Tag Archives: governance

Can you risk your sensitive information leaking?

Can you risk your sensitive information leaking?  Many organisations find it difficult to see the benefits from publishing standards.  I remove the barriers to show the benefits from each publishing standard in my next few posts.  Publishing standards aim to:

  • Reduce the risk of sensitive information leaks
  • Improve the overall user experience
  • Make people using your intranet more satisfied with it
  • Improve people’s productivity
  • Improve people’s quality of work

Information needs to be correctly categorised so people can access all the content they have permission to view and use. Balance the different needs so information that people can access is easily available and does not hinder their work by unnecessary logins or passwords. Your organisation must also feel confident sensitive information is not at risk.

Permissions need to be correctly set so information complies with your organisation’s Information Retention Policy. This also applies to applications e.g. HR information about pay and performance, which can contain sensitive information. The different levels of permissions needed by your organisation will vary depending on its culture and purpose.

You also need to consider at the site level as well as at the organisational level. Here owners of a site can decide who has permission to use their site for different activities. This will vary depending on the publishing tool used and the culture within your organisation.

Data Protection, particularly Personal Data and European Union rules for its use and storage, may affect your intranet systems, particularly Human Resources systems. Within the European Union, it varies on what is published about individuals and even how it is published. Some information needs permission from an employee before it can be published. For other countries it can be shown without this within the same organisation.

You need to take advice from HR and legal experts to ensure your intranet and content owners comply. Sometimes it is better to take extra time and steps to keep good employee relations and follow your organisation’s values and culture even if strictly you do not need to for some employees.

Copying any content, especially an image, photo, or multi-media file, from another website to insert on an intranet site can be an infringement of copyright unless you have permission from the copyright owner.

Benefits

Knowing that you are protecting sensitive information across your intranet gives three main benefits:

  1. People using your intranet will be confident the information they are using has the right level of permissions set and they are able to rely on who has access to any sensitive content.
  2. For you it is also important from a governance view to have confidence the correct people are using the right information. You have integrated your training, guidance and support for publishers to help establish a common understanding. This prevents sensitive information being available to people who should not permission to see it.
  3. Your organisation can be confident your intranet complies with its information security policies. The risks of sensitive information leaking are reduced which could risk damaging to its brand and reputation.

Are there other benefits you have found?  Please let me know.

In my next post I will cover content needing to be found.

Why sites keep you coming back for more

The sites I use most frequently for the latest news or to order something I want to buy or to help me with a problem e.g. travel directions are not unique sites. There are alternative sites I could choose to use but I don’t. I keep using the same ones. Why is that?

Firstly the site I keep using obviously meets my needs but if we take news sites as an example there are many that provide the latest news. It is not just that it provides me with news, there are other reasons why. A new design may be compelling for the first time and new features may also encourage me but to keep me coming back again and again it needs something more.

It is more likely to be the consistency in the look and feel; navigation to help me find related content quickly; help when I need to find out more e.g. contact the content owner so I am confident that I can rely on what I read as being accurate and up to date. In other words it is a place that is well-managed and applies some form of governance to give me a consistently good experience whenever I use it. That is what keeps me coming back for more.

When I think of some of the great internet sites I use like Amazon, Wikipedia, BBC News, it is because they also have a great governance framework which is the foundation to giving me a great experience every time I visit them. Without it these sites would miss something which would sooner or later make me try an alternative.

The same analogy that I have applied to a web site will also apply to any mobile app, intranet, digital workplace or collaboration tool. The size and complexity of the online space being managed is irrelevant. The same principles of governance will always apply. Those which are well-managed will be used more because they give a more consistent user experience and can be relied upon more to provide whatever you need.

Since 1996 when I first started my journey with intranets, collaboration tools, digital workplaces and mobile workspaces I have appreciated how important it is to have a governance framework that supports its purpose. It can be the crucial factor that causes a quicker adoption, increased usage and higher satisfaction with people to help with their work.

How to succeed with mobile collaboration

On day 2 of the WCMS14 conference I ran a workshop about mobile collaboration. People can help each other or can ask for help to collaborate. Having mobile access means you can do this whenever you need to and not have to wait any more. To achieve this there are four areas to focus on:

  1. Make it easy
  2. Manage it smartly
  3. Technology has to meet business needs
  4. Involve people with mobiles

1. Make it easy

The main point is to create an overall consistent experience for people whatever device they use. With more mobile devices than traditional PCs being sold now, organisations should put the need of mobile people first.
By removing the barriers, mobile users don’t need extra logins to be able to collaborate online. It should also be possible to collaborate while offline and the tool synchronise and update automatically.
Research with mobile users what they need most to help them collaborate online, what experience it needs to be and identify tools with the best adoption rates and understand why.

Manage it smartly

It is important that any governance is built to help people collaborate while mobile and not hinder this aim. By extending existing publishing standards to cover mobile use appropriately you continue with one governance framework. The same applies to roles and responsibilities for content and app owners as well as intranet managers.
The findability of content is critical. Having one search engine that covers all the information architecture helps to achieve this. The decision over whether you have one version of the content or app which is responsive to different designs or different versions for each size screen will depend on the information architecture you develop and on security needs.
How long is it before information become knowledge? Your answer to that will decide whether all your collaborative content stays online and is searchable or is archived after a period of time or inactivity or removed permanently. There are no right or wrong answers but you do have to decide what is best for your organisation.

Technology has to meet business needs

Make sure you have the right solution for the right business requirements. This means being very clear what you need before you start to research the technology that can meet your business needs. It will probably also mean you don’t choose the top solution, partly due to the costs, but also because it provides features and functions that you have no immediate or foreseeable need for.
Any technology for mobile collaboration bought or developed needs to be configurable and shown to work with existing systems and platforms.
You need to consider how many operating systems your organisation will support for the different mobile devices used for mobile collaboration. This needs to cover the issue of BYOD. A balance needs to be struck which may be something like x number of operating systems will be guaranteed to give a good mobile user experience and support y mobile devices. You can choose other mobile devices but you should not expect to be guaranteed a good mobile experience.

Involve people with mobiles

You should not assume what collaboration tools people with mobile devices need. You need to research their needs not just make something accessible from a mobile device and say the experience is good enough.
Involve people at the earliest stage of developing the user experience. As soon as the development is good enough for basic use it should be thrown open to mobile users to test out. They can feedback any problems or improvements that will help them to collaborate better to be acted upon.
A perpetual beta development status can be adopted for the mobile collaboration tools to avoid long delays in improvements, the need for major re-launches. Small, incremental, changes can be made quickly based on clear feedback and involvement from mobile users.
Lastly the testing can be a formal User Acceptance testing approach or more informal and open to anyone with a mobile device to use at any time. The process needs to be transparent and a playground/sandpit available where all development can be tested out. This may need IT to change its approach!

Summary

  1. Remove barriers that prevent adoption
  2. Have one governance framework
  3. Right mobile collaboration tools that meet needs
  4. Involve people who use mobile

 

Is your governance good enough for SharePoint?

I have written many blog posts on SharePoint based on my first-hand experience from developing strategies through to the full implementation of features such as TeamSites, MyProfile, etc.

One of the most common requests I get from clients is “How is the best way to manage their intranet while using SharePoint?”  This question is asked because SharePoint is a ‘big beast’ and needs a more rigorous and broad governance framework that is good enough for the challenge.

Your approach needs to consider:

  • Restricting use: stopping some features from being used e.g. SharePoint Designer
  • Encouraging best practice: making sure guidance and training are available
  • Preventing problems: checking content before it is published

Each of these approaches can support your governance strategy for
SharePoint.  The key is to understand what you need to use SharePoint for most of all.

My first-hand experience at BT and from working with clients is that well planned and managed governance is good enough to gain the benefits from using SharePoint.  It is how you approach this which is the critical success factor!

You can out more information on how to build good SharePoint governance to help you.

Is your intranet legal?

I recently wrote about how you should manage your intranet.  A governance framework based on your business requirements is a good approach to take to achieve a well-managed intranet.

Part of your business requirements will need your organisation to comply any laws that apply in any country you operate in.  A strong governance framework will help avoid the risks of non-compliance with all legal requirements in the most effective way.  It is better to look at the bigger picture and be consistent rather than have a local, fragmented, approach.

Factors you need to consider are:

  1. The impact on your organisation’s brand and reputation if it is non-compliant with a legal requirement.  Is it really a risk worth taking?  Can you foresee all the fallout from the publicity?
  2. It is not something you should just pay ‘lip service’ to.  You need to be serious about meeting not just the letter of the law but the spirit of it too.  It can have many positive benefits if approached in the right manner rather than seen as inconvenient and a hindrance.
  3. Living the values of your organisation by being able to demonstrate that employees are respected by your intranet complying with all legal requirements.  This may also encourage people to join your organisation rather than a competitor.

My first-hand experience and from working with clients is that intranets that are  legally compliant by using best practice examples have a positive impact on your organisation and your intranet role.  It is how you approach this which is the critical success factor!

You can out more information to help your intranet avoid the legal risks.

How to manage your intranet

After you have developed a clear intranet strategy as explained in my post ‘How to develop an intranet strategy‘ you then need to follow this with an implementation plan, publishing standards and a governance framework.

While every intranet is different there are some common factors that need to be considered so your intranet supports your business requirements:

  1. The size of your organisation will affect how you manage your intranet.  If it is based in one location and you know everyone by their first name then it is likely you can manage your intranet on your own.  If it has many thousands of people in many locations you will need a different approach and involve other people to help you manage your intranet.
  2. The type of organisation will affect how you manage your intranet.  Is it streamlined on administration, informal decision-making?  Or is it more formalised, committee driven, when making decisions on how publishing standards and intranet roles and responsibilities?
  3. The culture of your organisation will affect how you manage your intranet.  Is it a very top down, command and control, culture with feedback discouraged?  Or is it more open, democratic and consensual?  Whether it is either or a mix of both will influence your approach to managing your intranet.

My first-hand experience and from working with clients is that intranets can be managed well no matter what size, type or culture your organisation has.  It is how you approach this which is the critical success factor!

You can out more information on how to manage your intranet to help you.

Chaotic or consistent: What is your intranet experience?

I recently wrote a guest post on how you can change a chaotic intranet experience into a more consistent and better experience.  I showed how a governance framework that has roles, responsibilities, and publishing standards that are implemented smartly can encourage people to use the tools and information more frequently and deeply with consistent design, features and structure.

You can read ‘Chaotic or consistent: What is your intranet experience?’ here.