Now that employees are accessing content from all kinds of devices and across many different locations, information governance (IG) has become more important than ever. Therefore, leveraging the “big three” components of IG — retention, defensible discovery and security classification — significantly reduces business risk, according to Josh Rosenberg, Box senior product marketing manager.
At Box, “the capture and classification of data has to be first and foremost when you’re thinking of info gov because if you can’t find something, you can’t govern it [and] you can’t set a policy around it,” he said July 20 during a webinar on the best practices for governing content in the cloud.
When you can’t find content, that’s often “when you start seeing shadow IT pop up,” he said, adding that “when people can’t find what they need in a system … they start using something else and then you have absolutely no visibility into how that works.”
He classified metadata as “the river upon which information flows,” saying “the more you can do there to just classify things to make it searchable and findable, I think the stronger a governance policy you can have.”
User behavior is changing, and people are accessing content everywhere now on a wide range of devices that’s “rarely behind the corporate firewall all the time,” he went on to say. Companies “have to figure out how to govern all of this,” he noted.
At the same time, every business is under increasing scrutiny in the face of new regulations, including the General Data Protection Regulation in Europe, and constantly evolving security threats.
“We’re all under more scrutiny than ever” because “data breaches are much more public” and “the 24-hour news cycle is very unforgiving, especially when it comes to these things,” Rosenberg said.
“The cloud can be this powerful tool to scale and be flexible and help just transform or expand everything you’re doing,” he said, noting that businesses can also use Software as a Service (SaaS) to their advantage.
Data is its “biggest asset” of Atlanta, Ga.-based consulting firm North Highland, Paul Falor, its CIO and head of strategic alliances, said on the webinar, noting his company is a client of Box. “We don’t have a product. We don’t have a widget that we sell. We sell our expertise and we sell our knowledge. So, as you can imagine, making sure that our people could find our knowledge and have a good understanding of what we do, how we’ve done it, what are the best ways that we’ve done something, and then, at the same time, also making sure that we keep that data handled in a very secure and appropriate fashion” are all important, he said.
If a client has a confidential product, North Highland must make sure that a rival doesn’t get ahold of that data, he said. The company must also make sure that its employees are being compliant with its own regulations and requirements, as well as those of its clients, he noted.
“I’m never going to have a security team the size of a company like Box,” so it makes sense for North Highland to use Box to help control its data, he pointed out.