Best Practices in Information Governance

Marydee Ojala...... 20 Information Governance Gets Respect Ever get a song stuck in your head? Talking about information governance with experts in the field, I suddenly found myself

reminded of Aretha Franklin’s classic Respect. In the back of my

mind, she was spelling out R E S P E C T in that incredibly strong

voice of hers as background music to my thoughts about how

attitudes toward information governance have changed…

Robert Cruz, ...... 22 Best Practices in Information Governance Actiance, Inc . Information Governance—as a discipline—has undergone a strange and wild ride over the past couple of years. Finally,

we have moved past endless debates on definitions and usable

frameworks, thanks to the efforts of the Information Governance

Initiative (IGI) and other IG leaders and practitioners…

Ken Lownie, ...... 24 The Real Differentiators in IG Solutions Everteam Software According to Gartner, Information Governance (IG) is:

“The specification of decision rights and an accountability

framework to ensure appropriate behavior in the valuation,

creation, storage, use, archiving and deletion of information.”…

Susan Emery, Viewpointe .. . . 26 6 Ways to Keep Business Content from Getting Out of Control Regulated industries such as financial services, healthcare Produced by: KMWorld Magazine or insurance require business to balance innovation and Specialty Publishing Group risk mitigation. Can you keep pace with digital transformation

For information on participating without risking security, privacy or retention policy in the next white paper in the “Best Practices” series, contact: requirements?… Kathryn Rogals Publisher 561.483.5190 Premium Sponsors: [email protected]

KMWorld.com Marydee Ojala is conference Information Governance program director for Information Today, Inc. She works on Gets Respect conferences such as Enterprise Search & Discovery, which is co-located with By Marydee Ojala, Conference Program Director, Information Today, Inc. KMWorld, and WebSearch Marydee Ojala University, among others. She is ver get a song stuck in your head? Talking Cleaning Out the Garage a frequent speaker at U.S. and international Eabout information governance with ex- To find out more about Everteam’s take on information professional events. In addition, she perts in the field, I suddenly found myself re- information governance, I spoke with Firas moderates the popular KMWorld webinar series. minded of Aretha Franklin’s classic Respect. Raouf, the company’s CEO. He likens it to In the back of my mind, she was spelling out the laborious task of cleaning out your garage. Ojala is based in Indianapolis, Indiana and can be R E S P E C T in that incredibly strong voice It’s a task people tend to put off. It’s very easy reached at [email protected]. of hers as background music to my thoughts to put things into your garage, things you’re about how attitudes toward information gov- not sure what you want to do with long term ernance have changed. Just like Aretha re- but you’re not sure you should throw away. quested, information governance is getting Maybe, just maybe, you’ll need that old item Pain Points a lot more respect these days, both when it some day. And so you keep it, along with gets home and when it’s at the office. other “stuff,” until you can no longer park Raouf recommends against telling people And why would that be? Information your car in your garage. You know there’s 10 they need to implement information gover- governance is hardly a new concept. Gain- things you definitely need to keep, but you nance because they’re not likely to under- ing control over internal information has can’t find them amidst all the clutter. When stand information governance as a category. long been an important activity. However, Instead, ask them about their pain points. It too frequently it had low priority and inad- might be archiving legacy operations, mit- equate resources. Now that companies are “The principle of keeping igating storage costs, or migrating to the realizing the value of protecting informa- cloud. By focusing on pain points, you can tion, it is seen as a crucial part of business information stored just in start small, with one application. strategy. This is particularly true of regulat- Everteam’s approach is to focus on the ed industries, such as finance, insurance, case you might need it in pain point and bring in information gover- energy, and pharmaceuticals. the future is not a nance concepts. For example, add retention The Information Governance Initiative schedules to the metadata. This can be easier (IGI; iginitiative.com) is widely credit- good idea… Best practices said than done. Raouf once asked a custom- ed with moving the discipline forward. It er about his company’s retention policy and has legitimized information governance in information governance was told it was “keep for 10 years then dis- as a free-standing business exercise, dis- card.” His next question was if the destruc- tinct from enterprise content management stress having rules to tion process was managed. No, it wasn’t. (ECM). It is not seen as synonymous with Raouf concluded that meant the company information security but the two are most guide you in determining did not actually have a retention policy. definitely related—or perhaps joined at the what to keep, what Hacking is on many people’s minds, hip is a better way to phrase it. thanks to highly publicized events from re- to discard, and when to tail stores to entertainment companies. Thus, Components of Information information security is a growing concern take action.” for companies who don’t want to be the next Governance victim. Can you completely prevent attacks? But what do we mean by the term infor- Raouf thinks not, but you can certainly take mation governance? Everteam’s Ken Lownie the amount of stuff becomes overwhelming, steps to minimize risk and be less vulnera- points out that the definition of information you know it’s time to apply information gov- ble. The amount of information being stored governance is far from set in stone. It en- ernance techniques—although you probably has increased exponentially. But it’s not only compasses a number of different functional won’t call it that. the volume that makes enterprises vulnera- areas, including records management, infor- The principle of keeping information ble from a security standpoint, but also the mation security, knowledge management, stored just in case you might need it in the failure of a centralized command and control big data, and data science. future is not a good idea. In fact, it’s not re- mentality. Raouf estimates that today, with Lownie identifies five core capabilities of ally a principle of information governance. all the different places where information information governance: Best practices in information governance can reside, 80% could be outside the ECM ◆ Connecting to every piece of content and stress having rules to guide you in determin- system. That makes it difficult to regulate data within the organization ing what to keep, what to discard, and when and manage. Not only that, says Lownie, ◆ Discovering information by analyzing to take action. Take that software you bought ECM platforms are over 20 years old and content, cleaning it up, eliminating dupli- years ago when it was the latest and greatest. the information governance piece of it is fre- cation, and migrating to secure repositories But now it’s old and tired. It’s not just you: quently “an afterthought.” ◆ Archiving content with an eye toward how Most organizations have software that hasn’t You can’t clean out your garage, which long it should be retained been updated. “Old software never dies,” you’ve been filling up for years, in one af- ◆ Managing information to ensure legal commented Raouf. “It becomes entrenched, ternoon. You can’t set up an information compliance with tentacles everywhere. It’s hard to con- governance program that effectively solves ◆ Analyzing content across the enterprise, vince people to throw it out and to find the every problem on a short timetable, either. providing advanced search capabilities budget to justify replacement.” Get the CFO to acknowledge the problem,

S20 KMWorld September/October 2017 start small, and take it one step at a time is need to be specific to the job role, Cruz says. involves not only traditional content but also Raouf’s advice. Perhaps the sales staff can use Skype for newer communication channels. business purposes but not turn on the vid- His first point is that information is all Value and Risk eo camera. Perhaps interactions on social over the place. This results in both increased media need to be reviewed before they are value and increased risk. It’s a business fact When considering risk, it’s the hack- uploaded. Perhaps some types of messaging that “content containing business records or ers who command attention. But that’s not are blocked completely. It’s important the sensitive information can be anywhere, in- a company’s only vulnerability. As Robert policy statements not be too stringent. This cluding the cloud.” Cruz, Senior Director of Information Gov- can have the effect of encouraging non-com- Secondly, there’s a real need for policies ernance for Actiance, Inc., explained when pliance. Policies should “help people do to be up to date. With new communication I talked with him, the value of information their jobs with the structure of the policy.” channels coming into favor (and falling out governance in mitigating risk lies in manag- of favor), policies should be reviewed on a ing the many communication channels that Gluing It All Together regular basis. Now that waiters take orders exist. He’s adamant that, although email is on iPads and no one uses quill pens, why not going away, there are probably 150 other Actiance, says Cruz, can “glue commu- would your information governance policy ways people are communicating. Particular- nication channels together.” The necessity to that was written 10 years ago still be use- ly in the financial services industry, those capture information from multiple channels ful? The same holds true for retention pol- communication channels are being scruti- and possibly millions of transactions can icies. Are they still valid in today’s world? nized by regulatory bodies. overwhelm the system if not done properly. Training is the third best practice. Com- Employees may not even think about Information governance, then, is not simply panies should involve employees when de- some of those communication channels as about documents, spreadsheets, and presen- signing training so that it is tailored to their being work-related. They send an email to tation slides. It’s conversations. And it’s con- actual needs. Training should evolve as new a colleague in the same company. That is versations that could occur anywhere. “Data technologies for communication appear. clearly work-related. They text to the same is nomadic,” he says, “it doesn’t want to live Closely related to training is his fourth colleague. They probably recognize that the in a single location.” best practice, that information governance text is work-related. They make a phone call. tools should be designed for today’s com- Yes, work-related. But what about social munications. media? What about new tools and evolving Finally, Cruz stresses cross-functional in- networks? What about videos and app shar- “Information governance volvement. If a policy is going to be success- ing? What about communication tools like ful, if information governance rules are going WhatsApp? Given that people may shift goes well beyond to be adhered to, then buy-in from multiple from one communication tool to another in departments within the enterprise is neces- the middle of discussing the same topic, it’s policy statements. It’s sary. Collaboration is now standard in most a complicated relationship. organization and blocking the use of collabo- Cruz thinks that companies need to have about more efficient use rative tools is a strategy designed to fail. policies about acceptable use of communica- of technology so that tion channels, particularly social media. One Controlling Respect multinational bank, for example, bans em- information that needs to ployees from using Snapchat. It is grounds If central command and control doesn’t for termination. He also knows of at least be preserved is preserved work for information governance for the one case where a tweet, probably consid- modern workforce, who have multiple de- ered as completely innocent and non-con- in the proper way, for the vices and multiple communication tools, troversial by the tweeter, was construed as then what does? Everteam and Actiance, I advertising. Another problem area is post- proper time period.” think, both recognize that sometimes you ing something to Facebook that contains simply have to be forceful and say that non-public information that legally cannot certain activities are not permitted. At the be disclosed. Blog posts could also reveal Unique to Actiance, according to Cruz, same time, you should be encouraging em- information that is non-public. The policy is the ability to capture conversations. It ployees to explore new technologies that should be tool neutral and spell out the exact can take a snapshot of, for example, a se- could add value to information and benefit definition of non-public, material informa- ries of tweets from a particular individual, the company. tion. It should also address the protection of the entire thread of a Twitter conversation, But information governance goes well intellectual property. all the tweets of a person on a specific day, beyond policy statements. It’s about more One difficulty with the proliferation of or who was on Twitter that day. It can also efficient use of technology so that informa- communication channels is distinguishing see what’s been changed or deleted. All this tion that needs to be preserved is preserved between business and personal usage. This conversation data is sent to an archive with in the proper way, for the proper time pe- may not be immediately obvious to younger the format intact. riod. It means engaging employees so that employees. They don’t always see a dividing Keeping context is necessary. Archiving they feel they have a role to play in the in- line. That makes creating a policy to explain conversations by converting to text mes- formation governance arena. It means fol- it to them extremely important. They need to sages disassociated from the thread is not lowing through so that retention schedules know when a tweet, Facebook status update, very helpful, since the context of the con- are not just promulgated but actually put LinkedIn comment, blog post, or Instagram versation is lost. Indexing has to be robust into practice. post could actually create risk for their em- so that it can understand all the various The stakes are higher than ever. Regu- ployer. Cruz is encouraged, however, when communication channels and meld them lated industries have long been subject to he sees millennials recognizing that data and together, says Cruz. certain strictures, but now the regulators are records belong to their employers. demanding more oversight. Non-regulated Policies that were written before the Best Practices industries are also coming under more scru- emergence of all these new communication tiny. Information governance may not be the channels need to be revisited and rewritten, Cruz’s take on best practices revolves sexiest topic around, but it is getting more probably on a regular basis. Policies may around the notion that information governance respect—and that’s a good thing. ❚

Sponsored Content KMWorld September/October 2017 S21 Robert Cruz is the senior director Best Practices in of information gover­nance for Actiance, Inc. He has more than 20 Information Governance years of experi­ ence in providing thought leadership By Robert Cruz, Senior Director of Information Governance, Actiance, Inc. on emerging topics, including cloud com­ Robert Cruz puting, information governance, and eDiscovery cost and risk reduction. nformation Governance—as a discipline— with information security as more firms I has undergone a strange and wild ride over have recognized the two are inter-linked by the past couple of years. Finally, we have the concept of “information risk.” moved past endless debates on definitions But, what have we learned that can be and usable frameworks, thanks to the efforts elevated to the stature of “best practice” in have learned the hard way that a Tweet of the Information Governance Initiative information governance? Touring the country can contain advertising for a product that (IGI) and other IG leaders and practitioners. in recent years and talking with Compliance, is outside of FDA approval guidelines, or Finally, information governance appears to Risk Management, and eDiscovery execu- that a Facebook post can contain non-pub- have separated itself from failed enterprise tives has led me to a few practices that I’d lic information subject to SEC Regulation content management (ECM) concepts and like to highlight. Fair Disclosure, or that a text message can early, seven-figure ocean boiling IG projects be sent with content that violates data pri- to “defensibly dispose” of digital ROT (and, 1 . Information Value and vacy laws. Others have simply recognized BTW, simply relabeling ECM as “content that sensitive, high-value content might be services” provides little utility other than the Risk are Everywhere carried in any number of communications nostalgic value of harkening back to FileNet More firms have come to the realization tools that have enabled employees to do circa-2006). And, finally, IG seems to have that governing content that has value is not their jobs, whether in the form of voice, carved some form of peaceful coexistence just about files, documents, or email. Some video, messaging, or other app. In fact, one major bank indicates that they sent more IM than email last year. A recent survey from PwC also finds that more than 40 percent of respondents feel that a social media presence is important in their choice of a healthcare provider. And, today, WeChat has over 1 billion users around the world—including a dramatically growing number of business users. The re- ality of information governance in 2017 is that it needs to consider the fact that content containing business records or sensitive information can be anywhere, including the cloud.

2 . Your Policies Need to Reflect Today’s Communications Have you touched your employee com- munications or records retention policies lately? If not, it may be time to dust them off to ensure that you are keeping up with the ways that individuals are doing their jobs. Policies designed for email may need re-inspection to reflect specific ways these rich tools can be used by employees. Sim- ilarly, retention policies may be worth a touch up as you consider the possibility that a conversation that includes informa- tion covered under a non-disclosure may be taking place right now on Skype for Busi- ness. In fact, according to the Information Governance Initiative’s Annual Survey (of which Actiance is a sponsor), projects to update retention policies are among the most common IG initiatives that firms have undertaken. However, the issue is not just about retention policies. Many organizations have policies that require that content

S22 KMWorld September/October 2017 Sponsored Content be inspected before delivery, sometimes referred to as “pre-review” or “moderation.” Policy violations that are surfaced (such as “Understanding how new communications and the mention of an investment guarantee in financial services) can lead to action from a compliance reviewer to block that message, collaborative tools will impact current regulatory escalate to senior management, or to notify and warn the sender of the violation. Other compliance, eDiscovery, and investigative policies may require that specific individ- uals not communicate with other specified groups, for example, individuals within a tasks is a critical task to learn early—not when tax department of a consultancy may not communicate with those in the advisory services department. the next major event is at your doorstep.” In each of these scenarios, organizations should be actively evaluating how existing policies can be applied to each new chan- deployed technologies, and in a fashion Understanding how new communica- nel of communication. Additionally, when where end users can share and promote best tions and collaborative tools will impact cur- new tools introduce new capabilities, firms practices in use of those tools—and gover- rent regulatory compliance, eDiscovery, and should determine if they need to 1) adjust nance policies can be further refined. investigative tasks is a critical task to learn policies, 2) explore how those new features early—not when the next major event is at can be controlled, or 3) disable those fea- 4 . Your Governance Tools your doorstep. tures. A common example is organizations Must be Designed for deploying a tool such as Microsoft Skype 5 . The Likelihood of Governance for Business, where the App Sharing fea- Today’s Communications ture may be one that the organization needs Equally important, organizations should Success is Directly Proportionate to evaluate considering existing policies. be asking whether the technologies they to Cross-Functional Involvement currently use to capture, retain, supervise, Finally, and somewhat obviously, is that 3 . Employees Need to be and discover business records (or data that the success of information governance ini- Directly Engaged in Design of might be responsive to civil litigation) tiatives are directly related to the quantity were designed for the communications of and quality of cross-functional support and Information Governance Training a different era. Those continuing to lever- buy-in from compliance, legal, infosec, and Given today’s feature-rich communica- age technology designed 10–15 years ago IT stakeholders. The importance of this tions tools, IG leaders need to work closely may be in for a big headache the first time alignment has been heightened by shifting with end users to understand how specific a large legal matter or regulatory inquiry communications and collaboration patterns roles will make use of key features. For arrives that requires the review and produc- experienced by organizations as business example, it may be advantageous for tion of social media, instant messaging, or users have proved to be resilient in their salespeople to collaborate with prospects voice communication. desire to use whatever communication tool over video, so governance policies should For example, all major archiving prod- that is demanded by their customers, part- outline accepted and prohibited uses of ucts and eDiscovery review tools were de- ners, and prospects. Blocking the use of tools like this with input from individuals signed specifically for email. Many have these tools has been proven to be a failed whose jobs require those tools to inter- the capability to understand other commu- strategy. Fewer IT executives are claiming act with prospects. Similarly, individuals nications formats, but must first convert to be aware of all the communications and with access to information with high them into individual email messages to be collaborative tools that are in use today by business value (e.g., intellectual property processed. In order to review a conversa- their end users. More are recognizing the or data covered under non-disclosure tion taking place over a series of Tweets, need to implement a process to understand agreements) should be consulted to un- for example, a series of independent mes- and evaluate the tools available in the mar- derstand how they might leverage new sages need to be threaded together to un- ket and prepare for the possibility of their collaborative tools so that policies can be derstand the conversational context. This use (sanctioned or otherwise) by their defined accordingly. process is not only time consuming, but employees. Since new tools with new features also significantly increases the risk that im- Cross-functional programs to assess the are emerging on a regular basis, training portant parts of that conversation may have business value and potential risks of new should be ongoing to keep pace with newly been deleted or missed entirely. communications and collaborative tech- nology continues to be more the exception than the rule. However, it is a positive step we have seen being taken by more organi- “The reality of information governance zations who have acknowledged that the days of information governance programs focused only on the use of email, files, and in 2017 is that it needs to consider documents are numbered. ❚ the fact that content containing business Actiance is the leader in communications compliance, archiving, and analytics. Actiance provides compliance across the broadest set of communications chan- records or sensitive information can be nels with insights on what’s being captured. Actiance customers manage over 500 million daily conversations across 70 channels and growing and include the top anywhere, including the cloud.” 10 U.S., top 8 European, top 5 Canadian, and top 3 Asian banks.

Sponsored Content KMWorld September/October 2017 S23 Ken Lownie is the vice president US The Real Differentiators operations at Ever- team Software. He started his career at Lotus Development, in IG Solutions and since then has played a founding and executive role Ken Lownie, Vice President US Operations, Everteam Software at several software companies. Lownie Ken Lownie is responsible for guiding Everteam’s According to Gartner, Information emails, web content and images. The first marketing and sales strategy in the US, and in his role as vice president of customer success he Governance (IG) is: step in IG is to have a method to connect to oversees the delivery of services and support to information in any system in your organiza- US customers. “The specification of decision rights tion. Each “connector” can then be used to and an accountability framework to view, inspect, extract and manage informa- ensure appropriate behavior in the val- tion regardless of where it is located. defining requirements in terms of these five uation, creation, storage, use, archiving Discover: Once you have connected capabilities, which simplifies the process of and deletion of information.” to each source system, you need to assess choosing IG solutions. what is in each repository. Using the in- I have been in the enterprise software in- sights derived from file analytics, you can dustry for thirty years, but I am still not sure map out the necessary actions to cleanse the The Shared DNA Between IG and ECM I understand that definition. The definition content, delete duplicates, migrate to secure For us at Everteam, one simple way is so wide that it seems to encompass most repositories, and mitigate exposure related to to think of IG is that it involves a set of other software categories. private information (PHI and PCI). use cases that involve the management of In fact, Wikipedia lists 28 different func- Archive: Archiving includes offloading content from creation to destruction. tional areas for IG, from records manage- inactive content from production applica- As noted above, the use cases tend to center ment and information security to knowledge tions to reduce costs, increase application on regulatory, cost reduction and IT in- management, big data and “data science” performance, and to address compliance frastructure requirements, and essentially (whatever that means). It begs the question: requirements. It includes moving inac- comprise a subset of the functionality pro- what categories of software are NOT includ- tive content to lower cost storage tiers as it vided by ECM solutions. ed within IG? ages, and archiving content according Wait, what? IG is just a set of ECM use I am setting out in this paper to break to compliance policies and application cases? I am not exactly saying that, but I am down—deconstruct—Information Gover- decommissioning needs. saying that many classes of IG problems nance in a way that should be much more Manage: At the center of IG is records have a lot in common with the things that useful if you are trying to address an IG need management functionality to address key traditional ECM platforms addressed. in your organization. compliance and governance requirements, The reality, however, is that the well- As you will see, it comes down to un- including retention/destruction manage- known ECM platforms are more than 20 derstanding Information Governance as ment based on defined policies. It includes years old, and over their lifetime they added a set of five core capabilities and realiz- processes for the collection, indexing core IG capabilities like records manage- ing that IG solutions share a great deal of and analysis of records (digital or paper ment through poorly integrated, acquired DNA with Enterprise Content Management based, structured or unstructured) produced technologies. The result is that for tradition- (ECM) software. anywhere—and by any system—in your al ECM platforms, IG is an afterthought, not organization. a core competency. And that is a recurring The Five Core Capabilities of IG Analyze: Once in place, a centralized pattern in the enterprise software space. IG system provides the ability to search and One way to approach your Information analyze all content across the enterprise. Old Software Never Dies, But It Does Governance plan is to think of it as a se- That means federated search across multiple ries of 5 steps, or stages that every informa- content repositories and the use of advanced Become Unmanageable tion item stored in your organization must content analytics to investigate issues and Here is a simple rule—let’s call it The go through. identify insights. First Law of Enterprise Software: Connect: Your organization stores in- Virtually every Information Governance formation in systems and repositories across project involves one or more of these ca- Every class of enterprise software the organization, including both structured, pabilities, combined and integrated to track eventually collapses under the weight transactional data in business systems and and control information created by the of its own complexity. unstructured content such as documents, organization. Best practices in IG starts with A software system that starts as a well-ar- chitected solution to a specific problem inevitably adds capabilities and features to address a wider set of problems as the vendor seeks to add new customers with new use cases. Eventually, through cycles of evolution and acquisition, the once-ele- gant system becomes unwieldy as disparate components built on different architectural models are cobbled together. After enough cycles, the result is an in- elegant system with high costs of ownership

S24 KMWorld September/October 2017 Sponsored Content created by the complexity of configuring, components, reducing the size and com- it is created, and managing and tracking it managing and upgrading the system. And plexity of the application. afterward. Given that central position, it is when the complexity and costs become so ◆ You can simplify upgrades by allowing essential that an IG software product easily high that customers balk, the cycle begins specific services to be updated one at a connects to all the other systems that create anew with new software products that de- time without compromising the integrity and consume content. In fact, flexibility, construct the problem space and deliver sim- of the entire platform and ease of connection and integration are pler, better-architected solutions. ◆ Microservices allow applications to be among the most essential attributes in an This is the recurring pattern of enterprise much more scalable because you can in- IG system. software. Eventually, enterprise software dependently scale the service requiring Connectivity and integration should be solutions become overly complex and overly more power. Specifically, more instances more than possible; it should be designed expensive, as vendors seek to meet revenue of a service can be added, rather than add- into the architecture of the product. A con- growth targets by adding new capabilities ing more “cores” to run the entire applica- nector-based design with pre-configured con- (and new customers). And this certainly ap- tion at a larger scale. nectors for major enterprise software systems pears to be the case with the ECM platforms should be standard components, with simple that underlie many Information Governance Microservices Architecture installation and defined functionality. solutions. A portfolio of connectors greatly en- An architecture based on microservices What started in the 1990’s as document hances an IG solution. An application that is the best instantiation of the idea of a com- management software, a straightforward starts as a repository, archive, and records ponentized architecture. Microservices ar- solution to managing access and versions management solution for one type of con- chitecture breaks a large application into a of documents, evolved in the next decade tent, created by one system, can be easily set of small, modular services. Each service to an all-encompassing category including expanded by connecting it to additional supports a specific business goal. the capability to capture, manage, store, pre- systems with additional types of content. serve and deliver all types of content. Com- The result is an application can be imple- panies like Documentum and OpenText mented and then modified, expanded and went on buying sprees in a race to fill every “Flexibility, reconfigured by adding or disconnecting niche in the ECM category, from capture connectors, without additional reconfigura- solutions to records management to digital tion or customization. asset management.1 The ultimate impact of a better-archi- One specific area of functionality that and ease of connection tected IG system is in the flexibility to build those vendors added through acquisition re- and change applications and the long-term lates to records management. Unfortunately, total cost of ownership. A more flexible, those records management capabilities are and integration agile architecture ultimately means soft- poorly (or in some cases, barely) integrated ware that is easier to configure, easier to with the original platform. The knock-on connect to other systems and easier to build effect of that type of architecture is that the are among applications with. records management and Information Gov- ernance capabilities can be difficult to con- IG Solutions Differentiators figure, inflexible and expensive to manage At Everteam, we have thought a lot about over time. the most essential what comprises the core capabilities of an IG framework. Our thinking led us to the Architecture as a Differentiator five core capabilities of Information Gov- attributes in an ernance: Connect, Discover, Archive, Man- The fact that IG solutions are late addi- age, and Analyze. tions to ECM platforms makes it critical to We then decided that the best way to en- evaluate not just “what” an IG solution does, sure a complete portfolio of IG capabilities but “how” it does it. In other words, archi- IG system.” was to build our IG solutions on a micros- tecture matters. ervices architecture, that would ensure high One of the biggest differentiators between levels of usability, configurability, and scal- IG solutions today is in the architecture of The services use a simple, well-defined ability. And our approach takes full advan- those solutions. Rather than a set of functions interface to communicate with other ser- tage of a connector-based model to simplify evolved and assembled in a complex code base vices, enabling the mixing and matching of connecting to—and integrating with—other that can be difficult to configure and corral into components as required to meet the needs of enterprise software systems. an effective application, the best of the new a specific use case or application. In the case These decisions reflect our belief that generation of IG solutions feature a componen- of an IG solution, one service (Audit Events any organization approaching an IG initia- tized architecture that simplifies building and Service) may be invoked when an auditable tive should be looking at what differentiates integrating applications. activity has to be recorded, and another (Re- IG solutions today. Those differentiators This approach to building IG solutions tention Policy Service) called when a com- include a focus on the core Information provides a number of benefits: plex retention rule has to be calculated. Governance functions and a modern, ag- The services model enables enterprises to ile architecture that makes implementation ◆ Each service can be deployed, tweaked, create applications to address specific business easier—and pays back faster. ❚ and then redeployed independently with- needs and integrate them together in a predict- out compromising the integrity of an ap- Everteam is a global software vendor with over 25 years able, repeatable manner. The result is software plication. of experience delivering highly sophisticated implementa- that is easier to configure, easier to integrate, ◆ Initial configuration and deployment are tions of Content Management, Information Governance easier to manage, and highly scalable. faster and easier because the system is and Business Transformation solutions for mid-to-large configured through a specific, centralized corporate enterprises and government entities. point of control. Connectivity is Crucial ◆ 1 You can deploy only the components re- IG software sits at the nexus of business For example, in the six-year period between 2001 and quired by an application, rather than all processes, collecting and tagging content as 2007, Documentum purchased 11 companies.

Sponsored Content KMWorld September/October 2017 S25 Susan Emery has over 17 years of 6 Ways to Keep Business experience in enterprise content management software and hosted Content from Getting services focused on maximizing the value and reducing Out of Control the cost of stored content. An ARMA Susan Emery Certified Information By Susan Emery, Vice President of Product Management, Viewpointe Governance Profes- sional with a background in design and usability, Emery concentrates on customer success drivers across information management and information egulated industries such as financial ser- and information management. Viewpointe has governance to break the vicious investment cycle Rvices, healthcare or insurance require busi- the expertise to assist with professional services enterprise organizations experience in these ness to balance innovation and risk mitigation. to guide implementation and project success, challenging areas. Can you keep pace with digital transformation content services to meet functional require- without risking security, privacy or retention ments with system connectivity and embedded policy requirements? Is there a way for your end-user interfaces and proven managed ser- business, legal and IT executives to establish vices in a private cloud environment to keep SalesForce.com. Duplicate and irrelevant shared priorities and act collaboratively to re- content secure. In addition, Viewpointe delivers content can be identified and safely discarded duce risks, comply with laws and regulations, the promise of flexible, future-proofed cloud in line with your retention policies, lowering eliminate needless cost and respond more nim- services without sacrificing the security and storage needs and reducing the complexity bly to competitive needs and markets? These compliance demands of regulated businesses. and risk of potential eDiscovery orders. challenges are real. The solutions require you to Viewpointe allows you to take control of OnPointe for File Shares brings gover- rethink how technology is used to meet essen- business content across a broad range of en- nance and control to file storage areas which tial business and compliance requirements and terprise applications, messaging systems, often go unmanaged in large enterprises. expert guidance from a trusted partner. content repositories and even file shares that Content on network drives, SharePoint proj- To manage business content across its use- often go unmanaged. Designed to handle ects, as well as collaborative sites can be col- ful lifespan, it is key to identify a cost-effective petabytes of information, OnPointe provides lected, archived and classified, ensuring that approach that offers best-in-class technologies specific services and integrations to ingest approved retention schedules are applied. and delivers all of the needed services. These and classify many types of structured and ROT data can be defensibly deleted in line include professional services to assist in assess- unstructured information. With our exten- with your retention policies. ment, methodology, and project management; sive APIs, even custom or in-house devel- OnPointe eDiscovery helps you man- content services that deliver capture, search, oped applications can be integrated, helping age, identify, preserve, collect, process, retrieval, hold and disposition; as well as man- to ensure consistent governance of data. analyze, review and produce responsive in- aged services to administer, secure and monitor The OnPointe suite of private cloud-based formation helping to minimize the risk, costs your organization’s most important and content services includes five key capabilities: and business disruption associated with the sensitive information. The benefits of a three- discovery process. pronged approach include the ability to: ◆ Content capture and management OnPointe for Structured Data helps ◆ Search, retrieval and version tracking you retire legacy applications yet maintain ◆ Control costs for a lower total cost of own- ◆ Security and privacy controls access to your most important content, man- ership through minimized capital invest- ◆ Retention management and disposition age the growth of your enterprise databases, ments and IT overhead ◆ Workflow automation of content processes and produce meaningful production-level ◆ Analyze your unmanaged enterprise data test data while protecting sensitive informa- and determine what information to man- OnPointe for Enterprise Applications tion. Designed for integration with your age, leverage and trust based on its value helps reduce costs and improve the efficiency overall information governance policies, to your business of managing content held in both active and OnPointe for Structured Data provides the ◆ Manage mass volumes of data by ar- legacy enterprise business systems. Through ability to discover, identify, and place on chiving content based on value while de- comprehensive lifecycle management and au- hold relational data across heterogeneous en- fensibly disposing of redundant, obsolete tomation, OnPointe for Enterprise Applications vironments while facilitating compliance, and trivial (ROT) data helps you meet governance policies, legal obli- eDiscovery and disposition. ◆ Enforce corporate retention, disposition gations and business goals while promoting and legal hold policies consistently across lean, agile and compliant information manage- Why Viewpointe? the enterprise to help ensure compliance ment practices. Viewpointe has a proven track record and mitigate risk OnPointe for Print Stream and Image managing large volumes of sensitive data ◆ Improve your ability to collect and classi- enables you to capture and archive high volume and has demonstrated its capability to exe- cute upon clients’ content lifecycle and man- fy information through automated and output streams for better management, gover- ❚ consistent processes, reducing the burden nance and access to customer statements, in- agement policies. on end users voices or other transactional reports. Individual ◆ Respond quickly and cost-effectively to records can have the appropriate classification Viewpointe delivers cloud-based managed services that eDiscovery, audit and internal investigation and retention rules applied and users can view streamline the information lifecycle and automate business requests while increasing predictability information in a simple standard PDF or text processes with a foundation of compliance and information formats, securely and simply. governance. Known for its time-proven expertise in informa- To help address information challenges and OnPointe for Messaging provides the tion strategies and managed services, Viewpointe makes it automate content processes, Viewpointe offers ability to capture email, text from SMS and possible to address today’s business opportunities and risks OnPointe, a suite of cloud-based content ser- instant messaging systems as well as cloud while planning for tomorrow’s challenges. To learn more, visit vice solutions with a foundation in compliance services, including Twitter, LinkedIn and us at https://www.viewpointe.com/onpointe

S26 KMWorld September/October 2017 Sponsored Content For more information on the companies who contributed to this white paper, visit their websites or contact them directly:

Actiance 1400 Seaport Blvd, Building B Third Floor Redwood City, CA 94063 PH: 1.650.631.6300 Contact: [email protected] Web: www.actiance.com

Everteam 2745 Atlantic Avenue Boston, MA 02111 PH: +1.650.596.1800 Fax: +1.650.249.0439 Contact: [email protected] Web: www.everteam.com

Viewpointe 227 West Trade Street Suite 2000 Charlotte, NC 28202 PH: 1.704.602.6650 Fax: 1.704.602.6669 Contact: [email protected] Web: www.viewpointe.com

Produced by: Kathryn Rogals Publisher KMWorld Magazine 561-483-5190 Specialty Publishing Group [email protected] For information on participating in the next white paper in the “Best Practices” series, contact: [email protected] • 561-483-5190

www.kmworld.com www.infotoday.com