Charity begins in my pocket

Now that my son is grown, married, living in another part of the country, and busy with his own complicated set of life challenges, we don’t get as much time to talk. So, when we occasionally do, it’s important to cover only what’s critical. I’m sure we’ll get to that someday. Meanwhile, in the few times we connect, the conversational flow channels toward old territory: we play an abbreviated version of the game “An App For That.”

Since the advent of Smartphones, nothing has stimulated as much passion within our extended family as devising the TED-esque talking points about a newly-imagined app. Don’t judge us too soon. An app can be devised for any purpose, no matter how redundant or ludicrous. And often with added impetus of alcohol and ignorance.  Thus, anyone can qualify to play.  Even those in the US Congress might, should they develop a technology vocabulary sufficient for the task. And can pare down to one cohesive thought expressed simply and effectively. Never mind.

I clearly remember several apps proposed by Team Red or Team Blue during AAFT nights of yore. Alas, none had commercial viability and most had potential legal or ethical ramifications that effectively dashed any other hopes. Much like the real-world ridiculousness of such outlandish premises as drone deliveries or 5G wireless.

Also, like the hype surrounding such ‘advanced technology’, there are few meaningful rules in AAFT gameplay:

  1.  Further research is forbidden. It is always presumed that there are numerous apps already available for download that touch on (or completely obviate) our own proposals. It’s the proposal that matters, not the potential. Just like VC funding.
  2.  Each team’s app evangelist is given 5 minutes to summarize his/her thoughts. After all proposals are completed, the Round of Refute begins. This has neither a time limit nor any other constraints. Disbelief and disregard often combine in profane fits of merciless rant-itude. Which sometimes later get forgiven.
  3.  It is logical that over the course of several sessions, repeats will occur. This is natural and indefensible and therefore makes the Round of Refute richer by far.
  4.  Lastly – and this is key – no one writes anything down. Banish the thought of riches had you dared them. It is tacitly acknowledged by every player that pooling funds for lottery tickets has a higher likelihood of success than building an app for anything. We’re in the age of Instagram Influencers – not Angry Bird entrepreneurs.

Rules, though, are meant to be broken. One particular proposal has stuck with me. So I hereby offer to stick it to you as well. The basic premise: there aren’t enough apps for charitable giving that relate well enough to the human condition to make serious money. Right? Ignoring porn and gambling for now… right?

Yes – it’s true that on Facebook we can invite our friends to give nominal sums to a charity of our choice as part of a birthday celebration. There are also apps that inspire fundraising in many other directions. But the backstories of beneficiaries can sometimes seem either frivolous or insincere. What I am proposing (again) is an app that makes charitable giving easier and more effective by responding to a need we all share. Again, ignoring porn and gambling.

Before I post the description of an app – the one true solution that fulfills this obvious need so perfectly that the world as we now know it cannot hope to remain the same – I ask you to comment with your own ideas just in case I’ve missed something that’s out there and already making more of a difference than my admittedly limited research suggests. Or is simply worth noting as an alternative to selfishness. Until next time….

Posted in Less Than Serious, Uncategorized | Tagged , , , , , , | Leave a comment

The Future of Content is Cognitive

According to Gartner, most enterprises have no cohesive strategy or sufficient controls across redundant systems and redundant content. Why? Perhaps it’s because regardless of the potential value of content, 90% of business leadership thinks structured data is more critical toward success – although literally every connection to an enterprise customer is based on content interactions, not data. The term ‘Business Intelligence’ nearly always leads the list of technology-oriented search strings entered by business executives, while ECM appears infrequently. Sponsorship of ECM as a strategic business asset is still limited.

Maybe when ECM dashboards explain the value of content either at rest or in motion we’ll attract more attention from the boardroom. Yet ECM is a fairly substantial software market worth billions of dollars even without detailed analysis and business leadership interest. Maybe anecdotal evidence of efficiency gains, cost cutting, or risk management suffice in keeping IT buyer’s interest. What hasn’t yet resulted from all those years of investment and experience is the collection of usage statistics, valuation, benchmarks, or success measures that uniformly predict value from adopting either ECM strategies or suites. The actual history of ECM in practice. Stats.

Instrumenting ECM in the Age of Analytics

To date, instrumentation of ECM has been incompatible or incomplete – made more difficult by the numbers of repositories, users, processes, and integration with other systems. Something has to change for ECM to become more essential as a business resource equal to ERP, CRM, or Business Intelligence. The first step is to ensure that ECM analytics are engaged – to collect historical information and to aid understanding of changes that did (or should) occur. If a system maintains no sense of history, changes can’t be qualified as improvements.

It isn’t enough to use one company’s history of ECM practices to fuel Cognitive Content. More evidence from more implementations is required. Starting with visibility and ranging through search, classification, semantics, sentiment… any analytics that score content and the people who create and consume it from Historical, Contextual, Predictive, Performance, and Cognitive perspectives.

There are three key markets that ECM components address: regulated/records/archive, transactional, and collaborative/case management/cloud. Yet in any one enterprise there are often several vendors and systems in play across those use cases. IBM is a qualified leader in each area, yet finds business appetite for adding more cost and complexity (and new enterprise license agreements for on-premise software) to be low. But there’s still reason to believe a single platform can encompass business content better than siloes. One strong argument for ECM consolidation is the resulting ability to put business content under a uniform set of processes, policies, and analytics to enable change as business needs evolve. Because becoming a digital business demands change – especially in managing unstructured data better.

A Cognitive Platform from IBM is the answer for both trimming down to an essential set of content services and increasing business agility. We’ve got the best business case for consolidation and a single-vendor set of solutions. It’s turning ECM’s future away from ‘managing all content’ to ‘managing critical business content’, adding sensing and cognitive capabilities so the technology investment enables a quantified business strategy that delivers measurable outcomes. ECM will soon be defined as an analytics platform connecting callable content services to drive the most value from business information. One that connects many information sources and can automatically ‘play’ solutions templates and assess their present value quickly via instrumentation and analytics.

Platforms Make More Sense

So, the first step of driving Cognitive into the ECM story begins at the platform level – by allowing sensing to take place well beyond metadata, user roles, and access. This is critical for consolidation to happen in ECM – that analysis of information and its value to the business can happen much more easily from a single point of focus rather than in a loosely-coupled or highly-federated information infrastructure. The two terms – Context and Valuation – should be part of the conversation about where ECM is going. They also are critical enablers of Cognitive.

The recent announcement of Cognitive Capture as part of DataCap Insight Edition is the first stage of ECM maturity toward cognitive content. By applying a combination of advanced imaging, natural language processing, and machine learning technologies, IBM Datacap Insight Edition can automatically classify and understand the document just as a trained employee would – including format and structure, and words and numeric information – and make the content within any document agile enough for the business to quickly and accurately determine the right action to take and what other information is related.

The key capabilities are understanding the overall context; capturing segments of information to be moved and managed and related to other data; and correlating it all in terms of semantics, processes, and industry. We know what the data and process models look like for loan origination and we can associate information effectively even if it originates on a paper form.

This is important in:

Banking and Finance – where different business lines such as Retail/Commercial banking, Lending, and Investment banking require similar documents for differing contextual reasons

Healthcare – where doctors and hospitals are transferring hand written notes and images into electronic health records for analysis or filing.

Insurance – where roughly half of all documents received are titled “correspondence” and need to be analyzed for content and classified appropriately.

By analyzing the content, IBM Datacap Insight Edition can identify which content to analyze at the point of capture, while continually learning about new document types for future use resulting in overall faster (and better) processing. It applies business rules to help organizations determine what needs to be done – whether a document should be passed to a line of business system or should initiate a case and workflow for additional actions. Content itself triggers multiple paths of workflow.

IBM’s product vision focuses on delivering the right information, at the right time, to the right users. For this outcome to happen in most enterprises, we need to make ECM easier to buy, to use, and to justify to business leadership. Part of what we’ll focus on in coming years is emphasizing the right set of functional capabilities – callable content services – designed to be leveraged in purpose-built solutions. So the future of ECM won’t as much be about suites as services – and IBM’s will include consideration of open source, competitor, and cloud connections. We’ll also deliver strategic support for enterprise development of a content services center of excellence – a shared services approach for better leverage and reuse of the technology.

The Beginning of Content Services

We’ve already created content services for analytics, capture, case management, archive, cloud file sharing and collaboration, and governance that can be adopted and adapted for any content architecture or buying occasion. We also have built connectors for adjacent analytics on unstructured data via Hadoop and Spark. We’ll continue to focus on our on-premise implementations and help future-proof those investments by enabling rapid assembly and adoption of new solutions whether built by customers or by IBM partners.

We’ll also continue to develop our strategic relationship with Box and will announce several new product and platform enhancements to underscore the value of cloud-based file sharing and collaborative processes to business leadership. We believe it will also open up secure customer-centric workflows for highly mobile processes like P&C Claims and global projects. IBM’s content services (like those delivered with Box) will also bring SMBs, geographies, and industries – beyond traditional high volume or regulated or transactional – into the market. This is a significant opportunity.

Managed services in the cloud and SaaS options will make buying ECM easier but also limit the costs typically associated with integration, customization, training, change management, and support. In addition, we’ll offer simple T-shirt pricing: S, M, L, XL, 2XL. This will offset the old arguments about complicated contracts, maintenance issues, and vendor lock-in. Business buyer response to the new delivery models are positive. But we need to move the needle further from technology to solutions and attendant business outcomes. That conversion is happening via IBM Case Manager, Mobile and Collaboration, and our deepening integration and development on Box.

Content Valuation is Your Next Best Action

The conversation about ECM must change – from one about all content to that of business content. The information that engages customers, informs regulators, inspires business partners, and enables employees. Business leaders recognize the difference between casual content and a contract or proposal or policy. But we still can’t engage them in a discussion about business content value. Because to say that optimized business content processes deliver known value (like new revenue or customer loyalty) in many implementations is an understatement. But to say they deliver predictable value in every implementation is a fallacy.

That’s because every company has enough differences in people, process, and information infrastructures to make predictions of ‘normal’ outcomes difficult. Admittedly, these differences sometimes represent competitive advantage, but more often signal silos and fiefdoms and other complexities that demand changes before realizing the full benefits of further investment. A Cognitive Value Assessment, though, can consider many similar organizations and their related complexities – and process efficiencies, too – and determine what constitutes ‘low hanging fruit’ that can yield the highest value and generate further support for change. Because Cognitive is synonymous with Change. And, often as not, businesses change is not based on internal drivers but external forces.

Better Practices Require Better Crowdsourcing

The analysts and advisors that suggest change usually have methodologies derived from multiple engagements across specific domains. This outside perspective is critical for Cognitive. Especially in ECM. What would be better than getting advice from professional services providers would query peers within an industry, geography, process discipline, etc. to understand how they’ve done something. Toward good or bad or fast or slow or rich or poor outcomes. There is a lot of detailed and credible information – and even ROI calculators – that suggest invoice automation is a profitable undertaking for many businesses with many suppliers.

How many other content type and their related people-based processes can also be optimized based on standard templates? A substantial number it seems, based on solutions definitions from vendors, partners, and services providers. But it might also be possible to glean the same recipe and success factors from published best practices provided to an industry organization like AIIM. A compilation of such stories and detailed assessments by analysts effectively ‘crowdsources’ ECM best practices. And creates a set of parameters that qualify as ‘rules of engagement’ across domains. Actual rules that drive decisions and can change as conditions or requirements demand. It’s a start.

Posted in Uncategorized | Leave a comment

Is Your Investment in ECM Future-Proof?

Once upon my career, I led a team of enterprise architects. Among the many responsibilities we shared, none was more important than the strategic analysis of IT investments. The goals of the annual (and sometimes more frequent) exercise: 1) decide what technology to eliminate; 2) what to keep with confidence; and 3) what we felt was somewhere between. It was an admittedly pointless Principle of Thirds.

That’s because the investments never added up to anything close to thirds. Though maybe at one point there might have been better balance between them, by the time I started to make recommendations the outcome had already become sadly predictable. We’d almost always spend way more budget tending to the ‘not sure’ technology than I’d hope. As in: “Not sure where that $4M USD went.”

That’s not actually true. I know where it went. Shifting development sands. Over-passionate or temporary sponsorships. Mediocre end-user adoption. Lack of integration. Too many overlaps with other systems. Too boutique. Too regional. In some ways, this is where much of the budget for IT disappears even today – in the cracks between what’s ‘got to go’ and what we ‘have to have’. It’s a tough job to place big bets on hazy middle ground. And, that region of investment has been troublesome to many business leaders, too. Because it’s an area fraught with fiefdoms, limited visibility, even less measurement, and few success stories.

The simple fact is that when it gets down to funding, most of the ‘wiggle room’ for innovation won’t come from pulling the plug on flatlined technology. Those savings (+/- 10%) almost automatically get taken from the IT budget. So, innovation will come from smarter decisions about managing in the middle – bringing the best of it forward to add new value. Maybe it shouldn’t have been about money at all – maybe it should have been about potential. That’s where IT and LOB alignment needs to take shape.

What’s an enterprise architect to do? Or even an IT leader or line of business sponsor? Ignoring for the moment that I represent a vendor, take this advice from an experienced advisor (which I also am): make strategic technology investments informed by a new principle of thirds for the digital business era: what serves the customers best, what enables agility (and competitive advantage), and how we can manage the value (risk/reward potential) of information better.

With all of those in mind, few technologies qualify as ‘future-proof’ the way that cloud file sharing and collaboration does. And, it meets the needs of end-users, enterprises, and customers all at once – a rare principle of thirds we couldn’t have predicted back in the day. So when IBM talks about its partnership with Box, and the related benefits of a strategic integration with ECM products in our combined portfolios, it’s important to recognize that we’ve both considered all the history lessons learned from the past – and have recognized how vital confidence is to your IT equation.

Even knowing how hard it can be to place bets on the future of technology, I doubt there’s a content services combination with more potential to idealize interactions between people, processes, and content than the near-term or strategic solutions architected by IBM and Box. It’s a future I am betting part of my career on – and one that should easily qualify as ‘have to have’ for many enterprises. In that recommendation, I have all confidence.

Posted in Uncategorized | Leave a comment

The Future of Content is Customer-Centric

When I was a Gartner ECM analyst, I answered approximately 42,300 client questions. This rough estimate is based on three factors: time on job (9.4 years), inquiries per year (avg. 900), and questions per inquiry (avg. 5). Inquiries, by the way, are scheduled client calls that last half an hour and are often scheduled back-to-back. There were many more questions that didn’t get logged into a system – many of which happened during day-long client sessions or at events. But the point that research analysts answer lots of questions should now be clear.

Oddly, you might wonder what number of questions I asked as an analyst. That number is somewhat reflected by the body of research I delivered; but on the whole qualifies as ‘secret sauce’ rarely enumerated. But it’s probably best expressed as a Confidence Algorithm: to answer any question with confidence, you’ll have to have asked many times more questions yourself. It’s lucky that I’m curious. It’s unfortunate, though, that I have bad handwriting.

I’ll admit one administrative failing during my tenure: I wrote down all the questions (and my responses) in Mead Five Star Wirebound Notebooks and then filed dozens of them away for further/future analysis… and then got too busy to properly ‘mine’ the contents. And, because the technology market moves so quickly, I presumed much of what mattered between 2002 and 2011 – to either enterprises or vendors – would have been rendered useless by a factor of time. Based on reading through the notebooks recently, I realized I was wrong.

What I was looking for was one word: Customer. Trust that – even with an aforementioned scribbling issue, and even as the night grows long and the wine is nearly gone – I can scan page after page on a shelf full of notebooks and quickly dog ear those on which a critical word appears. Or doesn’t – which in this case was frustratingly the fact. And, sometimes unexpected themes become apparent too. The people I most often talked to: IT leaders and enterprise architects. The issues they faced: vendor and product selection, technical integration or trouble-shooting, and process and planning optimization. The audience for their efforts: internal. So, not a single mention of ‘customer’ across any of the calls made sense back in the day.

But, wow. Since I know some analysts working now (those still willing to talk to me), I also know that the shift toward business participation in the technology conversations they host is very clear. I also know that the most common questions they’re asked relate to customer-facing content-rich processes. Where loyalty is the ultimate goal and reputations are made and lost with lightning speed. And, where the value of their investment is obvious because it engages literally everyone. As cloud and mobile technologies, SaaS, and apps do. Interestingly, another alignment has happened driven by changing market conditions: industry analysts and technology providers are hearing the same thing.

At IBM, literally every conversation relates to customers – whether ours or those of our customers. I say this with certainty because I am still doing research. I’m just not answering as many questions as I ask these days. The question I would suggest you ask is the same I often ask: what recent advances in technology could make the greatest difference in building customer loyalty through better engagement? Also consider: what investments we’ve already made can connect us to that future most effectively and economically? I have an answer in mind and hope you do, too.

Posted in Uncategorized | Leave a comment

CMO Suites – Missing the Point (Despite Some Analytics)

It has been suggested by recent comments that I have become a standard bearer for content valuation. Admittedly, much of what I have written does seem tied to unusual events, personalities, and costs related to documents. As if there’s a correlation somehow between my opinion and actual life. I’ve recently called out Katherine Bigelow and Edward Snowden as examples of people who understand the potential of documents to help or harm. Now, far be it from me to try to draw any connection between Quentin Tarantino and my company – under normal circumstances, that is.  But the news that an otherwise affable and intelligent auteur has gone over the top due to failed content security compels me to question the rigor of his planning. He sent six copies of a script to six trusted associates and swore them to secrecy. One recipient leaked it to the press. After the anguish and recriminations, the movie he’d been working on for years was shelved – and the millions it would have earned were lost.

Had he simply added a layer of protection to those documents the result would likely have been happier for all. The value of the forfeited opportunity can easily be calculated: Tarantino movies do well at the global box office and continue to generate income from rentals, etc. long afterwards. According to the Motley Fool:

“Assuming a 477% return on a $125 million budget — a modest increase from Django Unchained — that equates to a profit of almost $600 million, and a total box office take of more than $700 million. Of course, that would make The Hateful Eight the new highest-grossing Western of all-time, which isn’t as crazy as it sounds considering Tarantino’s last project.”

Go figure. 600 Million Dollars lost because of failed document protections. Which doesn’t mean each of the six copies is worth $100M, though they would certainly be collectible. You could buy a pretty great document for less.  Sold for $5.12m in 1980, and for $30.8m in 1994, Leonardo Da Vinci’s Codex Leicester is one option. Or maybe a Gutenberg Bible and a copy of the Declaration of Independence and one of the handwritten Gettysburg Address manuscript copies along with a Dead Sea Scroll fragment or two. In short, no prior notion of value stands up to the money conjured by today’s business of entertainment.

Yet, despite all the risks (lost value, stained reputations, lawsuits among them), smart people in the present day still think a wax seal serves as security enough for valuable content.


But it isn’t Royals or Popes or even fanciful pre-teens I want most to inform – it’s marketers. In the last several years, CMOs have become a target for technology vendors, industry analysts, and consultants. That’s because they control new or bigger budgets tied to digital customer acquisition (and retention), and updated technology plays a huge role in that investment. It’s the largest shift in spend in decades – and is matched in some industries by other shifts in reporting structures and titles. CMOs now have their own CTOs. Whole marketing IT teams often independent of the rest of the business. And, a direct connection to data that drives revenue. Sadly, though, all that cool CRM and CXM and Mobile and Social and Multivariate and Analytics and Cloud Whatnot doesn’t get the whole job done.

Because behind the scenes, in the boiler room of every marketing machine, lies a huge pile of Marcom fuel. Project plans, development updates, and many multi-sheet wonder-colored “Campaign-O-Matics” – all in the form of Excel spreadsheets. Forecasts, annual reports, and pitch decks in PowerPoint. Newsletters, press releases, brochures, case studies, and scripts in Word. You can’t starve this part of the engine that runs on content – just as you can’t effectively run a business without data. What worries me is that marketers tend to overplay outside-in data mining/analytics and underplay inside-out content risk management. This routinely imperils business reputation but can easily be managed by enhancing four basic content processes within the many pieces and parts that collectively equal the CMO Suite:

  1. Protect content at the moment of its creation
  2. Re-use (and re-purpose) content successfully
  3. Manage versions (and retain only the closest 20% to final)
  4. Collaborate efficiently to avoid bottlenecks and maintain auditable change detail

Sure, these are at the center of Litéra’s value proposition to enhance content strategy for marketing. But they aren’t always top-of-mind for marketers (or even their technologists). So, I propose that any marketer interested in understanding the value of these four enhancements – and their nominal costs in relation to CMO Suites – reach out to me at their earliest opportunity. It should be obvious that such a blatant call to action is a turn-off in today’s world of analytics-informed, nuanced, persona-based, targeted/personalized/channel-optimized persuasive content delivery. I suppose I should have waited to write this post until the demand for it had reached a peak. But the fact is that investments in marketing technology for advertising and analytics largely outpace those for basic content creation, control, and collaboration. And, it’s time for marketing leadership to realize that marketing content depends on back office essentials that rarely get attention and investment. Is your boiler room too inefficient to fuel your business ambitions?

Posted in Business Process Optimization, Content Strategy, ECM | Tagged , , , , , | Leave a comment

IRM – The Final Countdown

As I dimly recall – thanks to education received in another century altogether – there’s an edict (ethos?) in science that “no proof exists without remaining doubt.” Maybe this is partly due to the fact that there are always those willing to take up the cause for an opposing viewpoint. Or, some data doesn’t align correctly to the larger norm. Or, sometimes events or eras just seem to champion ignorance itself. Therefore, on the continuum of certainty, there’s always room for a little Squeak from the voice of the illogical. That Squeak has been the sole remaining reason that IRM technology can largely be considered a failure in legal and corporate markets. Yet, if I am to judge from recent events, the moment for celebrating Squeak’s extinction is near.

Here’s why: according to news reports, NSA officials say Edward Snowden downloaded and removed about 1.7 million documents from computer networks at an NSA listening post in Hawaii where he worked until June. Sounds like a large number, doesn’t it? It’s not, really. According to my back-of-the-napkin calculations in the restaurant where I mistakenly left my laptop last night just after beginning this post, I had 56,320 items in the documents folders alone. Among those items were 11 .PST files (which constitute archived mailboxes) containing approximately 54,000 emails (and attachments) apiece. Granted, not every file could be considered a ‘document’ – unless defined as “a written or printed instrument that conveys information.” Well, then. This is a description that many (if not most or all) of them fit. At last count – on said cocktail napkin factoring documents stored a single machine – I left 650,312 of them for whoever buys my stolen Dell Latitude on Craigslist for $150 in Denver. But a more enterprising thief could do much better. Especially if he can target the right documents to the right buyers.

Confidential Documents and their Proposed Price on the Open Market

Patent Submissions             $2M
Client Lists                            $1M
Business Plans                     $1M
Product Plans                       $1M
Contracts                              $1M
(factor in the fact that once pricing/discounts are known, they stay
below the published value for a long while)
Bug Lists                               $1M
Competitive Matrices         $150K
(in pure staff time; value to new entrant in the market is substantially higher)
Employee Evaluations       $250K
Sales Forecasts                    $250K
Internal Strategy Presentations                            $250K
Salary/Option Letters                                             $250K
Internal Contacts List (home address, etc.)        $250K
Internal Communications (Board)                       $150K

The key difference between Toby Bell and Edward Snowden may be more than the negligible math separating the size of my document store from his. It’s the potential for catastrophe that their exposure can cause. But even this is partly fallacy. On the right day to the right audience for the right reasons, my documents could prove to be (in some ways) as damaging as his. Suspicions cast, jobs lost, competitors propped up, partners outraged, regulators engaged, audits invoked, hair pulled, teeth gnashed. And that’s just the appetizer from the feast of woes my laptop lost at the dinner table could inspire. You don’t have to believe this – only my boss does. Because the buying argument for IRM usually loses support at the top. Building a business case for IRM is easy. Defending against perceived risks expressed by leadership about historically poorly managed implementations is harder. Either way, it’s a matter of trust. Lately, as business trust of IT has continued to erode, IRM is merely one casualty.

Yet, there’s never been stronger evidence to support it: more users conducting business remotely; more content stored/shared in the cloud; more content on portable and often stolen devices (14% of reported crime in New York City is ‘apple picking’ – theft of smartphones); casual attitudes toward content sharing generally; and misunderstanding about other protections like PDF. Thus, because the risk is obvious and technology has finally outpaced outdated criticisms, the time to decide to provide better control of content access and custody is now. Now. Swaying business leadership to this point of view shouldn’t be hard, right? Wrong. It’s an uphill battle. Because the Squeak usually makes itself known after about 10 questions – or twenty-four floors. Here’s a typical elevator-ride Q&A involving an IT Infrastructure Leader and her CEO while moving from the basement to the boardroom:

Elevator Opens:

IT: “Hello, Mr. Johnson. Good to see you. How’s that new iPad working for you?”

CEO: “Uh… fine. Jean, is it?”

IT: “No, it’s Joan. Don’t worry – people get that wrong all the time.”

CEO: “So… Did we ever get that Y2K thing sorted out?”

IT: “Uh… yeah. Listen, Mr. Jones. I’d like to propose a very slight budget increase for 2014. We’d like to implement Intelligent Rights Management.”

CEO: “Sounds great. What’s in it for me?”

IT: “It protects the company from the likeliest source of damage to our reputation: lost, misused, misunderstood, or stolen information gleaned from office documents.”

CEO: “So, this fits higher on the risk list than executive mayhem? Good to know. How does it work?”

IT: “Basically it’s a wrapper that secures any content – whether at rest or in motion – from unauthorized access or use. It’s easy to use and easy to manage.”

CEO: “Sort of a “Harry Potter’s Invisibility Cloak” for contracts, financials, and leadership memos?”

IT: “Not really. More futuristic. More like an on-board content computer that is self-guided and self-healing along with a remote control to change policies on the fly.”

CEO: “I loved Harry Potter. I just downloaded a couple of his movies on my iPad.”

IT: “Nice. One of the reasons IRM is becoming a critical issue is due to file-sharing sites and unauthorized use of proliferating creative content.”

CEO: “Huh. So, who gets to fly the documents? Everybody?”

IT: “Anyone who creates a file can do it.  At the moment of creation it’s self-guided by corporate policy, but we also have the option for manual overrides. One of the cool features of the latest IRM software – like the kind Litéra is delivering – is that you can alter the permissions after the fact. That way, if a contract expiration date has passed and the document could no longer be opened and signed by our supplier, we could update the policy if procurement agreed to allow it in special cases. In effect, every document ‘calls home’ for policy instructions whenever it gets touched.”

CEO: “Wouldn’t we have to install software or something like that on every machine that would come into contact with the file?”

IT: “Typically, the software installs on servers. There can also be plug-ins to make it easier for end-users to set their own policies as they create files. But they won’t need training or change management to benefit. And, people who are authorized to use the files need nothing – no need for our suppliers or outside counsel or regulators to download anything.”

CEO: “How will this change the way we share information and collaborate? Does this mean our people can just run amuck with company communications and files?”

IT: “Just the opposite, though in fact people are running amuck right now. We’d have a measure of control and confidence that can even become a competitive advantage.”

CEO: “Could an administrative or IT security breach of IRM potentially lead to my organization losing access to every single piece of content that has been protected?” <SQUEAK>

IT: “It could happen in theory. (CEO stops listening here). But there are safeguards and redundancies to prevent lost access or changed policy. Blah, blah, blah.”

CEO Has left the elevator.

It isn’t that we don’t have other options for creating and storing critical documents than my C Drive. Cloud-alone content strategies are appropriate for small businesses and those with limited risk of exposure. Hybrid content architectures with both a private Cloud for collaboration and an on-premise regulated repository for records management are proving their worth and becoming common. Many mobile devices are more like content carriers than creators – but this doesn’t reduce risk enough to let CEOs sleep at night. People are much less careful with other people’s documents than they would be with those for which they are directly, explicitly responsible. Making the documents more self-aware is an evolution that has taken too long. Automating policy throughout their life cycle isn’t onerous – it’s actually easy.

Bottom line: it’s sometimes hard to distinguish what’s mine versus what’s my company’s. According to me. But the legal fact is that the computer is a company asset and all files thereon are subject to its control. So, stand down, CEO. Shareholders, board members, industry associations, industry watchdogs, regulators, partners, and outside counsel would be outraged at the failure to protect your company IP – especially if the argument against it seems so perilously personal. Sure, my lost laptop contains a plethora of risky files – but only if they can be opened. Which they can’t – all permissions have been cancelled. Imagine how Edward Snowden would have felt to discover that the files he forwarded to global news agencies were similarly encrypted. Edward Who?

How do you feel about IRM’s chances for adoption given today’s frequently mobile collaborative processes? Are you using it? Any other thoughts about protections?

Posted in Uncategorized | Tagged , , , , , , , | Leave a comment

Content in the Cloud – WWKBD*

“When Content Goes Out The Door, Control Goes With It.”

If you are a goofy optimist, this statement might seem self-explanatory. And, you might feel comforted. But I’d have to wonder if you are clear on the facts: content is in motion far more often than in the past – and enterprise confidence in its protection should seriously be in doubt. If this comes as a surprise, I am happy to be the messenger. Every business leader should be up all night with worry given the problem. Because few people have the right answers. And, for once, those that do aren’t lawyers. Or technologists.

How do I know? There’s a protracted conversation on LinkedIn among legal technologists about whether file sharing via Dropbox is a bad idea (even as many lawyers they work with no longer care how their colleagues in IT feel about it). Of course it’s a bad idea. Yet, the same tension is being felt in every workplace across the world – and the FUD (Fear, Uncertainty, and Doubt) is undeniably building. In the brave new world of Mobile Computing/Cloud/Social there’s an evil old world underlying truth – hackers, phishers, scammers (and even governments above them) are interested in your content, and are having little trouble acquiring it. Could your competition be far behind?

Maybe this is a direct consequence of the “dress down Fridays” mentality. Imagine sending your most important proposal or patent application or even your personal patient files… wearing shorts and flip-flops. That’s mobility. It’s good. You probably do this often. But, what kind of impact would your vital business or personal information have if it showed up similarly clothed: in shorts and flip-flops? Dude – that’s bad. Worse still, you aren’t sending your deliverables to Cancun; you’re sending them to North Korea or Bulgaria or Azkaban.

Would your competitors kill to get detailed terms, conditions, and pricing that a captured proposal contains? Maybe not. Would they at least consider steaming open an envelope? Probably so. That’s what theft of trade secrets, price lists, intellectual property, etc. now constitutes: nothing more than steaming open an envelope. Usually a PDF file with password protection. That’s a poor way to protect your most valuable property. By my estimate, there are exactly the same number of cracking tools as there are PDF files online. Now imagine the heroes of recent movies like Hurt Locker or Zero Dark Thirty facing the perils of war in under armour alone. Would director Katherine Bigelow send her cinematic soldiers to distant lands without a stitch of protective gear? She would not. It wouldn’t be credible. And, you shouldn’t either.

Here’s why: I think we face a mobile-day dilemma because our consumer behaviors threaten enterprise reputations. How bad would your customer feel if a contractor working on the big process improvement project sends a copy of your software sales proposal to a friend of theirs in a competing software company. Not bad enough. Worse still, it’s merely a momentary bad – like taking another cookie when there are only three left on the plate. It’s clearly time to take stock of the risks and rewards of Content in the Cloud. Many of the people in my life – family, friends, colleagues alike – are aware that their actions have consequences in theory, but aren’t really sure what those might be in practice. So, I’ll offer a few ideas in hope of starting a dialogue. Perhaps even a call to action about changes in control as various hand-offs occur when content traverses the void between local repository/file server, device, email, Cloud host, customer, etc.

*What Would Katherine Bigelow Do (with the final shooting script for her next movie, for example)? She’d dress her deliverable to do battle before sending it to a potential investor. You, as the armorer of your enterprise, should do the same.

  1. Valuable stuff needs safeguarding: store your deliverables in a regulated repository (on-premise) and have all versions accounted for. This policy can be automated. I can’t count the number of times a ‘final version’ gets changed ‘one last time’ by someone who then attaches this rogue new file to an email and sends without storing as a new version.
  2. Prep your stuff. Convert deliverables to PDF and password protect them. Do not confuse this with actual content risk management. But PDF is still ‘common currency’ for file sharing and everyone has access to the viewer.
  3. Add a content rights management wrapper to the file. Set permissions (can’t forward, print, copy. Can view and edit.) and then set an expiration date. In order for content to persuade people most effectively, it should have a freshness stamp. When business gets concluded on old documents, money is lost and relationships suffer. The key ability is to be able to destroy documents from afar if they’re old or being misused.
  4. Attach to email (fair) or send via secure file transfer (better). In both cases, encryption and metadata cleaning are enforced by automated policy. Set the message to High Importance and check that both a delivery and a read receipt (as well as any deadline dates) are included. Copy the CRM or engagement systems. These are also steps that can be automated by policy.
  5. Store the signed contract or track the outcome of the deliverable even if unsuccessful in building business. It’s amazing how often results aren’t evaluated carefully to improve the process for efficiency, effectiveness, and protection.

Bottom line: the farther your deliverables travel beyond the firewall, the more ways you’ll want to protect them. Sometimes, this includes destroying them to keep them safe. Scorched earth policies can be much more palatable when there’s a backup of your stuff stored safely at home. Next to your flip-flops.

Posted in Business Process Optimization, Content Strategy, ECM, Reputation Management | Tagged , , , , | Leave a comment