New data classifications vital to information governance and security
Businesses have invested heavily in information governance and security, and embracing three new data classifications could prove beneficial in 2016.
Companies have learned that in order to leverage the economic and functional efficiencies that technology such as mobile devices and cloud computing make possible, information security investments are essential. This will be no different in 2016, as corporate boards and management teams continue to recognize the importance of information governance to their overall compliance strategies and programs.
Log data as evidenceSeveral businesses have turned to the cloud to store the immense volumes of performance and log data that computers generate as evidence of the company's operational effectiveness. In turn, vendors large and small are creating big data analytic tools that can evaluate log data to detect anomalies and variations much earlier than in previous iterations.
In the past, records management and IT teams have not considered these volumes of log data as functionally important to the corporate compliance program objectives. However, the data has huge value for law enforcement and in legal cases. Log data can often serve as evidence that contradicts oral testimony or even the content of other digital records. For example, the time stamp on an email server log may contradict information on a print-out of that email.
Information governance and security processes can leverage log data to benefit the corporate compliance program's objectives. By developing effective governance, the same log data can be evaluated to help identify miscommunications, improper contacts, trading irregularities, unauthorized purchasing and similar activities that are often the basis for enforcement investigations and litigation.
Software design documentationThe Volkswagen fuel sensor incident has placed the spotlight on a second category of documents and records that has been overlooked by traditional records and IT management practices: Software design documentation. On first impression, software and information system engineers are no different than the architects of homes and office buildings. They produce a design (blueprint) of the end result, and then build it. But as with contractors, the as-built final product is often very different than the original design.
Information governance and security personnel should connect with development teams at the earliest stages of each new project to create the information classifications and controls for relevant data. The teams should also produce design documentation that is considered part of the organization's overall information governance program.
Blockchain implementationsWhile Bitcoin has received a great deal of attention as a digital currency, its underlying blockchaining technology may produce far more dramatic shifts in how corporations create and preserve information records. With blockchaining, there is no central repository of each record or digital asset. Instead, blockchaining divides information assets such as transaction records into blocks. It then encrypts each block and distributes the blocks across a large network of participating systems and devices. Blockchaining provides a highly reliable record in which trust is vested in the consensus of the collective of the participating systems rather than the central repository.
How do you think information classifications, such as blockchain and log data, will influence data security and governance processes in 2016?0 ResponsesJoin the Discussion
For each of these three new information classifications, the data management team and drivers of the corporate compliance program will serve their organizations well if they reach out and collaborate with other IT teams. Too often, the push for accelerated software releases or system development takes precedent over effective information governance and security. Collaboration will help assure that the project budgets for these activities properly anticipate the related information governance expenses and their associated benefits.