Compliance. One
little word, a million BIG headaches.
Unfortunately, when it comes to maintaining compliance in the
corporate stratosphere, there isn’t a simple pill you can take to make the
headache go away.
So, what CAN one do to help maintain compliance? In their presentation Keep the Lawyers Off Your Back!
Top 5 Gaps in SharePoint Compliance and eDiscovery, Actiance’s VP of
Marketing, Trevor Daughney, and RightPoint’s Director of Collaboration, Jeff
Willinger, explained some of the key compliance and eDiscovery issues with
SharePoint, as well as pointed out some of the inherent gaps in maintaining
proper compliance.
To begin, the gentlemen took an interactive poll of the room
(PS – I am DYING to set one of these up at a future conference – very cool!) to
see what the consensus was when it came to dealing with compliance in the
workplace. While there were a few lawyer
lovers in the room, as you can see, the majority of folks consider maintaining
compliance to be the bane of their office existence. What makes maintaining compliance such a
painful process? Trevor and Jeff pointed
out five key hurdles:
1. Multiple Collaboration
Environments
With numerous Facebook-like social networks popping up in
the workplace (Yammer, 37 Signals, etc.), it can be difficult to manage all of these platforms. Increasingly, as time
and resources are being pinched, it has been a challenge for IT departments to herd
all these cats and confirm that every platform is maintaining compliance.
2. Regulatory and
Data Protection Requirements
When it comes to SharePoint 2013 and compliance, one of the
key drawbacks is that SharePoint out-of-the-box doesn’t offer many data
protection capabilities, which begs the question: How are we monitoring and
retaining our information? Furthermore,
how do we know what information is being shared with whom? As Trevor and Jeff noted, this is a key gap
that most often is only filled with the help of a third party vendor such as
Actiance.
3. Downstream
eDiscovery Requirements
With the number of sanctions being issued on the rise, it’s
more important than ever to maintain compliance, according to Trevor and
Jeff. And the numbers don’t lie. There were seven reported sanctions in 2003, whereas 2009, this number rose to a
staggering 111 cases. What does that add
up to? MILLIONS of dollars lost in
fines. With time and money at a premium,
maintaining compliance at all times is necessary in every organization to avoid
these large, unnecessary fines.
4. Older SharePoint
Infrastructure
While SharePoint 2013 shows improvements over SharePoint
2010, unfortunately, there are still several gaps and missed opportunities when
it comes to the out-of-the-box data protection and compliance monitoring
capabilities. According to Gartner,
while these improvements do help, there aren’t enough of them to get organizations
who are currently on SharePoint 2010 to add upgrading to 2013 to their overall
compliance monitoring and management strategy.
5. Archiving – Are you
IN or OUT?
To close out their presentation, Trevor and Jeff looked at
the practice of archiving and whether or not it was a viable method of
monitoring and maintaining compliance.
As they noted, there are two main options when it comes to archiving – preservation
in place and an outside archive. While
both are great options, they each have their pros and cons, which means it’s
usually up to the organization itself to evaluate their needs and decide which option is best.