Just as many organizations are trying to get their arms around new strategies and business processes for governing unstructured data, the so-called social Web is flooding them with a torrent of new types of information, making an already difficult discipline all the more complex.
In addition to unstructured content such as email, spreadsheets and documents, companies are now facing an onslaught of social media data, generated both internally and externally – for example, Twitter streams and blogs, wikis and Facebook posts. While social media technologies have the potential to foster collaboration and promote sharing well beyond the borders of a traditional enterprise, they also can transcend traditional information controls, making it far more difficult to manage and govern their use.
Perhaps even more vexing to businesses, according to analysts, is that these new data types open the door for potential leaks of sensitive or potentially damaging information, increasing risks in areas such as regulatory compliance, potential litigation and loss of intellectual property.
“Most companies are still struggling to achieve data governance on mainstream data,” said David Bowman, an information management architect and independent consultant specializing in data governance.” When you expand into these kinds of unstructured areas, there aren’t a lot of best practices out there, and in fact, you are in uncharted waters.”
Bowman and other consultants said that while companies appear to be well aware of the potential risks surrounding social media data, few are anywhere near ready to factor these new information sources into formal information governance programs. Part of what’s holding them back is not having well-established policies for managing the information their own employees generate using social media. A complicating factor is the idea that placing limits around social media usage runs counterintuitive to the premise of the social Web being an open and collaborative forum.
“The inherent value in Web 2.0 technology is dependent on a certain lack of restriction in its use, allowing people to freely and openly share information on a network,” said Barclay Blair, president and founder of ViaLumina Group, a consulting and professional services firm that focuses on information governance. “If you tighten things down and create unreasonable policies, why have the technology in the first place?”
Nevertheless, Blair acknowledges that if companies are leveraging social media platforms as part of their business operations, they must treat the resulting content the same as they would any other information asset. “If you turn a blind eye to non-enterprise technology, you will be held liable for what happens in those environments,” he said. “It only makes sense to mitigate that risk.”
Information governance and social media data: a balancing act
So, how can organizations avoid the potential risks and follow sound information governance practices without creating onerous restrictions on the use of social networks by business workers? First and foremost, analysts recommend putting together formal communication and training programs that educate users on how and why their social media activities don’t just reflect on them personally but also have wider ramifications for the business. In the same vein, companies should provide guidelines, perhaps in the form of amended computer usage policies, on what constitutes acceptable and unacceptable behavior.
At the end of the day, the analysts said, companies should take their cues from the internal business case for using social networks to determine how far to push information governance oversight – as opposed to just doing governance for its own sake. For example, some cases of social media usage might not be central to business operations and could just add unnecessary tasks to an information governance program.
“Why bother managing a tweet stream if it’s not going to affect business outcomes,” noted Anne Lapkin, a vice president of research at Gartner Inc. “You have to put information into a business context, and social media data should be no more or no less than anything else.”
But there’s no avoiding the need for governing information from social networks that is material to the business. Lapkin and other analysts said such data must be included in the large melting pot of unstructured information that with proper governance can deliver business value to an organization – and not get it into trouble.
About the author:
Beth Stackpole is a freelance writer who has been covering the intersection of technology and business for 25-plus years for a variety of trade and business publications and websites.