The Content Manager

We’ve established background regarding content management.  Let’s introduce one more important thing:  a content manager in the form of a qualified person.  Increasingly, Content Managers (or if you prefer, Records Managers) are operating within a certified discipline.  Most if not all of the standards regarding the general duties of a content/records manager are detailed on the web.  Organizations that are about to embark on a full-scale content management solution and system should hire or delegate a content/records manager at the outset of the project.  This person also is a logical choice for this project’s selection as project manager.  As with all projects, make this selection carefully: It is this person who will drive the organization’s qualification for selection, implementation, and use of a system.

 The “System” of Content Management

Instituting management of content where there has been no real management is a daunting challenge to most.  There are so many forms of content, in so many differing structures, in so many different places, within the authority of so many different individuals and departments: Yet, if we can understand one area, we can understand them all.  The principles are the same. 

Let’s gain an understanding for the management of unstructured electronic document content first (your word-processing documents, spreadsheets, presentations, and any other unmanaged electronic, unstructured, data).  This is an area that most organizations tackle first – and, an area that is frequently most in need of control.  We can say that unstructured electronic documents take this priority because, conversely, structured (database related) content is at least managed to the degree of their native applications. 

We can also afford to prioritize electronic documents over hardcopy assets in most cases.  This is because there is a comparative advantage regarding hardcopy content:  ordinarily, it at least exists where you can see it.  Because hardcopy content is physical, you have a better chance of at least sensing where common subject matter exists.  We can point to a file cabinet and declare:  “Those are accounting records.”  And, “There are more accounting records over there in those cabinets.”  It is more difficult to do the equivalent with electronic data. 

Our understanding of the methods employed for unstructured electronic documents – and lessons learned – then position the organization to effectively take on other areas of content, in-turn.

Electronic Document Management – A System of Control:  Think of content management as an establishment of control over data by enriching it.  We enrich data by assigning information “tags” to individual electronic content – to individual files.  These tags mark the file according to what it contains – that is, according to its content.  Once tagged and so marked, an associated application system can grab and assemble that data with other data.  This enables and simplifies our research of data; and enables our ability to report on data for administrative purposes.  This tagging (enriching) of data is effected through the assignment of metadata to the individual document files.

Metadata has been described simply as data about data.  This is a great definition for our purposes.  Metadata tags are based on the subject matter and other general attributes of the specific document’s content, and can include such information as:

      – Document Title

      – Category (or Categories; based on Taxonomy)

      – Author

      – Abstract or summary info

      – Access (permissions)

      – Usage history

      – Keywords (dates, places, individuals, etc.)

      – High-value concepts

      – Disposition date (archive and/or destruct triggers)

The real power comes when metadata is automatically applied to documents, records, web content, and other digital assets according to a schema, or template.  Various templates contain prepared metadata for each condition of content in your organization, according to policy.  These prepared templates are then assigned to electronic workspace folders – much like those already in your network environment. 

When you create content, and file it in a relevant folder based on content’s subject matter, the metadata is automatically applied to that document.  A dialog box with default descriptive (enriching) information tags pops up.  The document’s creator accepts the metadata as is, or can manually edit specific fields of metadata.  Once accepted, the metadata is tagged to that document, and it becomes managed content.  When we query data based on content-criteria that is available through this metadata, we receive all relevant documents which satisfy our query – in a fast and comprehensive way.  The structure that supports the linkage of metadata templates to folders, and which supports all other action and reporting utilities within the managing of content, is a data Repository. 

The Repository:  The Repository is a component part of the vendor-delivered, overall content management solution.  User action is taken on data through their normal native applications – a word-processing application in the case of a word-processing document, for example – but with the added benefit of the Repository’s control and enhancements to data (such as the metadata tagging).  Further, an allied Content Management software application accesses the Repository to perform content management and administrative functions – such as finding, reporting on, and taking disposition on content.   

Various vendors may have differing names for it, but essentially a Repository is a vessel for data.  As desired, it can mimic your current network structure of folders and permissions.  This way, it will present a familiarity to users as they negotiate for files, and save new files.  In this regard, the Repository is relatively transparent – but it brings with it several very important utilities.  The Repository represents the achievement of a specialized, central, storehouse of data.  It not only will have a similar structure of filing as a network hierarchy, the Repository will facilitate proper filing and control of new content as it gets created, according to subject matter.  It manages data’s security.  It maintains and facilitates reportage and action on data so as to enable oversight.  It does this in a very efficient way, removing this burden from the content’s creator and the organization at large.  The Repository is the key by which content can be found, accessed, used, repurposed, reported on, and actioned for administrative oversight.

IT security in any realm involves logical security and physical security.  Logical security is the integrity of data (content), precision of associated processing, and the delivery of coherent, accurate, content.  In other words, data that reflects reality; data that does not mislead or distort various actuals by virtue of distortion/errors of input, process, and output.

Physical security is such things as locked doors on computer rooms.  It’s the safety and surety of infrastructure; protection against overheating, for example.  Physical security is often mundane; don’t set your coffee on a server, for example.

Mobile is especially vulnerable within the realm of physical security.  Devices are constantly transported, their owners on the go, and they can be lost or stolen.  Ensure that users make immediate reportage of loss or theft.  Consider strong encryption, as any content risks exposure.

As to logical security, determine whether users access organizational resources via a virtual-private-network (VPN), or the internet.  Also, ensure strong malware protections are emplaced on devices.

In BYOD environments, that last is especially important:  It’s hard to know where users will be surfing, and what manner of personal downloads will be transpiring.  Regularized scanning for viruses, malware, and unauthorized intrusions is imperative.

Whether incorporating mobile as a formal addition to your business enablements, or in merely granting access to personally-owned devices, be certain to set expectations up front.  These should include adherence to proper security protocols.  Be aware that many users feel that mobile devices, whether company or personally owned, represent a certain informality in terms of use and communications.

It’s the nature of the beast:  These devices lend themselves to a certain “rounding” – abbreviations and the compacting of words that would never be tolerated through other means:  the support of texting; IM’ing; “friending;” Twittering, etc.

Too, there is the ready “firing off” of communications without the appropriate distance (time) for review.  Ensure that business communications remain… business-like.  You should train for caution, and for adherence to that standard.

Also remember to train staff in troubleshooting measures.  When important business is being conducted through mobile, device-unavailability can put a real crimp in operations.  Oftentimes routine problems can be overcome with simple guidance.  Users should be able to examine connectivity issues to include setups, the verification of account info such as user ID and password, and they should have ready-access to a support desk.

 

I was speaking with a colleague and friend yesterday.  He’s just left an organization in the outlying Washington, DC Metro area for a larger one directly downtown.

My friend is about as savvy as they come regarding computer use, online peril, and so-called netiquette.  But surprisingly, he doesn’t know what the Acceptable Use policy is at his new organization, or if they even have one.

He did know the situation at his former place of business:  They most definitely didn’t have one.  The place was a mess in terms of Content Management, Acceptable use, Security, and other formalizations, expectations, and just simple courtesies of informing workers about standards, adherence, and expectations.

But this new place is supposedly a little more refined, larger, has a bit of longevity, and certainly should know better than to be remiss about standard policies – to say nothing of a prudent survey for budding challenges and timely considerations of those – in establishing and evolving policies in match.

I don’t know about you, but I like knowing what’s allowed, and what’s not, and I like remaining squarely within best practices and operational principles in not only leveraging systems and access to best business outcomes, but also leveraging that for best protections.  Call it general business surety.

The overwhelming majority of people (at least in this readership) want to do the right thing.  People are interested in:

   1.  Remaining outside the sphere of trouble. 

   2.  Upholding and bolstering their organization’s reputation through solid

         contributions and deliveries.

   3.  Remaining within safe and sure business, and allied technical operations.

Organizations, for their part, must perform due diligence for states of security – inside and out – and keep policies up to date.  Any workforce is entitled to know its organization’s stance regarding threats and protections, and the position of those to the organization’s vulnerabilities.  They then must be made aware of the subsequent bouquet of policies, procedures, schedule of training, and pro-active notifications – all in service to thwart of threat.

Business should have their IT department survey for what other organizations are doing:  Orgs of your similar size; in your market; in your geographic area.  It’s a start.  Begin to determine what low-cost/no-cost protections can be mounted inside, by institution of appropriate behaviors and practices.  Then, forecast (budget) what protections need to be mounted through the help of solutions-providers… vendors. 

If you don’t have budget presently, at least get the markers on a 5-year plan or something similar.  Whether you’re on the “business” side or “IT” side of the equation, you can also write tangential position papers regarding future’s streaming challenges, with the matching answer to them.

But whatever you do – don’t remain vulnerable.  Be fully informed, reasoned, and straightforward in making any gaps and concerns known.

On this day (Sep. 1^st):  In 1858, the first transatlantic cable failed after less than one month.  If at first you don’t succeed…