There are now more than 20,000 laws world-wide that regulatehow companies must protect, retain, and secure information. These laws are often complicated, and sometimes even contradictory. These rules often must be applied to all data types regardless of the application. In many cases, information cannot even leave the country in which it was created. Additionally, companies themselves are seeking to put in place policies for data retention and disposition in an effort reduce their own risks.
It sounds complicated and it is. But, it gets worse. Most companies have hundreds of home grown applications, file shares, and records repositories; not to mention Email and ERP applications. If that isn’t enough, most large companies today operate globally so they must be compliant with many unique local regulations.
OK. If a typical multinational company operates in 50 countries and had to apply just 50 regulations and 10 corporate policies across 100 data repositories (applications) the simple task would be overwhelming. They would have to process upwards of 300,000 unique rules!
So how do companies deal with this complexity? The fact is that I believe that most don’t. This is an almost impossible problem in most current IT environments. To solve the problem I believe we will fundamentally need to change the way we look at information. The secret is decoupling information from individual applications and creating unified and federated content repositories where rules and policies can be applied regardless of the application. The simple math is that, by unifying the repositories in the above example, the number of total rules drops by a factor of 100.
This does not mean that all of the data moves to one big archive or repository. On the contrary, much of the content created must to remain in place. Federation, simply means that there is a uniform way to set data taxonomies and data policies so that requirements can be applied in a simple and uniform way.
Look at it this way; imagine that every state in the US or country in the word had completely unique road signs – so different in fact, that is was impossible to drive from one state to the next without learning a whole new set of rules. But it get worse, imagine every car you drove had a different measure for it speed. This is what we face today. With common taxonomies (in this case road signs and gauges) universal and local rules can be easily applied and there is a consistent understanding of the data. Companies today are faced with a similar information challenge. The key is to first build common taxonomies and then to build policy.
You will see that our efforts relative to information compliance focus on our core strategy of first building a common information taxonomy framework. This is the secret to taking this incredibly complex problem and cutting it down to size. With an information compliance strategy and an cross-application information infrastructure I believe customers can what is today a liability into a competitive asset.