Unstructured documents are the gorilla in the room in every conversation about compliance, or for that matter, data classification in general. In most companies, there’s a lot of sensitive information in spreadsheets, Word docs and the like, scattered about on client machines and network drives. Is it retained, protected and auditable? Heck, can you even make a list of all these docs? Probably not.
In a conversation with Brian Babineau, a senior analyst at Enterprise Strategy Group who talks to a lot of IT folks, as well as vendors, Brian mentioned to me that he’s hearing that a lot of IT shops are turning to Microsoft’s SharePoint as an easy unstructured document repository. I find this both believable and puzzling. Believable because it’s close to free for many large Windows customers and puzzling because, as a user myself, I’ve found its access controls to be rather blunt. Of course, that’s all a simple matter of programming, ultimately, but then, if SharePoint is the quick and dirty winner, who’s going to do that programming?
I’m interested in hearing from all of you about whether SharePoint has a place in your compliance plans, whether you’ve rejected it in favor of something else, or what else you are considering. In fact, are you paying much attention to unstructured docs at all at any level, except file server backup?
Leave your comments below. And check out my conversation with Brian Babineau on the infrastructure for compliance — it’ll be up March 10. As well, he will be doing a more thorough webcast soon going into detail on how to weave a compliance infrastructure out of the best parts you already should be using for other reasons.