Compliance News & Analysis
| Friday Sep 26, 2014
We've seen an influx of compliance and data security related stories flood news outlets over the past year. With data breaches at Experian and Home Depot, companies around the globe are facing a heightened demand for data privacy and compliance regulation.
Many of these companies have now invested in data loss prevention and governance, risk and compliance programs to help them identify data that may put them at risk. This is data that often exists across enterprise systems (file shares, SharePoint, social systems, and other enterprise collaboration systems and networks) and is referred to as “dark data” -- or data that is not properly understood.
| Thursday Sep 18, 2014
SharePoint stakeholders can't know their risks without knowing their requirements.
And they can't know their risks without knowing the potentially adverse effects of those risks.
Bill English, 11-consecutive SharePoint MVP winner, champions these thoughts. Knowing your risks and potential outcomes can lead to strong governance and compliance.
And as English told an audience here today at the SharePoint Technology Conference at the Boston Park Plaza hotel, "Governance is the enforcement of compliance."
| Tuesday Aug 5, 2014
Making people believe they have effective risk management because they discuss a point-in-time list of so-called “top risks” and set limits for those few risks is making them believe in fairies.
It is setting them up to be surprised and for a failure to deliver success.
| Tuesday Jul 29, 2014
Any company that stores information on a computer is storing knowledge. But not all companies have an effective knowledge management system in place to manage that information. That depends on how the system was planned and how it is managed on an ongoing basis.
Whether you have a new system or an existing one that encompasses several different platforms, it's important to assess whether it is delivering all that it can for your organization. How can you do that? An (enterprise content management) ECM Reference Architecture can help you understand gaps and redundancies from a platform perspective.
| Friday Jul 25, 2014
New York politician Anthony Weiner's sexting scandal. Actor Ashton Kutcher's defense of the late Penn State football coach Joe Paterno. Former corporate communication director Justine Sacco's racist comment.
If mistakes like these have taught us nothing else, it's that social media can create viral reactions that linger on and on. It also proves that, contrary to popular belief, there is such a thing as bad publicity.
What are the consequences? In an office environment, not only is a job on the line for the offending employee, but companies can easily find themselves at the wrong end of a lawsuit filed by the offended worker.
What's worse, many companies have yet to establish social media polices — and even some that do adopt policies find they may violate federal labor laws.
| Thursday Jul 17, 2014
There is no specific, prescriptive path to guarantee your business will be covered for every eventuality and incident it may encounter. But by following three steps, you can get you -- and your organization -- in a proactive compliance and security mindset.
| Tuesday May 27, 2014
Today’s governance, risk and compliance landscape is complicated and difficult to understand, let alone implement and maintain. Those under pressure to maintain environments held to standards set by external regulatory control (and usually internal policies and best practices) have a difficult task.
| Tuesday May 27, 2014
If you've been at an organization where compliance, IT and the business seem to speak different languages when they talk about information management, you know how difficult it is to get them all on the same page. The task is so difficult at most organizations that each typically does their own work -- blinders on -- in isolation from one or both of the other two in an effort to simply get something done. The results for the organization range from less than optimal (wasted time and money) to disastrous (smoking crater fines/penalties and massive operational disruptions).
When working with clients, I liken this state of affairs to whatever the political debate du jour is on the news -- where both sides are seemingly speaking different languages and there’s no agreement on the common ground.
| Thursday May 15, 2014
Power brings responsibility, and social media power means that companies have a responsibility to manage the accompanying risks and obligations. A new Forrester Wave report profiles the leading vendors for those tasks.
The Forrester Wave: Social Risk and Compliance Solutions, Q2 2014 report [fee charged] points to the growing number of ways that social media presents issues for organizations.
There's reputational and information security risks for every company, and companies in regulated fields, like financial services or healthcare, have regulatory and compliance matters that require not only monitoring and management but also archiving.
| Friday Apr 25, 2014
Here are six ways businesses can deal with the SharePoint metadata issue. They range from developing information governance strategies to implementing text analytics and improving SharePoint's native search functions of the SharePoint edition they work with.
The projects were identified in recent research by semantic search vendor Concept Searching (CS), which called them key objectives for companies that want to get the best out of their SharePoint deployments.
| Thursday Apr 24, 2014
Nearly 30 percent of organizations are still using SharePoint 2007, only 34 percent of organizations have turned to Office 365 and very few organizations have information governance strategies in place around their SharePoint environments. Those are just some of the research findings from semantic search provider Concept Searching.
The focus of the report was on the use or lack of use of metadata in SharePoint data management. But it also highlighted some interesting future projects for SharePoint-centric enterprises, including migration to newer editions of SharePoint and even the deployment of text analytics with SharePoint environments of the future.
| Thursday Apr 3, 2014
Just a few years ago, there was a clear divide between employer-owned, work-related devices and user-owned personal devices. But as more and more employees bring their own notebooks, tablets and smartphones for work and for personal purposes, that divide is shrinking and in some cases, shattering.
| Thursday Mar 13, 2014
Many businesses claim they have been busy over the past two years developing and implementing records and information management strategies. But scratch the surface and you find many of those strategies aren't especially effective.
Blame a lack of employee engagement, a lack of commitment at the management level and the absence of meaningful ways to measure the strengths and weaknesses of these efforts.
| Tuesday Mar 11, 2014
Both security and compliance are all about establishing (and implementing) standards that ensure an environment where company assets and data is accessed and utilized properly. So if you were asked, “Do you think security and compliance really coexist?” you’d most likely think it a dumb question and say, “Of course.”
But what if we challenge that notion a bit -- not so much to explore if they can coexist, but whether they do.
| Friday Mar 7, 2014
Microsoft’s messaging on e-discovery hasn't changed much since it first launched the service two years ago, but some recent notable changes give it a better position for luring in new customers. If you've never seen the e-discovery platform on the Microsoft stack, start with my first article on the topic as a primer -- it provides the necessary background for understanding what's happened in the last two years. During a session at SharePoint Conference 2014, Quentin Christensen, program manager at Microsoft, provided details on the overall e-discovery story in Office and Office 365.