Concerns over compliance and fears of data breaches are key drivers for information management initiatives in the enterprise. 

That's the finding of new research from the Association of Information and Image Management (AIIM) professionals.

Nearly six in 10 people who responded to this years Information Management Industry Watch report said compliance and data loss issues are prompting tighter information management and governance procedures.

Nearly half of mid-sized organizations (44 percent) also cited the same concerns, although smaller organizations rate cost savings and productivity improvements as more significant drivers for effective information management.

Addressing Risk

“Organizations are starting to realize that if they don’t secure their information or they don’t control the way that information is being managed and shared, then they put the organization at risk," Bob Larrivee Chief Analyst of AIIM told CMSWire.

Organizations are heading in the right direction, there is still some way to go before effective information management becomes the rule.

Problems Persist

The figures also show that while 15 percent have information governance (IG) polices, those policies do not drive decisions. And 29 percent have no IG policies whatsoever.  

“Organizations are rightly concerned about corporate risk but are not aligning their systems so that they can comply many existing systems are not fit for purpose in the social, mobile and cloud age," Larrivee said.

However, he also warns that but before embarking on upgrades and replacements, organizations need to address information governance policies. “This has to be the first step in minimizing risk,” he said.

The ‘usual suspects’ crop up again demonstrating that despite all the progress, there are still a number of issues that are still creating problems for enterprises. Among the worst offenders are:

  • 39 percent describe their email management as “chaotic”, including the largest organizations
  • 55 percent agree that email is their big untagged, ungoverned, high-risk content type
  • 22 percent believe that their enterprise content management project (ECM) is stalled and admit they are still dependent on their network file-shares
  • 38 percent are actively focused on extending their ECM functionality
  • 30 percent are improving collaboration and 21 percent are working on mobile and remote access

Furthermore, content overload threatens around one-quarter (24 percent) of respondents who have no mechanism to limit stored content volumes, and while 47 percent have an IG policy that defines retention periods, more than half (51 percent) rely on manual deletion.

What About ECM?

ECM was meant to solve all these problems. But Larrivee said most organizations still have multiple ECMs rather than a single enterprisewide platform.

In fact, the research revealed that more than half of enterprises have three or more systems in place and nearly a quarter have five or more.

It also found that enterprises are using numerous systems for a wide range of tasks: classic suite-based systems tied to process applications, one or more SharePoint deployments, a number of simpler document management systems in use in different departments and a dedicated imaging system.

Why so many ECM platforms? 

“What I have seen is that organizations will implement ECM and records management at a departmental level. Let’s say they do it for the finance department. Then they decide that the need something in the sales and marketing department. But instead of extending what they have already, they go out and the buy something new, which is why organizations have anything up to five systems in place,” he said.

What they should be doing is looking at how they can extend existing systems beyond their original intent. There is also evidence that this is happening.

“One other thing worth noting in terms of information governance and enterprise systems is that more and more systems are being pulled together so that data and documents that enter the enterprise through customer relationship management systems, or enterprise resource planning systems can have been accessed by ECM systems,” he said.

While all these systems represent another silo that the ECM has to access in order to ensure that enterprise data is government, more and more enterprises are building their infrastructure to enable that.

Accessing this data from one point and for a wider base of users is one of the challenges for ECM. Integration through API and CMIS (Content Management Interoperability Services) interfaces is becoming easier, although some integrations provide a much higher degree of two-way interaction than others.

The research found that 31 percent of ECM systems are integrated with content creation systems, and more importantly, 18 percent with multi-repository search. A further 15 percent have integrations with project or case management systems.

ECM Going Forward

The trend towards better information governance will be a feature of ECM over the next 12 months and beyond.

“We are creating and capturing information at an enormous rate but what we really do with it that really is the questions.  If you take data into the enterprise through email, or any other application you have to decide and what action should be taken around that data and what should be done with it,” Larrivee said.

There are no policies around this in many enterprises so the digital landfills are growing at an enormous rate and will continue to do so until governance polices are put in place.

He adds that over the next year we are likely to see a greater focus on file sync and share as enterprises struggle to manage multiple repositories.

“There will be more integration and interoperability and file synch and share across the enterprise. We are also going to see more intelligence in the industry so that data that is capture will be classified and aligned for multiple use cases."

However, the biggest security threat is not technology but the workforce. As yet, there are few ways to stop workers taking or copying data from the enterprises and taking it beyond the firewall. 

Access a summary of the report here.