What Do You Need?

Let’s face it. Regardless of industry, you’re in the information business. Your organization’s data is an important asset that should be governed, to maximize its value while managing compliance, cost, and risk.

So … what do you need? Some want help creating or updating the foundations – a retention schedule, information management policies, a legal hold process, data security assessment and policies, and data breach response readiness. Above all, most need practical strategies for successful implementation.

Others simply want deep legal and information management expertise applied in a no-nonsense manner to a particular information challenge or opportunity – better yet, using the specific effort to advance an overall information governance strategy.

We Can’t Find our Content

We Can’t Find our Content

Our unstructured data has grown relentlessly, with documents, spreadsheets, and slide decks stashed helter-skelter by employees in network and local drives. And thousands of boxes of paper sit in off-site storage, out of sight and mind. Finding the right information is a daily headache, slowing productivity. It’s hard to apply security controls to sensitive information because we’re not sure where it is. And I’m worried about spiraling litigation costs when we’re compelled to find, hold, and review data and documents for litigation.

Learn More
Our Corporate Headquarters Move is Approaching

Our Corporate Headquarters Move is Approaching

The headquarters move is months away, but I’m already concerned about an information management train wreck. The new space is impressive, yet has far less storage space, which is daunting given our overflowing file cabinets. I winced when our move provider said we should have several “Shred Days,” imagining just how brutally that would be mischaracterized in pending litigation.

Learn More
Our Messaging is Out of Control

Our Messaging is Out of Control

Email has overrun our organization. Email servers are at capacity, and countless messages and attachments are squirreled away in PSTs. An email archive or cloud repository seems like a magic fix, but these IT solutions simply repackage the same core problem: excessive email volume coupled with a failure to manage it based on value. It’s unclear what types of email are record-worthy and, if so, what retention rules apply. We keep non-record email for years, without any legal requirement or business need.

Learn More
We’re Insecure about Our Data Security

We’re Insecure about Our Data Security

We know we have data that needs protection – employee and customer personal information, and also confidential business information and trade secrets. Our IT group says that they have things under control, but that’s just for our network systems. What about all the ways that data can be compromised without our network controls noticing – a mistaken publication, an insider threat, a lost or stolen device? And what about our sensitive data in the custody of our service providers? Our regulators are cracking down on data security, and I’m not confident that we truly understand our risks or have adequate security policies and controls in place.

Learn More
We’re not Ready for a Data Breach

We’re not Ready for a Data Breach

Our IT Security group is top-notch, with a computer incident response plan and team in place. But that merely covers IT Security activities for detect-contain-eradicate-restore. When – not if – we have a true breach, we’ll need to quickly and simultaneously handle many activities way beyond the role of IT Security, such as internal investigation; forensics; legal review of breach notification requirements, service provider responsibilities, and exposures; assessment and triggering of insurance coverages; law enforcement coordination; stakeholder reporting; notifications of regulators and individuals, and HR repercussions, among others.

Learn More
How We Govern Information is in the Spotlight

How We Govern Information is in the Spotlight

Our internal auditors and our board are showing increased interest in just how exactly we are managing and protecting our data.  In previous years, questions were usually cursory and in reaction to some specific event or issue.   But now, these groups are taking a more holistic view of data as a corporate asset that must be identified, controlled, and protected … and this time, they are serious.

Learn More