Corporate Information Policies Need an Overhaul, Analysts Say

Enterprise Storage Forum content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

First there was information lifecycle management (ILM). Then along came intelligent information management (IIM) and information infrastructures. Now the latest storage industry rallying cry is information governance.

The data storage industry has come a long way from storing data and managing storage infrastructures, and at the forefront of the movement to manage information wherever it resides is EMC (NYSE: EMC), which has leveraged its storage hardware and software expertise to become a player in the broader enterprise IT market, moving into areas like data center and server infrastructures and security.

Two recent studies suggest that EMC and other storage vendors may be on to something.

Gartner and the Economist Intelligence Unit (EIU) have both recommended that enterprises adopt organization-wide information governance policies defining how data is controlled, accessed and used, touching on everything from retention and deletion for compliance and e-discovery to reliability and availability for business purposes.

Information governance isn’t just about staying out of trouble, said Gartner, citing studies that have found that poor data quality among North American companies has resulted in more than $600 billion in lost revenue.

Chuck Hollis, EMC’s global marketing CTO, said EMC sponsored the EIU study after noticing a trend toward information governance among its own customers. The goal of the study was to see if the same pattern was playing out elsewhere, and the survey confirmed that the trend is widespread and growing.

The April survey of 192 senior executives from around the globe found that 77 percent expect information governance to be important to their company’s success over the next few years, while 68 percent expect the complexity of those issues to grow.

But 62 percent of respondents said their companies had no formal information governance program in place. As a result, only half of the respondents at those companies have confidence in their firm’s ability to protect sensitive data, compared to 85 percent for those whose companies have a formal strategy.

The survey found similar gaps in the quality of backup and retention policies and the ability to integrate and share information, affecting everything from data quality and reliability to the ability to obtain a single view of the customer for better decision-making.

Hollis said the purpose of an information governance program should be to “think outside IT boxes” and look at “information as money.”

“This cuts across business units,” he said. “IT is a seat at the table.” But it’s also an opportunity for the CIO to take leadership, he said. If policies are left to the legal department, they will tend to be risk averse and restrict business.

Hollis said getting everyone together to craft such policies is “painful work,” but the result is that companies “can do business with information better.”

He recommended that organizations start small, looking at, say, e-discovery policies or data loss prevention.

As part of EMC’s own information governance efforts, the company found that it had 150,000 credit card numbers in its databases, even though the company deals largely with enterprises. As a result of that review, EMC no longer takes credit card information directly, sending it to third-party services.

Hollis cited Intel, the Hartford Financial Services Group and British Petroleum as particularly accomplished at information governance. One of Intel’s (NASDAQ: INTC) steps, according to the EIU report, has been to centralize product lifecycle information to keep research and development, manufacturing and sales up to date.

EMC, of course, also has “a little bit of self-interest” in promoting information governance, admits Hollis, citing the company’s own services.

Greg Schulz, senior analyst and founder of the StorageIO Group, wondered if information governance solutions will be a tough sell in lean economic times. “Where’s the value proposition in a tough economic time?” he asked. “Is this a solution looking for a problem, or a problem with a value proposition that can be addressed in tough economic times?”

The Economist Intelligence Unit report, “The Future of Enterprise Information Governance,” will be available at EMC’s Web site later this week.

Back to Enterprise Storage Forum

Paul Shread
Paul Shread
eSecurity Editor Paul Shread has covered nearly every aspect of enterprise technology in his 20+ years in IT journalism, including an award-winning series on software-defined data centers. He wrote a column on small business technology for, and covered financial markets for 10 years, from the dot-com boom and bust to the 2007-2009 financial crisis. He holds a market analyst certification.

Get the Free Newsletter!

Subscribe to Cloud Insider for top news, trends, and analysis.

Latest Articles

15 Software Defined Storage Best Practices

Software Defined Storage (SDS) enables the use of commodity storage hardware. Learn 15 best practices for SDS implementation.

What is Fibre Channel over Ethernet (FCoE)?

Fibre Channel Over Ethernet (FCoE) is the encapsulation and transmission of Fibre Channel (FC) frames over enhanced Ethernet networks, combining the advantages of Ethernet...

9 Types of Computer Memory Defined (With Use Cases)

Computer memory is a term for all of the types of data storage technology that a computer may use. Learn more about the X types of computer memory.