At this point, I’ve covered the first two Content Management steps towards achieving the proper Information Governance, knowing. The remaining steps are ones that the industry executes fairly well today, at least from a technical perspective. It just feels like a failure because we historically fail to Capture and Organize content properly.
The third step is Control. Control is something that most organizations have mastered, perhaps a little too well. If a piece of content gets into the system, locking it down is easy. The challenge here is not the technology, but the basic approach to controlling content.
Just Enough Control
When talking about control, there is a balance that needs to be struck. Content needs to secured so that people who shouldn’t see the content don’t see the content. Draft financial statements and salary information are two types of content that need to be properly controlled.
The problem is that too often, the approach is to start with granting no access to anyone and then adding the people or groups that need access. This approach works great for the scope of a piece of content’s active life.
The issue comes about content’s passive lifespan?
If I am a manager for a new program, how do I get started with the basics? The default answer is having a conversation with the boss or a peer. That chat usually ends with the statement, “I’ll email you a copy of the presentation from Project X.”
Wouldn’t it be easier to make sure that read access was granted to everyone? At a minimum? Then information could be found by searching or browsing. By making content readily available for reuse, the value is increased. By making it easier to find, we improve productivity.
We talk about understanding the value of content and information. Isn’t anything that increases the value of content a good thing while simultaneously improving productivity a good thing?
Control needs to start with the most permissive model and be made only as restrictive as required.
Controlling Content Outside the System
This has always been the real trick. The simple answer is don’t try.
When people need to use content on their device, you have to assume that they will need to access it while disconnected from the world. This means a local copy.
You could permit them to keep it within a defined application. The result will be that within 1 day of implementing that policy, someone will need to email, sign, or edit a piece of content that the policy prevents.
Locking down laptops failed because they became too hard for people to actually use. The same approach for tablets and phones will hit the same roadblocks.
As for Information Rights Management? Simply a headache and too complex for everyone involved.
The answer is education. People should understand that they need to be responsible with their devices and the information on them. Let them know that you trust them and do not want to restrict their ability to work.
People Are the Control
Proper Content Management and Information Governance is not all about systems, it is also about processes and people in the organization. That means that sometimes the answer is a piece of technology but simply working with the people in the organization to help them understand the goals and how it can make life easier for the organization and them.
People, the cause and answer to the problems we face in Information Governance and in technology as a whole. You just have to choose which role you want them to play in your organization.