Corporate Information Policies Need an Overhaul, Analysts Say

First there was information lifecycle management (ILM). Then along came intelligent information management (IIM) and information infrastructures. Now the latest storage industry rallying cry is information governance.

The data storage industry has come a long way from storing data and managing storage infrastructures, and at the forefront of the movement to manage information wherever it resides is EMC (NYSE: EMC), which has leveraged its storage hardware and software expertise to become a player in the broader enterprise IT market, moving into areas like data center and server infrastructures and security.

Two recent studies suggest that EMC and other storage vendors may be on to something.

Gartner and the Economist Intelligence Unit (EIU) have both recommended that enterprises adopt organization-wide information governance policies defining how data is controlled, accessed and used, touching on everything from retention and deletion for compliance and e-discovery to reliability and availability for business purposes.

Information governance isn’t just about staying out of trouble, said Gartner, citing studies that have found that poor data quality among North American companies has resulted in more than $600 billion in lost revenue.

Chuck Hollis, EMC’s global marketing CTO, said EMC sponsored the EIU study after noticing a trend toward information governance among its own customers. The goal of the study was to see if the same pattern was playing out elsewhere, and the survey confirmed that the trend is widespread and growing.

The April survey of 192 senior executives from around the globe found that 77 percent expect information governance to be important to their company’s success over the next few years, while 68 percent expect the complexity of those issues to grow.

But 62 percent of respondents said their companies had no formal information governance program in place. As a result, only half of the respondents at those companies have confidence in their firm’s ability to protect sensitive data, compared to 85 percent for those whose companies have a formal strategy.

The survey found similar gaps in the quality of backup and retention policies and the ability to integrate and share information, affecting everything from data quality and reliability to the ability to obtain a single view of the customer for better decision-making.

Hollis said the purpose of an information governance program should be to “think outside IT boxes” and look at “information as money.”

“This cuts across business units,” he said. “IT is a seat at the table.” But it’s also an opportunity for the CIO to take leadership, he said. If policies are left to the legal department, they will tend to be risk averse and restrict business.

Hollis said getting everyone together to craft such policies is “painful work,” but the result is that companies “can do business with information better.”

He recommended that organizations start small, looking at, say, e-discovery policies or data loss prevention.

As part of EMC’s own information governance efforts, the company found that it had 150,000 credit card numbers in its databases, even though the company deals largely with enterprises. As a result of that review, EMC no longer takes credit card information directly, sending it to third-party services.

Hollis cited Intel, the Hartford Financial Services Group and British Petroleum as particularly accomplished at information governance. One of Intel’s (NASDAQ: INTC) steps, according to the EIU report, has been to centralize product lifecycle information to keep research and development, manufacturing and sales up to date.

EMC, of course, also has “a little bit of self-interest” in promoting information governance, admits Hollis, citing the company’s own services.

Greg Schulz, senior analyst and founder of the StorageIO Group, wondered if information governance solutions will be a tough sell in lean economic times. “Where’s the value proposition in a tough economic time?” he asked. “Is this a solution looking for a problem, or a problem with a value proposition that can be addressed in tough economic times?”

The Economist Intelligence Unit report, “The Future of Enterprise Information Governance,” will be available at EMC’s Web site later this week.

Back to Enterprise Storage Forum

Paul Shread
eSecurity Editor Paul Shread has covered nearly every aspect of enterprise technology in his 20+ years in IT journalism, including an award-winning series on software-defined data centers. He wrote a column on small business technology for Time.com, and covered financial markets for 10 years, from the dot-com boom and bust to the 2007-2009 financial crisis. He holds a market analyst certification.

Latest Articles

Server Market: Overview, Features, Benefits and Best Providers

The server market is the backbone of countless mission-critical and client-side corporate computing processes, as it powers data centers and supports cloud environments.  The demand...

Solid State Drive (SSD) Market: Overview, Features, Benefits and Best Providers

This is the era of the solid state drive (SSD) in data storage: SSDs run many data center storage arrays, and further improvements to...

Tuxera Hires Microsoft Azure Vet as Head of Enterprise Business Unit

HELSINKI — The latest leader at the storage software and networking company Tuxera is a veteran of Microsoft Azure. Tuxera hired Antti Alila as its...