Time has sure flown by. I
can’t believe that it has been two months since my last post. I guess that is
bound to happen sometimes. For me, blogging is like exercise. When I get in the
groove it is easy but when I stop for a week, I seem to just get into a new
groove. OK – on to the topic at hand.
I want to close (finally) on
what I believe is the biggest information-centric IT trend for 2008 and that is
Information Compliance.
It is actually quite amazing
that this market has taken so long
to develop but I think I understand the reason. IT really evolved in very much
a bi-polar way. By that, I mean that we had IT come together from two endpoint
positions. On one side we grew IT around big corporate systems running OLTP,
ERP and such. Typically, these systems are managed in a way that both
contemplate and address Information security and protection. While not always
perfect, these systems hold information that everyone understand was important,
so the systems we designed with Information Compliance in mind.
Over this same period, we
started to work and collaborate and do business in whole new ways. Email, chat,
the use of the web and other such capabilities moved from interesting tools to
business critical systems. The issue, of course, was that most of these
applications never contemplated the fact that they would manage such critical information.
Take a simple example of
sending an email to a broker to buy or sell some stock. That is, by most legal
definitions, a binding contract. It is also private and confidential.
Communications like this are booming simply because it is so efficient and
simple. Take an industry like healthcare. Imagine the efficiencies that we
could bring to the system if people could communicate more easily with their
doctors.
In fact, companies have
realized, often in abrupt matter that Information Compliance represents both a
risk and an opportunity. On the risk side, all of those emails, IM’s, and file
shares represent a potential risk if confidential information is lost or if the
information is not managed properly. On the flip side, as we develop more
robust ways to protect and secure information, companies and individuals will
be able to leverage more of the latest technologies for business critical and
confidential needs.
Information Compliance, by
my definition, is an umbrella term that entails that we need to be able to
secure protect information both “at rest” and “in motion.” We also must be able to track and audit
information and understand the “history.” We must be able to insure both the
authenticity and privacy of information. We must be able to control the
“rights” that we want to give to individuals relative to a pice of information.
We must have business rules and retention policies that insure that we have
retained all of the necessary information. Finally, we must be able to
“discover” information that may exist are hundreds of applications, many
thousands of people, and many billions of objects pertaining to a particular
topics.
As a whole, this is what
information compliance is all about.
For many companies, putting
more information compliance capabilities in place will be simply about reducing
risk. Over time, this capability will let us do more with our information. We
will be able to share it in more secure ways and interact with more efficiency
and less bureaucracy.
Mark….
Comments