Compliance. One little word, a million BIG headaches. Unfortunately, when it comes to maintaining compliance in the corporate stratosphere, there isn’t a simple pill you can take to make the headache go away.
So, what CAN one do to help maintain compliance? In their presentation Keep the Lawyers Off Your Back! Top 5 Gaps in SharePoint Compliance and eDiscovery, Actiance’s VP of Marketing, Trevor Daughney, and RightPoint’s Director of Collaboration, Jeff Willinger, explained some of the key compliance and eDiscovery issues with SharePoint, as well as pointed out some of the inherent gaps in maintaining proper compliance.
To begin, the gentlemen took an interactive poll of the room (PS – I am DYING to set one of these up at a future conference – very cool!) to see what the consensus was when it came to dealing with compliance in the
workplace. While there were a few lawyer lovers in the room, as you can see, the majority of folks consider maintaining compliance to be the bane of their office existence. What makes maintaining compliance such a
painful process? Trevor and Jeff pointed out five key hurdles:
1. Multiple Collaboration Environments
With numerous Facebook-like social networks popping up in the workplace (Yammer, 37 Signals, etc.), it can be difficult to manage all of these platforms. Increasingly, as time and resources are being pinched, it has been a challenge for IT departments to herd all these cats and confirm that every platform is maintaining compliance.
2. Regulatory and Data Protection Requirements
When it comes to SharePoint 2013 and compliance, one of the key drawbacks is that SharePoint out-of-the-box doesn’t offer many data protection capabilities, which begs the question: How are we monitoring and
retaining our information? Furthermore, how do we know what information is being shared with whom? As Trevor and Jeff noted, this is a key gap that most often is only filled with the help of a third-party vendor such as Actiance.
3. Downstream eDiscovery Requirements
With the number of sanctions being issued on the rise, it’s more important than ever to maintain compliance, according to Trevor and Jeff. And the numbers don’t lie. There were seven reported sanctions in 2003, whereas in 2009, this number rose to a staggering 111 cases. What does that add up to? MILLIONS of dollars were lost in fines. With time and money at a premium, maintaining compliance at all times is necessary for every organization to avoid these large, unnecessary fines.
4. Older SharePoint Infrastructure
While SharePoint 2013 shows improvements over SharePoint 2010, unfortunately, there are still several gaps and missed opportunities when it comes to the out-of-the-box data protection and compliance monitoring
capabilities. According to Gartner, while these improvements do help, there aren’t enough of them to get organizations who are currently on SharePoint 2010 to add upgrading to 2013 to their overall compliance monitoring and management strategy.
5. Archiving – Are you IN or OUT?
To close out their presentation, Trevor and Jeff looked at the practice of archiving and whether or not it was a viable method of monitoring and maintaining compliance. As they noted, there are two main options when it comes to archiving – preservation in place and an outside archive. While both are great options, they each have their pros and cons, which means it’s usually up to the organization itself to evaluate its needs and decide which option is best.