A Better Approach to Compliance – Pervasive Governance


Compliance easily tops the list of concerns for business leaders, regardless of industry.   To understand why, you just need to look at the headlines – fraud, theft of customer data, lost information, industrial espionage, and the disclosures from Wikileaks. The tremendous growth of information combined with increased regulation, makes it easy to see the incredible pressure organizations are under to reduce risk. Yet, 77% of organizations today still do not have enforced retention policies over their paper and electronic information (according to AIIM).

But there is an even greater set of compliance challenges affecting organizations – driven by the demands of the New User.  These “New Users” are people in the workforce who have become much more mobile, social and increasingly reliant on cloud applications to drive greater productivity and organizational responsiveness.  As a result, information no longer rests just within the 4-walls of the organization; it’s extended out to remote offices, and contractors and now SaaS-based applications. It’s stored in file shares, desktops, laptops, paper archives, portable media and out to tablets and smartphones and other mobile devices.   IT now faces the daunting challenge of balancing the benefits of this new choice computing model against the overriding corporate obligation to manage and protect information – regardless of its location.  As a result, compliance (and IT) is often seen as an inhibitor to business transformation initiatives rather than an accelerator.

These issues have fundamentally changed the compliance landscape, requiring a whole new approach to the problem – looking well beyond the repository and how information is stored.  After all, we know this better than anyone else,  Documentum has been synonymous with compliance for more than twenty years. We call this new approach “Pervasive Governance,” and it’s essentially about managing, controlling and protecting information across three critical dimensions:

  1. The Enterprise –understanding your content (its location and importance), automating its classification and indexing  and applying policies to protect it- all within the organization
  2. The Extended Enterprise – the ability is to audit, track and control sensitive information that’s going out to remote employees, and approved partners, contractors, suppliers, etc.
  3. The Pervasive Enterprise – the ability to federate the policies surrounding the content as it moves to mobile devices and the cloud – so you can manage it and protect it virtually anywhere, anytime.

We pioneered Pervasive Governance to address the broad spectrum of information compliance issues across these dimensions and have made significant investments to drive innovation in this area. We’ve brought together our best in class assets: Kazeon, xPlore search, Records retention & records management, content intelligence, information rights management, trusted content services and the Documentum server, to deliver the next-gen compliance platform.  Our unique file intelligence capability automatically discovers and catalogs content “in the wild,” analyzes it, and controls it by setting policy actions over the content.  Now organizations can understand their information at a much deeper level (within the object itself), which allows them to better audit, track, control and ultimately protect information- automatically.   This automation relieves all dependencies on end users to determine the importance and disposition of sensitive information, while still allowing them to use their preferred tools and applications to do their job, without compromise.  This transparent enforcement also allows you to operationalize compliance to substantially reduce the risk and cost of managing information.  What’s more, this level of visibility and control can be federated across virtually all repositories and applications throughout the enterprise. For content that goes outside the enterprise, we can track and encrypt information to control its ultimate access (or destruction) at any time, instantly.  This is especially important when you think about enforcing policies for situations like employee changes, changing partner relationships & roles, loss of laptops and storage media, etc.  And this same level of control can be extended to information sitting on mobile devices, as well as in the cloud.

As you evaluate your information compliance maturity level and governance checklist, it’s also important to consider the future needs of your business – especially future regulatory requirements.  Hopefully what I’ve outlined helps broaden your perspective and understanding of what’s  now possible in the area of Governance and  the level of innovation we’re applying not only to our products but also to the strategy of compliance.  We don’t believe compliance should be at odds with business objectives, but rather be an enabler as we move to a far more frictionless compliance approach as an industry at large.

Explore posts in the same categories: Pervasive Governance

Tags: , , , , , , , , , , ,

You can comment below, or link to this permanent URL from your own site.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s


%d bloggers like this: