This is a guest post from Smarsh, originally seen on the Smarsh blog on October 20, 2014.
There’s so much information-sharing happening today that 76% of employees report spending significantly more time working with information and data, according to research from CEB, an advisory firm for leading worldwide businesses.
With that type of information overload, it becomes much easier for employees to (accidentally or knowingly) violate policies designed to prevent data breaches and non-compliance with communications requirements, which increases legal and reputational risk.
To protect your company from these risks, five smart practices can help you put your information governance in better order:
- Bring the right people to the table. Information risk management is a cross-functional area and will be for a while. Getting the right stakeholders and information owners involved at your company will help you create the most effective governance policies. Determine the right players and get them involved, whether they are team members from your legal, marketing, compliance, HR or other department.
- Gather information from risk takers. Look to the early adopters for guidance when rolling out a new technology—they can be your test group. For example, leading companies often draft their social media policy by gathering feedback from power users, the employees who regularly use social in their work. Power users can also help others adopt new technology and implement it within their work flows to increase productivity.
- Use principles-based communications policies. Trying to block social media, mobile devices or cloud application use with stringent corporate policies likely won’t work. Leading companies now provide extensive communications and compliance training (and even content) to help employees learn how to communicate on behalf of their company, while abiding by branding and compliance rules.
- Manage the most critical legal, reputational and compliance risks. There’s no such thing as zero risk, so it shouldn’t be a goal. Instead, focus on the most important and strategic areas of your business (or major areas of vulnerability) to implement solid information governance, and build out from there. Don’t make it too complicated, or you’ll jeopardize the ability to identify potential risks that common sense could easily spot.
- Build a supervision system aligned with your company culture. If your company’s rules include supervision and retention of email, but overlook the fact that your employees prefer to reach out to customers via text messaging or social media, it can cause big issues. Take into account what customers demand and your company culture dictates when designing rules, so nothing falls through the cracks.
Also, to give you extra confidence that nothing will fall through the cracks, consider using a technology solution to retain, review and supervise all of your company’s electronic communications. Ultimately, you’ll want to look for a system that can accommodate future methods of communication. Today’s employees like to use social media, instant messaging and text to reach out to customers, but who knows what tomorrow will bring?
For more information on Smarsh and RIA in a Box, click here.