Information governance process & technology
Download as PPTX, PDF1 like883 views
This document discusses implementing information governance programs to reduce risk and increase strategic advantage. It covers why information governance matters due to legal and regulatory requirements. Key steps include developing consistent policies, knowing where records are stored, distinguishing records, and leveraging automation. Technologies should integrate across solutions, support data sharing, and provide reporting and audit capabilities. The presentation then discusses specific Symantec solutions.
Information governance process & technology
- 1. Navigating Information Governance and eDiscovery Implementing Processes and Technologies to Reduce Risk and Increase Strategic Advantage Shannon Smith, Esq., Director of Information Governance, Globanet
- 2. Agenda 1 Why Does Information Governance Matter? 2 Implementing Processes 3 Implementing Technology 4 Symantec Solutions 5 Q&A 2
- 3. Agenda 1 Why Does Information Governance Matter? 2 Implementing Processes 3 Implementing Technology 4 Symantec Solutions 5 Q&A 3
- 4. Information Governance Information governance is the set of multi-disciplinary structures, policies, procedures, processes and controls implemented to manage information on all media in such a way that it supports an organization's immediate and future regulatory, legal, and operational requirements. An effective information governance program should balance risk, value, and efficiency. 4
- 5. Information Governance Challenges: Multiple Stakeholders 5
- 6. Objectives on an Information Governance Program • Ensure compliance with internal and external directives • Assist in making informed business decisions • Enable third parties to judge the conduct of the organization by providing administrative, fiscal, and legal accountability • Assure the most complete historical documentation of the organization’s actions • Maintain good business practices – information governance creates efficiency • Reduce the burden associated with locating and preserving records that may be the subject of litigation Create a culture whereby employees value information as a shared, corporate asset 6
- 7. Why Does Information Governance Matter? 7
- 8. DuPont v. Kolon The Value of a Strong Preservation Process • Misappropriation of trade secrets, theft of business information, and conspiracy • DuPont moved for spoliation of evidence based on evidence that emails and other documents were marked by employees for deletion • RESULT: judge imposes an adverse inference jury instruction and awards DuPont attorneys’ fees, expenses and costs related to the motion Take aways: • Imperative to have a preservation process in place ahead of time • Written notices should be issued to all affected employees, tracked, and translated when necessary • Preservation should include IT early on A thoughtful preservation process gave DuPont a clear strategic advantage 8
- 9. Agenda 1 Why Does Information Governance Matter? 2 Implementing Processes 3 Implementing Technology 4 Symantec Solutions 5 Q&A 9
- 10. How Mature is your IG Program? • Level 1 (Sub-standard): – recordkeeping concerns are either not addressed at all, or in a very ad hoc manner – should be concerned that their programs will not meet legal or regulatory scrutiny • Level 2 (In Development): – developing recognition that recordkeeping has an impact on the organization, and that the organization may benefit from a more defined information governance program – still vulnerable to legal or regulatory scrutiny since practices are ill-defined and still largely ad hoc in nature. • Level 3 (Essential): – defined policies and procedures, and more specific decisions taken to improve recordkeeping – may still be missing significant opportunities for streamlining business and controlling costs • Level 4 (Proactive): – information governance issues are integrated into business decisions on a routine basis – easily meets its legal and regulatory requirements; should begin to consider the business benefits of information availability in transforming their organizations globally • Level 5 (Transformational): – integrated information governance into its overall corporate infrastructure and business processes to such an extent that compliance with the program requirements is routine – recognized that effective information governance plays a critical role in cost containment, competitive advantage, and client service ARMA Maturity Model for Information Governance 10
- 11. Where to Begin – Policy • Develop, document and enforce consistent policies • Know where your records are stored • Distinguish records from non-records; tie a value to information assets 11
- 12. Where to Begin – Process • Don’t attempt to boil the ocean – be selective • Adopt processes with users in mind • Establish points of sharing and collaboration • Leverage automation where it makes sense • Test and adjust processes periodically to improve efficiencies 12
- 13. Agenda 1 Why Does Information Governance Matter? 2 Implementing Processes 3 Implementing Technology 4 Symantec Solutions 5 Q&A 13
- 14. Information Governance & Technology Challenges Difficult to Difficult to Difficult to Consolidate Control Access • Multiple data • Ownership of • Visibility into multiple repositories across information assets repositories business units • Enforcing information • Implementing • Multitude of data controls and policies permissions and types and outlets (internal and external) security controls • Value of information • Corporate data • Identification and assets varies leakage collection for • On-premise vs. offsite investigatory or litigation purposes 14
- 15. Where to Begin – Policy • Develop, document and enforce consistent policies • Know where your records are stored • Distinguish records from non-records; tie a value to information assets 15
- 16. Social Media has Fundamentally Changed Communication • 2/3 of the global internet population • Social network users surpassed email visits social media networks users in July 2009 Source: Nielsen, Global Faces & Networked Source: Morgan Stanley’s “Slow death of email” Faces, 2009 • By 2014 20% of companies will use • 86% of Financial Service professionals Social Media as the primary vehicle use social media up from 73% the for communication replacing email previous year Source: Gartner Source: American Century Investments 2011 200 Million active users 5 Billion Photos 490 Million users 500 Million active users 10 Million Users 100 Million active users 16 16
- 17. Technology to Support an IG Program Important Considerations Ensure integration across solutions to achieve Consider solutions that support efficiencies automation of certain functions Implement solutions that enable the sharing or transfer of data across the enterprise; Deployment Model reduce use of data silos On Premise Cloud Hybrid Reporting, audit, chain of custody across solutions 1 7
- 18. Agenda 1 Why Does Information Governance Matter? 2 Implementing Processes 3 Implementing Technology 4 Symantec Solutions 5 Q&A 18
- 19. Symantec Information Intelligence • Enterprise Vault • Discovery Accelerator • Compliance Accelerator • Data Classification Services • EV.Cloud • Clearwell • Data Insight Manager • Network Discover • Endpoint Discover • NetBackup Search 1 • Brightmail Gateway Notes: 1 – Release TBA 19
- 20. Symantec Solutions Breadth & Depth of IG Technology EMAIL SERVERS Store Manage Discover LEGAL FILE SERVERS Migration Classification Identify IM SERVERS Compression Retention Collect INFO SEC SHAREPOINT Deduplication Deletion Process & Cull LEGACY Transparency Preservation Review DATABASES HR DESKTOPS END USERS SOCIAL MEDIA 20
- 21. Data Classification Services (DCS) Policy Driven Classification What does it do? – Archive decision, retention, tags – Analyzes content and metadata during archiving – Reduces the cost of reactive Discovery – Decides on an archiving and retention strategy – Prioritizes items for supervisory review – Assigns searchable classification tags Symantec Enterprise Vault™ 10 21 Customer Presentation
- 22. Enterprise Vault.cloud Purely Hosted • No mandatory hardware and software to install and maintain • Low upfront investment & total cost of ownership • Flat fee per mailbox per month includes service upgrades Enterprise Vault.cloud Unlimited Storage & Rapid Search Email Storage Management • Unlimited email storage and retention Email eDiscovery • Rapid search results from scalable grid architecture • No mailbox size limits for end users Email Compliance Mailbox Continuity option Enterprise-class Infrastructure & Security • Redundant, scalable, Tier 4 data centers • Data encrypted in transit & at rest • 24/7/365 support included in cost of service 22
- 23. Enterprise-Wide Information Governance Records Management Legal Compliance • Define and enforce • Effective legal hold • Meet regulatory retention policies management requirements • Automate record • Reduce processing and •Streamline supervision classification review costs • End-to-end audit • Report and audit • Define and enforce capabilities capability retention policies IT Management • Reduce storage costs, • Satisfy demands • Eliminate data silos improve performance from legal and increase access 23
- 24. Agenda 1 Why Does Information Governance Matter? 2 Implementing Processes 3 Implementing Technology 4 Symantec Solutions 5 Q&A 24
- 25. About Globanet Globanet is a strategic Symantec partner specializing in information management solutions. We provide our customers with products and services to help them manage data more efficiently while reducing risk. Our portfolio of offerings includes - Select Symantec products including Enterprise Vault, Clearwell, Netbackup, and Storage Foundation - Globanet’s Merge1 for archiving of electronic communications including data from Bloomberg, Blackberry, Reuters, Facebook, and other data sources - Custom development for Enterprise Vault - Services to deploy, customize, and manage Enterprise Vault and Clearwell - Consulting on information governance topics including records management, litigation readiness, and ediscovery workflow 25