Remote Working: The Information Governance Challenge of the Decade

Whilst having to adapt to a new normal, people around the world are experiencing firsthand the difficulties of working and even schooling from home. Not only are we trying to balance work and life over the long haul, but we are also frantically juggling work and life in real-time.

In addition, working in a confined space, while continuously having to learn new skills and habits, is having a bigger impact on the workforce than anticipated. This balancing act doesn’t just impact us on an individual level – it can be seen at the organisational level as well.

Organisations are having to equip a workforce with new tools and roll out new working practices to stay hyper-agile and respond quickly to the needs of customers and employees. What's more is that while the regulatory environment may be a little more forgiving during this crisis, organisations are having to protect private customer information, intellectual property, financial data, and other important information against a host of old and new threats.

Protecting important corporate information during this unprecedented time is key and there are three main areas to look out for when it comes to this.

  1. Over-use of locally stored files
    With workforces working from home, access to shared repositories and use of VPN infrastructure will skyrocket, often to breaking point. If and when reliability becomes an issue, more content – including customer, financial and proprietary information – will find its way onto local hard drives.Employees will make rogue copies of active content and records to work with locally. This content will be subject to cyber security threats that are can be common-place in the home and are certainly more prevalent than in a typical corporate network. What is worse is that the content now stored locally is unlikely to be deleted when it’s no longer needed. It will hang around – unmanaged and unprotected – for who knows how long.The most effective solution to this problem is to sync these files to the local machine. In doing this, files will retain the controls that exist in the central repository. These controls can let file users push information governance rules, including records management policies such as security marks and retention schedules, down to the desktop. The user retains the ease of use of working with local files and records mangers and compliance officers have one less thing to worry about.

    Desktop sync is a relatively common-place feature in sync and share and content services platforms. However it is important to be sure to check out your vendor’s ability to combine desktop sync with governance services for a secure and safe workforce at home.

  2. Inappropriate sharing of content
    One of the most common mistakes when working from home is to prioritise speed and convenience when sharing content. This leads to important information being emailed as attachments or shared via personal sync and share accounts. There are often stories around highly sensitive documents being uploaded to video conferencing platforms as an easy way to share with other parties on the call.None of these methods have the security, access controls, encryption and so on that are typically present in the workplace, but users demand speed and convenience now more than ever. The solution is a content services platform that highlights ease of access in the cloud and ease of use via extensible web and mobile apps, while delivering first class information governance controls. The governance controls are easily applied to content in the central repository (and synced to desktops as needed) and users can be encouraged to share secure links rather than files, without compromising speed and convenience.
  3. Shortcutting Important Review & Approval Processes
    Many content-centric business processes involve review and approval of important content. This could be because the content contains personally identifiable information (PII), business critical customer content such as onboarding details, claims, orders or complaints, or maybe even sensitive financial or contract information.When working from home, the review and approval process may breakdown as workflow and content sharing tools are not designed for remote use. Review and approval is hurried. Active content that should be declared as a record goes undeclared. Important records management controls, such as retention schedules, are not put in place.The solution to this problem is two-fold. Unsurprisingly, the first part of the solution is to have a modern, cloud-based workflow solution that brings content, process and governance seamlessly together to better manage connect and protect important content.

    The second – and arguably more impactful point – is simply to have users ‘work smarter’ during review and approval by automating as much as possible. By applying business rules and AI and machine learning, content can be evaluated automatically, and key information extracted to classify the document based on its type, e.g. contracts, invoices, purchase orders, bank statements etc. With auto-classification, the information extracted from the document can quickly and accurately populate metadata and be used to set retention rules, detect personally identifiable information (PII) and more.

The outcome? A massive drop in the manual effort required to manage review and approval processes — without compromising records management policies and security.During times of crisis, information governance is often put on the back burner with many believing it’s a tick-box exercise that can wait until better times. However, with mass working from home during the current pandemic, it provides the opportunity to cast information governance in a different light.

Through desktop sync, information governance enables users to work with the convenience of local files and occasional network or VPN outages, while still protecting information. Desktop sync doesn’t just sync content – It syncs corporate information governance policies as well.

Through easy to use, extensible cloud-based apps for web and mobile, employees won’t need to turn to inappropriate or unsanctioned file sharing techniques. They can easily and securely share content within an invisible layer of rules-based information governance.

With auto-classification, business rules and AI/ML, important review and approval processes can be kept alive while working from home thanks to automating much of the review, classification and records declaration/management as possible.

 

By Tara Combs, Information Governance Specialist, Alfresco


Join our free-to-attend digital event, Last Thursday in Privacy, addressing data protection, privacy and security challenges including working from home, COVID-19, global regulations and more. Visit https://digital.privsec.info/.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.

Privacy Culture: Data Privacy and Information Security Consulting, Culture & Behaviour, Training, and GDPR maturity, covered. https://www.privacyculture.com/