5 Steps to a Successful Collaborative Data Governance Policy
by Aware HQ
Tackling your collaboration ecosystem isn’t a task you should face alone. Follow our five simple steps to take charge of your digital data, together.
It’s easy to become overwhelmed by the digital exhaust created by collaboration platforms. With the rapid shift to remote work, many organizations failed to proactively address information governance for the digital workspace. Legal and regulatory demand has now made safeguarding this data a matter of necessity. And that means developing a collaborative data governance policy with stakeholders across the enterprise.
Follow the five steps below to take charge of your collaboration data. Then download our whitepaper to get even more insights and useful worksheets.
Step 1: Understand Your Collaboration Ecosystem
Even before the pandemic, 91% of organizations used at least two collaboration tools. During the pandemic, shadow IT use rose 59% as employees sought out the most effective ways of getting their jobs done.
Collaboration doesn’t only reside in dedicated software like Slack, Microsoft Teams and Yammer, or Workplace from Meta. It also exists in Zoom Chat, Box Notes, Dropbox Paper, GitHub, Atlassian, and so much more. Software integrations happen at the click of a button. Messages, revisions, and even whole documents can be passed back and forth from inside and outside the enterprise.
Getting to grips with the full scale of your software ecosystem is an essential first step to successful data governance. Understanding what technology your employees use helps you make informed decisions about what should stay and how it should be managed.
Step 2: Roundtable Requirements for Collaboration Software
With clear oversight of your collaboration ecosystem, review your organization's requirements. What functionality do employees need from collaboration tools? What limitations are required for legal and regulatory purposes? And how do these needs fit into your operational budget?
Each stakeholder can bring different requirements to the table. Legal may be concerned with eDiscovery, and InfoSec with DLP, for example. Understanding these needs will help narrow down the best choices for your organization.
For each requirement, identify the current admin. How would a consolidated platform affect their workflow? Gaining the support of key stakeholders is essential to implementing the right software to meet organizational need.
Step 3: Audit Legacy Vendors for Data Governance Policies
Creating a comprehensive data governance policy requires looking back as well as forward. Where does data currently reside? Auditing legacy vendors may produce surprising results. For example, Microsoft Teams might look like a single dataset but it’s much more complex thanks to extensive O365 integrations.
Many vendors offer some support for records retention, eDiscovery, compliance, moderation, and DLP. Administrators may believe these systems are controlled and optimized, but many have blind spots that expose unnecessary risk.
Key questions to ask include do the platforms enable granular permissions? Is data converted during storage, thus losing critical context? Can searches be conducted by keywords and filters, not just custodian? Do backups happen in real time or are delays built into the system that allow modifications and deletions to slip through the cracks? And finally, does the platform allow third-party connections to tools that don’t have native risk-management tools?
Step 4: Review Purpose, Scope, and Impact of Collaboration Tools
Establishing oversight and defining stakeholder requirements is a good start. However, before committing to any changes it’s beneficial to clearly articulate the business requirements for the project.
- Purpose: The end goal
- Scope: The platforms and software affected by the plan
- Business impact: Cost savings, risk mitigation, and other efficiencies
Documenting these elements helps align stakeholders around predicted outcomes. It also makes it easier to present the project to leadership.
Step 5: Take End Users into Consideration
Effective data governance requires granular controls that safeguard information and limit access. First, that means identifying the users that will manage the data. Then establishing permissions sensitivity.
Consider who needs access to the data. How can granulation be adopted? And what new processes will help manage ongoing information security? Defining these roles in advance creates good practices in the future, safeguarding your data through successful governance policies.
Taking charge of your organization’s collaboration ecosystem is a team sport. Involving stakeholders from across the enterprise provides the best opportunity to establish meaningful data governance strategies that really work.
Download our whitepaper on managing the chaos of collaboration data governance to get more insights and useful worksheets.