Five Key Information Governance and Risk Management Trends for 2017

Joe Garber, VP-Marketing, HPE Information Management & Governance, Hewlett Packard Enterprise
225
351
81

It’s hard to argue that the world didn’t change in 2016. Politics, immigration, public safety, and Brexit shaped the headlines in what was anything but a typical year for citizens around the globe. For the IT professional, 2016 was somewhat pedestrian compared to what’s expected for 2017, however, in what is bound to be one of history’s greatest technological inflection points.

 This, plus emerging needs to backup and replicate VMware, vSphere, and Microsoft Hyper-V environments, will make data protection a key budget item in 2017 

A perfect storm of old and new is quickly converging, which will force CIOs to rethink tried-and-true approaches in managing and governing their data. Data volumes, security, and macro economic challenges have been building steadily over time and are now intersecting with increased complexity for privacy, legal and compliance requirements. Add to that recent technology advances in connectivity, infrastructure, and analytics, and there’s a recipe for change that comes along perhaps once in a career.

Here are five key predictions for 2017:

Information Insight is Critical

New privacy requirements emerged in 2016, which will impact how data is secured, accessed and stored. The risk of non-compliance with requirements such as Europe’s General Data Protection Regulation (GDPR) is both utterly transparent (e.g., fines up to the higher of 20 million Euros or 4 percent of the previous year’s worldwide turnover for a corporate group), and a little opaque but perhaps more severe (e.g., lost customer confidence and potential lawsuits) to those who will be tasked with addressing it. GDPR is said to be the model for similar privacy laws that will crop up globally, or will become the de facto standard by which all companies manage their data.

The primary challenge that this type of regulation presents is that data can no longer all be handled the same way. For example, under the GDPR, sensitive personal data relating to a person’s health or religious beliefs will require a higher standard of protection. Cast your net too narrow, and you risk failing to comply with law. Cast the net too wide, and you risk unnecessary inefficiencies and overspend on storage, security and applications.

A key trend in 2017 will be bridging data silos and applying analytics holistically across enterprise information, to understand, classify and take action on information at a granular level– ensuring an appropriate balance between adhering to compliance requirements and maintaining efficiency. This serves as an important step to managing risk in today’s IT reality, but also as a foundational step to securely derive value from that same information while remaining in compliance with law.

The Paperless Office Takes Shape

A paperless office has been discussed in theory for years, but going all digital wasn’t practical in the past.  Many industries, such as auto insurance, simply didn’t have the infrastructure or technology to support capturing and maintaining electronic records. The ubiquitousness of smartphones with cameras, combined with advanced software for capturing electronic signatures, security and records management began to change the tide a few years ago.

A paperless office is now being driven by governments worldwide who realize that they will be unable to deliver the best constituent service at a reasonable cost unless they start to change. New regulations such as Capstone in the United States and Digital Continuity 2020 in Australia are now requiring organizations and government entities to change how they create and manage information. Those governments expect change to start soon, which will quickly pull along corporations that sell to them as well.

Significant Cloud Adoption Outside the U.S.

Cloud-based governance solutions such as information archiving have been used successfully in small pockets for years. However, most countries outside of the U.S. have been slow to move to the cloud despite obvious convenience, scale, and cost benefits.

The reluctance to adopt has been due to data sovereignty concerns – many organizations do not want data to leave their country. Absent a localized cloud option, particularly in countries like Germany and Brazil, organizations – or multi-nationals with a presence in those countries – have historically elected to go with an on premise solution instead.

Much changed in late 2016as certain archiving solutions evolved to meet emerging global market needs. With the ability to host cloud-based governance in country through Amazon Web Services (AWS) or local partners, organizations formerly constrained by data sovereignty will now have a strong incentive to move governance to the cloud.

Intelligent Data Migration Catches Fire

For years, many organizations have kept far too many applications spinning “just in case” – i.e., just in case their desire to move data to the cloud comes to fruition, they need to access the application’s information for legal or compliance reasons, or they will someday be able to move that data to newer technology platforms. This practice has led to significant inefficiency and higher application and hardware costs.

File analytics tools are changing the game with the ability to attain information insight and gain a deep understanding of enterprise information, united with granular policy setting and built-in migration tools. With that power at their disposal, more organizations are applying hygiene to data they are moving to the cloud (so the right data is in the right cloud), pursuing defensible disposition strategies, and intelligently migrating just their critical information from older applications to new ones (e.g., PeopleSoft to Workday, SAP to SAP Hana).

Backup & Recovery a Top IT Priority (Again)

Backup and recovery will be back on top of CIO agendas. There are three reasons for this rebirth: volume, security, and new technologies.

Increasing data volumes and a growing realization that not all information is created equal are driving organizations to:1) categorize information on relative value/importance/risk, and 2) backup the right information, the right way, on the right technology to better manage risk and cost. Additionally, a growing concern in 2016 was ransomware, which drove significant investment in security to help reduce the problem. The bad guys are continuously working on new strategies to lock down enterprise information, so organizations need to improve how they backup information as a proactive insurance policy in case they can’t get ahead of the next ransomware event.

This, plus emerging needs to backup and replicate VMware, vSphere, and Microsoft Hyper-V environments, will make data protection a key budget item in 2017. 

Read Also

Leveraging Compliance to Your Advantage

Mark Bloom, Global CIO, Aegon [NYSE: AEG]

Online Businesses Face Increasing Regulatory Scrutiny

Dyann Bradbury, Senior Director of Corporate Compliance, Digital River

Cybersecurity Risks and Why Internal Partnerships and Cross-Functional Resources Matter

Adrian Mebane, VP & Deputy General Counsel, The Hershey Company [NYSE: HSY]

Avoid Non-Compliance by Getting Your SSH Keys under Control

Fouad Khalil, Director of Compliance, SSH Communications Security