pointing in the right direction.
You can download the whitepaper directly from here.
If you need a little more evidence that ECM is changing, take a look at Box’s announcement about their governance functionality: Introducing Box Governance – Delivering Control and Compliance in the Cloud.
I just spent the last few days (May 25th – 27th) at the ARMA Canada conference in Calgary. As you’d expect it was great to get together with people that I typically only engage with online. But that’s not the reason I go through the effort and expense of attending. I come to this and other conferences to learn and see what’s new, and maybe make some new connections (that whole networking thing). Unless there’s something really compelling (there wasn’t, for me) I do much of my learning on the trade show floor rather than by attending sessions. I try to figure out what’s new, innovative, and exciting by talking to the vendors and attendees.
- What’s new? Other than RSD’s first appearance (I think) at ARMA Canada, nothing really.
- What’s innovative? Nothing really.
- What’s exciting? Nothing really.
The problem seems to be that the Records Management community is not evolving with the times. Sure, they say “information governance”, but I’m not convinced they know what it means or what the implications are. They talk about social media, but do they use it (there was actually a session during which they were taught to tweet). They talk about cloud but then do nothing about it other than give in to the boogie man prognostications. Shit! Even the younger RM folks are sounding like the older ones who are close to retiring.
Based on what I saw and heard at the conference, I hold no optimism that the state of Records and Information Management will join the 21st century any time soon. RIM professionals are complaining about not being given the dues and respect they deserve (and they DO deserve it) but they have to take it, not wait for it to be handed out. ARMA Canada as an association is not helping. They’ve had pretty much the same content, speakers, and vendors since I went to my first conference in 2008. Yes, the names have changed, but you know what I mean.
I’m not sure how, but ARMA Canada needs to freshen things up a bit. Dump the vendors that do nothing but SharePoint stuff or physical records management; that stuff hasn’t changed since the shelf was invented. Attract vendors that represent the new way of doing business and are influencing and enabling digital transformation of business. Solicit speakers that want to do more than talk about how to build another functional file plan or how to implement an ECM platform. ARMA Canada needs a slate of speakers and vendors that represent a balance of what today’s realities are, and what the very near future will hold for managing information.
I’ll wait until I see what the agenda for next year’s conference is, but if it’s pretty much like this year’s this is likely my last ARMA Canada conference for a while. And if things don’t change fast, the RIM profession will be further marginalized, and I’ll likely contribute to the further marginalization; not because we dislike RIM and RIM professionals, but because the rest of us have to move forward to succeed.
Just to add a little positivity …
Over dinner with a friend of mine I got a good look at Oracle’s Document Cloud (I think that’s the name). It’s Oracle’s offering to the EFSS (I HATE that name) market. It’s really, really slick. The version I saw (not sure if it’s generally available yet) looks as easy to use as Box (which is what I use for my business). I know a couple of things about where Oracle is going with it, but not a ton. One thing that I do really like about it is that it sits on top of Oracle Web Center Content so all the security, metadata, workflow, and retention are taken care of. By the way, for those of you who care; Oracle’s Web Center Content is likely the best kept secret amongst ECM platforms. It’s a secret because Oracle really sucks at marketing it.
Image taken from http://www.a-tips-of-life.com/tag/awake/