Our firm’s elephant icon is a nod to The Blind Men and the Elephant, the familiar, age-old parable for how we often do not see the big picture, but instead only the parts we directly encounter. And so it goes for organizations’ data. Individual company functions and departments often have their own, limited perspectives on information, seeing only the risks and opportunities with which they are directly familiar. Limited perspective yields limited perception – not a good thing for identifying, understanding, and controlling organizational risk.

I actually prefer a slightly different version, The Blind Elephants and the Man:

One day, six blind elephants were in a heated argument about what Man was like. To resolve their dispute, they sought out and found a man. The first elephant “felt” the man and then proclaimed “Man is flat.” Each of the other elephants, in turn, felt the man, and they all agreed.

The moral? Limited perspective not only yields limited perception – it can also lead to very bad results.

“Information Governance” has become an overused buzz-phrase, often trotted out as marketing mumbo-jumbo for selling technology tools.  In all the hype one can easily lose track of what it really means.  At its heart, Information Governance is no more – and no less – than making sure the organization sees the big picture of information compliance, cost, risk, and opportunity when making strategic decisions.

The Information Governance perspective is a ready-made, scalable resource. Any organization can make meaningful headway, right away, by simply adopting an inclusive IG perspective when addressing information matters, before investing in significant organizational changes and expensive technology tools.

What does this mean? Simply this – whenever any information-related issue is dealt with or decision will be made by your organization, be sure to ask the following:
Continue Reading

“GarGarbage Dumpbage in, garbage out” – we know that already, right?  Well … what we know about information quality and what we do are not always in sync. Just for kicks, consider information quality through the lens of the industrial quality movement.

Looking down from 30,000 feet, the history of industrial quality goes something like this – Medieval Guild craftsmanship, then Industrial Revolution product inspection, and then the post-World War II focus on quality process management.  It sounds arcane, until one remembers the 1980’s visceral fear that Japanese manufacturers were beating the pants off of U.S. manufacturing in terms of quality and value. Enter W. Edward Deming, who had been deeply influential in Japan’s post-war industrial recovery, and who became the evangelist for quality management practices in U.S. industry.  Deming exhorted American management to adopt product and service quality as the driving force in all business practices.

What’s that got to do with Information Governance?  It’s this – regardless of industry, in today’s world you’re actually in the information business.  So, business quality increasingly means information quality.  

Key attributes of data for business are sometimes referred to as the four Vs: volume, variety, velocity, and veracity.  Most folks focus on the first three, but the veracity of data – its integrity, its reliability, its quality – is crucial for business decision-making.   In a 2016 survey of executives by the Chartered Institute of Management Accountants, 80% of respondents admitted that their organization used flawed information to make a strategic decision at least once in the last three years. And IBM estimates that poor data quality costs the U.S. economy $3.1 trillion each year.
Continue Reading

Security dial turned to highest settingHow time flies.  Seventeen years ago, I went to work for a small, visionary company based in Seattle—Computer Forensics, Inc.   Indeed, the founder was so early in the e-discovery and forensics industry that our URL was forensics.com.  Laptop drives typically had 8 GB of storage, and servers were more often than not simply a bigger box that sat in a closet.

Lots has changed since then.  New technologies, expanded data sources and media types, and more raw data have flooded consumer and business marketplaces alike.  We’ve all seen the scary statistics on increasing information volumes and the security risks that follow.  Unfortunately, our controls for the creation, management, retention, and disposition of those data have not kept pace.  Yet how we manage our data on a day-to-day basis goes also to the heart of how we protect our data and ensure that our information assets are secure from theft or compromise.

During my years at CFI and since, I’ve found myself pondering “what if?” questions.  What if we only had to protect 20% of our information?  What if clients could take dollars earmarked for e-discovery and increased storage and spend them instead on better systems and operational improvements?  What if a client faced with the reality of a data breach didn’t have to wonder how many unnecessary skeletons were now visible?  The promise of information governance is that we can answer these questions affirmatively.  This is good news, and more importantly, news you can use.
Continue Reading

Charging ElephantOur firm’s elephant icon is a nod to The Blind Men and the Elephant, the familiar, age-old parable for how we often do not see the big picture, but instead only the parts we directly encounter. And so it goes for organizations’ data. Individual company functions and departments often have their own, limited perspectives on information, seeing only the risks and opportunities with which they are directly familiar. Limited perspective yields limited perception – not a good thing for identifying, understanding, and controlling organizational risk.

I actually prefer a slightly different version, The Blind Elephants and the Man:

One day, six blind elephants were in a heated argument about what Man was like. To resolve their dispute, they sought out and found a man. The first elephant “felt” the man and then proclaimed “Man is flat.” Each of the other elephants, in turn, felt the man, and they all agreed.

The moral? Limited perspective not only yields limited perception – it can also lead to very bad results.

“Information Governance” has become an overused buzz-phrase, often trotted out as marketing mumbo-jumbo for selling technology tools.  In all the hype one can easily lose track of what it really means.  At its heart, Information Governance is no more – and no less – than making sure the organization sees the big picture of information compliance, cost, risk, and opportunity when making strategic decisions.
Continue Reading

Weapons of Math DestructionThe hand-wringing continues about robots, and for whose jobs they’re coming next. But the “robots” needn’t be tangible to transform our lives. Actually, they’re already here, in the form of big data algorithms – predictive mathematical models fueled by astounding computing power and endless supplies of data.

This doesn’t have to be ominous.  Well-designed models, properly applied, are a beautiful thing.  But some models are toxic, and such bad modeling has become ubiquitous, with far-reaching impacts on where we go to school; how we get a job and how we’re evaluated; how we get and maintain financial credit and insurance; what information we access online; how we participate in elections and civic life; and how we are treated by law enforcement and the judicial system.  That’s why Cathy O’Neil’s book Weapons of Math Destruction is such an important book for our time. 
Continue Reading

When Earth Day rolls around each year, I can’t heEarth in human handslp but think of the picnic scene from Mad Men.  After Don Draper chucks his empty beer can into the pond, Betty snaps the blanket, dumping their litter across the grass, before trundling the kids off to the family car (12 MPG, leaded gas, with no emissions control).

Mad Men‘s magic was culture clash, the shocking contrast between the oblivious then – sexism, homophobia, humans as ashtrays – and our enlightened now.  What makes the picnic scene so memorable is the gobsmacking environmental thoughtlessness of that era, in which the only things green were money and envy.

And my, how far we’ve come.  We reduce, reuse, and recycle. Some of us compost, and others glare at the poor souls who still occasionally litter.  We spend extra money for energy-efficient vehicles and appliances.  We tend to buy local and organic, and we worry about chemicals in our food and water.  Most folks are concerned about climate change and believe we need to change human behavior to slow it.  In short, we devote significant thought, time, effort, and resources to be environmentally responsible.

At the same time, we remain completely oblivious to the swirling plumes of data exhaust we emit every day, and the toxic accumulations of data in the landfills of our devices, servers, and cloud accounts.  When it comes to data pollution, guess what – we’re Don and Betty.


Continue Reading

Bean of Chicago Millennium Park, Illinois, USAIt happens every day.  A company spends a huge amount of money on a new technology system, without fully addressing the information implications.  Maybe the decision (to move on-premise operations to a cloud SaaS or PaaS, or to retire and replace an enterprise database, or buy a comprehensive new tool suite) was reactive, driven by an impending crisis.  Maybe the decision-making was siloed, with IT not clearly hearing what the rest of the business truly needs (or more likely, the rest of the business not speaking up).  Or maybe IT just responded literally to a business directive of the moment (let’s get into IoT, or Big Data, or Blockchain!).  Regardless, the green light is lit, the dollars are spent … and problems ensue, painfully multiplying the procurement’s all-in cost.

What was missing? Strategic consideration of repercussions for information compliance, risk, and value for the organization as a whole, including privacy, data security, retention/destruction, litigation discovery, intellectual property, and so forth.  In other words, Information Governance.  And when was it missing?  Before the decision was made and the dollars were spent.

So, what if something could be hard-wired into the procurement process, a trigger that timely prompted decision-makers to call time-out; get focused input from all stakeholders; assess the repercussions for information compliance, risk, and value; and align the procurement requirements and purchase decisions with organizational strategy for governing information?


Continue Reading

Endless book tunnel in Prague libraryAs the information tide relentlessly rises, many organizations simply see an IT problem, to be fixed with a purely IT solution – more storage capacity, more tools, or both.  But merely adding more storage is a reaction, not a strategy.  And adding technology tools without the right governance rules invariably makes things worse, not better.

This is not a criticism of your IT team.  Instead, the problem lies in a misunderstanding of the fundamental challenge.  Just as you shouldn’t bring a knife to a gun fight, you shouldn’t merely bring more storage capacity and IT tools-without-rules to your fight to regain control over your organization’s information.  What’s needed is governance.


Continue Reading

KindergartenSometimes we make things way too complicated – especially our relationship with business data. Allow me to “kidnap” Robert Fulghum’s classic poem – wisdom in effectively governing information compliance, cost, risk, and value is not found exclusively at the top of the data science mountain, but there in the sandpile at kindergarten.  Here are the things we learned there:

Continue Reading