Friday, July 17, 2009

It's 2.0'Clock... Do You Know Where Your Content Is?

(originally published @ GTEC blog:

The hot topic this week in the social media world is all about content management. Yes, enterprise content management.

If you haven’t been following the latest news, popular social network/communication company Twitter was the target of some malicious activity this week, with some sensitive corporate documents stolen and circulated to several bloggers. ( Click here for a real-time news round-up) Individual Twitter employees were targeted and the early explanation is that some passwords were compromised. Some bloggers chose to publish the stolen/leaked information, others did not. The sources of the documents were apparently varied: online ‘cloud’ document authoring and storage platforms, mobile accounts, email addresses, and others.

This post isn’t directed at Twitter specifically, nor the individual online/mobile applications that were compromised. But I do question how an organization – whether public or private sector – could risk their sensitive corporate information on any platform not equipped with at least the basics of what we call ECM – document management, records management, retention rules, access controls and audit trails.

What Were They Thinking?

Financial projections, business plans, human resource information and resumes, customer communication: these are the content types now surfacing for public and competitor scrutiny. Organizations who view such information as competitive advantage, as strategic to growth, as evidence of trust with their staff or customers need to walk the talk and make the efforts to protect it appropriately. Access control lists to restrict sensitive data to only certain employees or groups; disposal schedules to safely destroy content that is no longer serving a specific business or regulatory purpose but could only embarrass; audit trails and activity history to know when/where/how content was accessed and by whom: this is content management “101”.

The day we get too caught up in the hip and cool world of web 2.0 and cloud applications that neglect and ignore the basics, is the day the utterly preventable backlash begins, and the progress we’ve made over the last few years towards a more open knowledge sharing culture evaporates.

My advice? Use Twitter, but don’t be like Twitter. Use social media and collaborative tools to share information that is appropriate to share and where sharing benefits your organization, your team and you.

But content that needs protection? That is only your business? That is subject to privacy laws or regulatory scrutiny? That can only harm your organization, your team and you if wrongly shared? Invest in the extra effort to put on the security blanket. The culture of sharing, of knowledge exchange, of openness has its place, but it needs to be balanced with an overall information governance strategy; one that protects organizational interests , intellectual property, and the privacy of its staff, customers, shareholders and partners.