Content – information – is my life. I’ve never quite understood why organizations don’t do more to get the full value out of the content at their fingertips. I mean, yes, of course, there are the gods of Google and the Book of Faces who absolutely have found ways to capitalize on the data flowing through their fingertips, but I haven’t quite reached that point in my human evolution where “megalomaniacal villain” sounds like the kind of job I’d like to add to my CV.
No, I’m talking about finding ways to manage the information we interact with every day in ways that enrich our clients’ interactions, protect our clients’ interests, simplify the task of remaining in compliance with whatever regulations our industry is required to follow, and allow our staff to get back to their day jobs instead of chasing their tails over floating sheets of paper.
In this series, I’ll attempt to step through my own journey with content management, highlight the most common frustrations us real humans face every day, and get a little closer to the fundamentals of what makes a content management initiative succeed or fail.
The chaos that came before content management
I realize I’m giving away my age here, but I’m old enough to remember a time before content management was such a big deal. I’m also young enough to remember how much it sucked. Business-critical documentation scattered to the four corners of the company network drive, never to be seen again. Blind panic taking over as the manager in charge of that super-important tender accidentally saves his lunch order over the entire tender pack – two days before the submission deadline. I’m sure you can imagine a few scenarios of your own. Utter bedlam, and would you believe, we thought that was normal.
I was 23 when I first accepted a job offer at a company developing EDMS software. I watched agog as they demonstrated to a major government institution how their creditors payment cycle could be shrunk from 6 months from date of invoice to 10 minutes, just by automating the annoying running-around stuff and keeping each person in the chain informed and honest. At the time I didn’t understand how crucial the underlying process of content management was to the automation layer, but I learnt. By the time I left a few years later and joined a new employer, I had grown enough to build an entire (bare-bones, low-tech, not for public consumption) document management solution on Office macros out of sheer spite. If memory serves, that was the last time that particular boss was so irresponsible as to let me go off on a tangent without supervision. A valuable lesson to both of us, no?
Point is, the modern workplace has changed dramatically since my 23rd birthday. On the one hand, organizations are discovering slick new ways to turn a profit even in uncertain times and on the other hand, they are weighed down with ever-increasing regulatory burdens. Between regulatory requirements and industry standards, organizations have had to employ increasingly inelegant processes to meet transparency requirements, safeguard private information, protect their intellectual property from data leaks and exploitation, all while ensuring that staff has access to the information they need, when they need it, to do their jobs. The challenges are many, but there are a few that tend to stick in my mind.
Information Security
It was early 2014 when I first saw the headlines from the 2013 Stroz-Friedberg report. I generally spend a lot more time biting my tongue than trying to find words, so when I say I was speechless, trust me. I didn’t have a single word in my arsenal.
• 87% of senior managers frequently or occasionally send work materials to personal email or cloud accounts, increasing the risk of data breaches.
• 58% of senior managers say they have accidentally sent the wrong person sensitive information, compared to 25% of workers overall.
• More than 50% of senior management and 37% of mid-level management admitted to bringing job-related emails, files or materials with them after leaving their employers; with about 20% of lower ranking respondents admitting to doing the same.
Keep in mind, the world in 2013 looked rather different from the world we live in today. The vast majority of us schlepped into badly designed offices every day to sit in bull pens that felt like pig pens and try with all our might to side-step as many meetings as possible to get to the stuff we’re actually paid for. So it was hardly surprising that respondents to the Stroz-Friedberg survey blamed the high-pressure nature of their jobs and their out of control schedules for just wanting to get some work done after hours in the comfort of their own homes. Security policies are complicated, they said. VPNs are slow, they said. Besides, their home PCs had all their pirated games and CDs on, so at home they could at least listen to music.
Commence eyeroll in 3…2…1…
But it didn’t end with Stroz Friedberg. Other security shockers were just around the corner. Osterman Research released a 10,000-respondent study where respondents openly admitted that users were introducing malware onto company networks by browsing suspect websites at the office (naughty, naughty), opening infected files at the office from their Hotmail account, or transferring content between the relatively controlled environments of their work PCs and the germ-infested morass they played games on at home.
Of course, the relatively recent trend of employing secure cloud-based storage has certainly helped IT security engineers move a little closer to sanity. The ability to offer a relatively safe managed, moderated environment that users can access from anywhere has helped to address a lot of the frustration business users were exposed to before cloud became mainstream. Users no longer have to email work between home and the office and at least, their work is being saved into an environment where most nasties can quickly be isolated and dealt with. So basically, that clickbait-sounding horror story from the Stroz-Friedberg survey is moot, right?
Right?
Yes, this has been pretty significant, but may organizations still have work to do. For instance, Varonis’ 2021 Financial Data Risk Report dedicated significant attention to the implementation of cloud-based content storage in the financial market and found that:
“Financial services organizations average roughly 20,000 exposed folders (open to everyone) per terabyte — and this remains true regardless of company size. It takes IT professionals an estimated 6–8 hours per folder to locate and manually remove global access, meaning it would take more than 15 years to remediate these folders manually (assuming no new folders are added… and the IT team never stops to sleep).”
Information Integrity
For most organizations, the traditional approach to content sharing and collaboration has been to create a series of siloed network file shares (or SharePoint sites, or Dropbox folders , or…), with specific sub-sections assigned to specific departments. Department users would then create folder structures within those assigned spaces for their own immediate purposes and store content as they saw fit. This seems like a perfectly logical approach, right?
Ah yes, the best-laid plans of mice (apologies to Douglas Adams).
Over time, those beautifully designed file shares expand outward like a spider web, with ever more folders and sub-folders and sub-sub-folders added to the original structure. Eventually what started out as beautifully neat and tidy storage space more accurately resembles a rat’s nest and all of a sudden, no-one can find anything.
And what happens when I can’t find a folder to store my shiny new document? If you guessed I create a shiny new folder, your ice cream cone is in the mail. Duplicate structures housing duplicate documents with duplicated changes that never get synchronised back. Before long, any hope you may have had of figuring out which of the dozen so-very-similar documents on your screen is the true original vanishes without a trace.
In The Thing with Content Part 2, I’ll discuss common issues around version control, document lifecycle management, governance, and regulatory compliance. See you on the other side.
