Just for the sake of variety, let’s take a breather from our discussion of content. We’ll return to it in a day or so, and further the discussion of content management, acceptable use, general security – and related policies.
An interesting concern came to me the other day in a discussion I was having with the owner of an IT startup company. He has a common concern about turnover. Now, IT personnel generally are pretty stable folks. (Hold the jokes ‘till after the presentation, please). If an organization is creating the right environment and paying fair salaries and wages, things should be relatively stable. But we have to face something:
It’s the best, most crucial, people who are at risk. They’re extremely marketable and it doesn’t take a lot of effort on their part to find employment that looks to be more lucrative.
If an organization is in a market like DC or NYC, their best people are probably fending off pitches when in quasi-business, more social, environments. If you, the reader, are one of these marketable people, you can further your organization’s stability by taking your suggestions to the table. Let’s look at what helps to retain people. Money is important, but it’s not the only thing effecting retention of people. Here’s a quick list, in no particular order:
- Education/training opportunities: This is important not only in terms of reimbursements, or paying, for training – but in terms of scheduling, and just general support and progression of employees’ abilities and opportunities. Here’s where business too can affect a more responsible forward edge for the organization – things are rapidly changing, and you don’t want to inadvertently screen your cutting-edge and forward looking employees from the training arena; people want to feel like they’re getting somewhere – and the org needs them to actualize.
- Flexible schedules: It’s a new world and younger employees in particular figure that business and access is universal – why not work from home when possible? Also, if someone proves themselves to be responsible, and wants to work four 10-hour days one week, to effect a 3-day weekend, and there are no other business inhibitors, why not? Let’s be imaginative.
- General work environment: Is your office attractive? You don’t have to have expensive furniture and original masters on the wall. Check your lighting: The office doesn’t have to have the blast of lumens necessary for a hospital operating room. Get something a bit soft; and give individual employees a choice in their respective spaces. Be particularly sensitive to “cube land.”
- Social environment: Let’s have fun. Really. Both on and off the job – but retain a professional care for positions and necessary measures of respect.
- Incentive pay/bonuses, base salaries: Oh well, it turns out that money does matter, after all. Be competitive.
- Insurance benefits: They are what they are. Again, not a lot of flexibility here – you must be competitive. But – ensure that HR is doing their job. They should be exposing all benefits, and have them make the sale: HR should be enthusiastic about pay and benefits, instilling this upon new employees’ orientations, and maintaining this positivity throughout pay and benefits updates to staff.
- Employee recognition programs: Have you seen the commercial where the boss is combining employee recognition events with business? Hilarious. The organization has to take time to let employees know that they’re important, valued, and that they’re individuals.
- Paid time off: Whatever other ideas are out there, I had a great boss (in all “business” respects) who used to do something that I loved: the award of spontaneous days off. He’d say, “Hey, why don’t you pick a day next week and goof off.” ‘Course, maybe he was just trying to get rid of me… hey!
- Retirement programs: Again, make sure HR makes these sales and that people are fully informed regarding benefits and perks.
‘Tis the season to be jolly – so get out and about at your place of work and tell someone you enjoy working with them. Whether they’re a co-worker, subordinate, boss, vendor, etc. – let’s maintain the team.
NP: Richard Thompson, Solo in New York, Hannibal LP.
I feel compelled to continue the discussion of content and its management in view of the WikiLeaks dump. A real concern of mine – and this is totally from a business-IT management/content point-of-view, it is not meant as a political statement – is a high-profile government spokesman’s comments today in a very high-profile news venue. He stated that the United States did not have to fear a guy who plunked down $35 for a web presence, with a laptop. You can Google to identify the spokesman and his exact comments if you wish – for our discussion here, it is merely a springboard… a recognition of a lagging appreciation for the accelerating environment and any content’s vulnerability within.
On the contrary, a web presence (actually, mere internet connectivity) a laptop, and a modicum of ability, are all that it takes today to create real damage. At some point, absent imaginative protections, someone is going to take an entire power plant offline – or worse – with a laptop and internet connectivity. As stated in I.T. WARS: Greater power is coming to smaller and smaller groups; even to the individual. As the size of any group is reduced – with attendant increase of power – counter-protections, debated actions, and measures of control diminish, and potentials for harm increase.
A BTW tenet: In the realm of risk, unmanaged possibilities become probabilities.
As to content and control, I believe that small and medium business must have well-articulated and documented content management (CM) policies in place, with defined measures of protection. Large business will be amending and constantly evolving their policies. In fact, a triumvirate of policies should serve the organization, all organizations, well:
Content Management – Acceptable Use – Security
Let’s save the overall Security Policy ‘till later – it’s an overarching umbrella that includes physical assets as well. All of these policies and plans can refer to one another, particularly to specific reinforcing parts. For now, let’s briefly discuss Content Management vs. Acceptable Use: Sooner or later, every organization is going to have some measure of policy for content’s management, and that measure will likely increase as time goes by. It is important to note here what a CM policy is, and what it is not – or at least in my view, what it should be, and should not be.
It is for leveraging content, exposing and reducing specific liabilities, and for taking action on content in an administrative sense: enabling access, use and leverage; reporting on; archiving; and destroying. It is not the central policy regarding definitions and expectations of appropriate use, and regarding actions taken in circumstances of willful abuse of content. Content management measures certainly do help to identify and expose abuse (as well as limit it); however, the definitions of acceptable use, abuse, and measures regarding them, will be contained in the organization’s Acceptable Use Policy.
Jumping ahead slightly, this Acceptable Use Policy details appropriate use of all business resources, tools, and assets – including information (content). Your CM policy can point to the Acceptable Use Policy (or contain extracts from it) regarding things such as the improper access, accumulation, dissemination, removal, and destruction of information. But again, content management helps us to identify and leverage content toward a positive purpose; helps to limit liability and exposure; and to take administrative action on content.
In the next days, we’ll continue the discussion, and articulate the “mechanical” components of a CM system, in order to set policy.
NP: Spencer Davis Group, Gimme Some Lovin’ (LP), original vinyl, Odeon.
[Note: If you haven’t yet, you may wish to start with “WikiLeaks: Lessons of content and its management for the organization” – then click View All Posts and scroll down to the article following; then read up for the discussion of content in its chronology ].
Reducing Exposure – Minimizing Liability: When managing content, we’re also talking about a comprehensive process that can give a central authority a ready report, at any time, on all content in your organization, according to any criteria by which they query: What is its subject matter? Who created it; who has it; who’s been using it? What is its useful life? How does it relate to and support other content? Which members, customers, staff, projects, products, services, regulations, agencies, etc. does this content pertains to? Where are versions of similar content residing? Which version is current?
Accumulation of content contributes to inefficiency: and liability for exposure: Multiple versions and drafts of documents can exist in all sorts of locations. Absent an overarching system of control, things get passed around within the organization, and saved in various user and departmental folders. You build all sorts of redundant, near-redundant, and ultimately erroneous data. Near-redundant data comprises records and documents that have various locations of storage (whether electronic or paper), with various dates of update and various inputs at various times – the resultant scatter of storage is always for some individual’s or group’s “convenience.” However, it is distinctly inconvenient… its dangerous… for the organization.
Further, there often exists content that was created by persons who have left the organization – there may be no one who can readily answer whether the content is correct. Outdated content, or content whose value is murky, should be weighed against some standard in order to determine its disposability. At the very least, it should be evaluated for archiving and removed from the active environment, in thwarting a glut of suspect information.
So, content management goes beyond eliminating “glut,” and yields the possible exposures (liabilities) that certain content may represent. For example, your organization may have all manner of outdated business policies, stored in various departments, which may be based on expired outside law and regulation. You wouldn’t want anyone taking action within such policy that no longer applies. How can you be sure that everyone is operating on the most recent issue of organizational policies? Another example may be emerging client relationships: relationships to you, and their relationships to other agencies. How do you best disseminate breaking information throughout the organization? How do you ensure it’s received? How do you ensure it supplants the old? How do you remove the old?
We’re driving toward a CMS: a Content Management System (whether supported by a formal applications solution – with attendant policy, training, and use – or, where budget constrictions exist, a simple reliance solely on policy and its influence on content, again leveraged through training and expectations for the handling of content. That too represents a “system”).
But before we get to that, let’s examine an area that often presents some confusion for Business, as well as IT… in particular, the small and medium business arenas – where a CMS is becoming a crucial component. That confusion involves two key, related, policies: Content Management vs. Acceptable Use.
November 30th: On this day in 1866, work begins on the 1st U.S. underwater highway tunnel, in Chicago.
In view of the recent WikiLeaks leak (WikiLeaks: Lessons of Content and Its Management for the Organization), we recognize that content is a protected resource – just as any resource deserves – demands – protection. Content is a crucial business support and enablement – that’s an understatement.
We spoke yesterday of a scrambled jigsaw puzzle – whereby the pieces reside in various departments, in various physical locations – perhaps all around the world. We spoke of pulling a master, interwoven, thread – an authority pulls that master thread, and all the pieces come together to form as complete a picture as the moment allows: a 100% collection of parts with corresponding context and fit to the other parts.
That is a large part of what content management delivers to business. It can be the assembly of information regarding something in process, such as status that reflects a true moment of progress. How many projects go off track not because of lack of resources, planning, or effort – but rather, teams and individuals who suffer a certain silo’ing – awaiting crucial information regarding installation, the “go-ahead,” of their respective pieces of the puzzle? When can certain elements be implemented and enabled? It’s often the most minor efforts, the easy things – holding a couple lines of code in abeyance in the absence of project information and control – that have a ripple effect downstream. This compounds and cripples efficiency.
Naturally, it can be something totally mundane. It can be a search for relevant supporting content when mounting a new initiative. It can just be general research within your assets.
What’s important to recognize is that you need, deserve, the complete, best, picture of the situation according to all assets, according to the moment. When we achieve this system of confidence, we gain enormous efficiency and leverage by using, sharing, reusing, re-purposing, and assembling content by optimizing its formerly hidden business value.
But… what about control? Protection? Content, as we’ve just observed on a National stage of maximum drama, also represents enormous liability…
NP: Norah Jones, Sinkin’ Soon [ I’m busted… it’s online; it’s digital - but it's good. I’ll cleanse my palate later with vinyl, rest assured. :^ ) Maybe it'll hafta be Kind of Blue - Miles. Original Columbia. Yeah. ]
I’ve struck a nerve in this discussion of content, (WikiLeaks: Lessons of Content and Its Management for the Organization) judging by some e-mails I’ve received. I know there are a number of IT leaders who struggle with their organization’s lax attitude regarding content control. Let’s keep this discussion rolling…
Beyond mere accountability, however, the modern and evolving discipline of managed content is more sophisticated and powerful than anything previously established. Beyond “Wiki-proof,” we make content searchable and relevant to people in powerful new ways, in support of projects and disciplines within the organization.
We find supporting and illuminating relationships between existing content that were previously hidden because there was no way to find or readily expose these relationships. We see new clues regarding markets, customers, products, services, trends, activities, and risks. As importantly, when new content is developed, we want to automate the assignment of key information fields to it so as to make this new content a part of our leveraged information assets.
Instead of being buried under an explosion of content, we explode content to splay its purpose, relevancy and value. We then snap content together with other content to form a completed picture.
Imagine this: a scrambled jigsaw puzzle where the pieces reside in various departments, in various physical locations – perhaps all around the world – with individuals and groups working the various pieces in some measure of ignorance for the efforts and work of others. We now connect all the pieces with an interwoven thread. The thread guards against loss, and identifies puzzle pieces as relating to each other, among other things. On demand, an authority pulls a master thread, and all the pieces come together to form as complete a picture as the moment allows: not part of a picture, not a picture with missing pieces, not a picture that requires recreation of missing parts that had already been created – but a 100% collection of parts with corresponding context and fit to the other parts.
Exciting? Yes – and the smart organization understands the value in this; implements, supports, protects, and rides the heck out of it.
Tomorrow: We continue.
NP: Brubeck. Time Out. Vinyl. Thorens TD-125.
Security and data breaches are overwhelmingly due to human factors: mistakes, rants, retaliation for perceived slights… and so on. In the case of the latest WikiLeaks situation, a leak of more than 250,000 State Department cables, it’s interesting to note that this isn’t a hacking situation – it’s a leak by someone from the “inside.”
I once worked at a secured information center, while a member of the U.S. Army, and my position necessitated my possession of a Top Secret security clearance. While this is not a political column, aside from occasional discussion of organizational politics, I find it almost unimaginable that someone possessing training and trust would do something like this.
But, what lessons does the latest WikiLeaks dump hold for the local organization?- that is, yours?
First and foremost, recognize that content is a resource – further, it’s a protected resource. Just as you secure computers, laptops, printers, paper, furniture, and anything else, you must secure content. It’s a bit more nebulous than the strict securing of physical objects, but nonetheless you must do it. Further, you must do it in an evolving world of threat and breach.
In I.T. WARS, I discuss Content Management in very straightforward terms: For content – information, data – you must be able to: Get it; use it; re-use it; and get rid of it – within a secured system of access and control, and with a properly trained and performing staff.
In other words:
Getting It: Having appropriate access to data, and the ability to find what you need;
Using it: Conducting business with best information; also includes creation of data;
Re-using it: Repurposing information; creating new reports from data; satisfying new requirements, departments, people…;
Getting rid of it: Archiving or destructing information upon end of its active and/or useful life. Avoiding a “glut” of information and subsequent processing burden (both systems and people).
Protecting it: And to reinforce: Ensure that your entire organization’s staff, from titular head to temp, understands your Content Management, Acceptable Use, and all security/info-related policies. It should go without saying that appropriate passwords, protected system areas, physical content containers, etc., should be enacted and maintained…
Be careful out there.
November 29th: On this day in 1877 Thomas Edison demonstrates the hand-cranked phonograph.
What comes after Black Friday?
Cyber Monday. That’s the online equivalent of Black Friday, with deals galore for the online shopper. This year, it’s expected to generate more sales than Black Friday for the first time.
I can tell you that I do almost no Holiday shopping at brick-and-mortar stores any longer; everything is done online, and it all shows up at my door. I can even avoid gift wrapping if I prefer to pay them to do it. Of course, no online retailer can match my taste and care when selecting wrappings, ribbons, and… ahh, who am I kidding?
According to the National Retail Federation, 88% of retailers will have special Cyber Monday promotions this year. This is up from 72% in 2007.
They also report that online sales for the 2010 Holiday Season are expected to reach $32.4 billion, and that is an 11% increase over last year. Further, 70.1 million people are estimated to be shopping online from the office this season for Holiday gifts.
In view of all of this, a Careerbuilder online survey reports that 21% of employers have fired someone for non-work related internet activities. 5% have fired someone for holiday shopping at work.
I got to thinkin.’ If over 70 million folks are shopping online at work this holiday season, and 5% of employers have fired someone for doing this (and we’ll assume one “fire” per employer), then 3.5 million people have been fired for doing this! Of course, we don’t know over what period of time. For the fun of it, let’s just say that it’s been over the course of… oh… a decade. That would mean that 350,000 people might lose their job this year for this! Fired – for thinking of their friends; their spouses, their lovers, their kids, their co-workers…..
As I’ve said many times: Be careful out there. If I can save just one person’s job this Holiday season…
By the way, the same Careerbuilder survey says that 50% of employers block employees from using certain websites at work. I am frankly surprised that this figure is not higher.
Novermber 28th: On this day in 1895, America’s 1st auto race starts, with 6 cars, over the course of 55 miles: The winner averaged 7 MPH.
A couple posts ago, we spoke of the importance of defining what users, what business, is allowed to do on the internet (Don’t be a blockhead: Block… or Define…). The challenge of “friending” and “businessing” on all sorts of unsupported apps and enablements is a real temptation. But what of The Cloud, and fully sanctioned solutions that are “borderless” and outside the organization’s virtual “four walls” of control?
Controlling these new circumstances may feel like you’re squeezing a wet bar of soap: The harder you squeeze, the slipperier the conditions. How the heck do you monitor cloud applications for real-time performance metrics? In shifting apps that serve business to The Cloud, you have to ensure business makes real use of, and in-turn can pivot and make real deliveries as a result of, these new ways of supporting business and what it does.
When shifting elements to The Cloud, it is presumably to save money, for one thing, and to make things shareable and easier, for another. Take some of the anticipated cost benefits and spend a little to monitor your performance in this sphere. Justify what you’re doing.
At the same time, look to capture entirely new solutions in this realm. While you do, look for solid solutions partners who can help you to mount the tools, processes and measures that track what you’re doing, why, and what the ultimate payout is to the organization. You can’t afford to fly blind in this realm.
If you’re just entering The Cloud, and most organizations are in a fairly novel realm here yet, your tools and measures are likely poorly equipped to deliver real-time data that tracks in an agile fashion what your apps and supports are doing at any given moment.
Here, as anywhere, it’s essential that you chart your course with empirical measures.
NP: Black Cat Moan – Clara Smith and Her Five Black Kittens – on original Columbia 78 rpm disc, played on a modern, Esoteric Sound, 78 rpm turntable.
What’s a poor IT leader to do? Whether you’re CIO/CTO, IT Director, IT Manager, Network Manager, Programmer, Business Analyst… or the real glue of the IT department – HelpDesk – you’re coming across more and more people doing more and more of their own thing.
You know, blending “friending” and “businessing” in the course of their day… and perhaps worse, doing it on and through apps that are… um… forbidden at worst and simply unapproved at best.
How about Business’ take on all of this? Half the time senior execs and mid-level business managers are either clueless, uncaring, or even supportive. Frequently, their shrug of “whatever gets business done,” is simple ignorance for all of the security holes and lack of accountability for content, as shared via apps that are outside the control of the organization. What of a recent, critical, online business conversation – supposedly documenting agreements and forward progressions – that went down a rabbit hole and simply disappeared? Hey, no problem, we’ve got the content right here on this backuuuuuu uhhh…….. oops, no we don’t.
Consider the plethora (ah, finally – a chance to use “plethora”) of apps for communication and share: blogger; AIM; YouTube; Skype; Twitter; MegaUpload; NewsGator, Facebook… we could go on and on.
In the case of Facebook, things are becoming a bit complicated: Facebook started as a basic “wall” that allowed posts and communication on that wall. However, it now has a chat mechanism, and an e-mail system. Further, Facebook has morphed into an applications platform, with innumerable apps – and more being developed all the time.
IT leaders, in concert with savvy Business counterparts, must identify what’s “out there”, and do one of two things:
1) Block unwanted, unauthorized, outside apps.
- or –
2) Define allowed use of specific apps and systems – by virtue of your policies and user education.
Actually, there’s a third thing you must do: Make certain that all in the organization understand that they are not to start making de facto use of apps and tools that are outside the organization’s virtual four walls simply because an individual stumbles on something, decides it looks good, and thus begins conducting official business on it or through it.
Tackle this now, before it tackles you.
November 23rd: On this day in 1848 the Female Medical Educational Society was founded in Boston
Hmmm… word comes that the Senate Judiciary Committee approved a bill that should be of concern to any website, and any content provider: It would grant the Attorney General the right to shut down offending websites with a court order if copyright infringement is judged to be “central to the activity” of that site.
Of particular concern to me is that the Combating Online Infringement and Counterfeits Act (COICA) seems to be overly broad. A site need not contain illegal content: apparently links alone can qualify a site for “shut off.” I don’t know about you, but I sometimes embed links in some of my articles, as referencing other documents and policies – most if not all protected by copyrights. It helps to reinforce my content – that is, what I’m saying – and with proper acknowledgment, that should be ok. Ok? I think it still is… but every bill generally has unintended consequences…
It’s a scary thing in creating a hammer with a very broad head – it just might start smacking the wrong things. Web censorship is anathema to probably any reader here. Certainly offended parties can go after entities that are violating copyright… right? Do we need a huge government bill, granting the AG the power to snap off websites with a simple court order to the ISP? (Which is how this will be achieved).
I don’t support piracy and illegal activity. However, I’m not alone in my concerns: this bill is garnering concern from a number of people and agencies. You can Google to find more info and what the specific concerns are, but a primary one is that parties that are supposedly in offense of this act have no real opportunity to contest the AG’s allegations for unlawful content.
In effect, we’re censoring the web without something extraordinarily important, necessary, and… American: Due process.
I’d like to link to a couple articles regarding this, but I dunno… I’m not sure the present Attorney General is tech-savvy… maybe I’ll send him a copy of “I.T. WARS”… that should help. :^ ) I think it’s safe to link to my own copyrights…
NP: Hampton – Tatum – Rich, on vinyl, Pablo label; this jazz gem is from an August 1st, 1955 session. Catch it if you possibly can.