A few years ago, Qinetiq, a leading defence company, built a small unmanned aircraft to take pictures of its hot air balloon record attempt. The engineer responsible for the airbag that would cushion the miniature aircraft on landing was so thrilled with his revolutionary design that he decided to submit it for patenting. All went well until a routine review of the company’s paper archives revealed that a near identical design had been created in the 1950s by the engineer’s grandfather.
There is an important lesson here about the need for effective information management. It should never be difficult for employees to access the knowledge stored within their business, preferably before they repeat work previously undertaken. In a seminal 2001 research paper, the high cost of not finding information, industry analyst IDC said that knowledge workers can spend up to 90 per cent of their time recreating information that already exists in their organisation.
Indexing securely stored paper archives or scanning paper documents for easy search, retrieval and analysis can help companies mine their legacy information for knowledge and insight. Digitised documents can be subjected to modern data analysis techniques, or investigated alongside digital records, revealing things that could have taken years, or cost a fortune, to discover another way.
Businesses need to make that they take care of their paper documents, know where to find them when they need them and understand how to extract the value from the information. For many firms this can seem easier said than done.
When businesses keep their paper on site in the office, they’re often store it in an inappropriate environment such as a damp basement not suitable for long-term paper storage. Personnel changes often result in lost knowledge of what documents are filed and where, making it hard to find critical information at short notice. The reality with paper on site is that over times it is inclined to get lost, damaged or destroyed. Job changes, mergers and acquisitions, company restructurings and office moves can mean that vast volumes of information disappear or end up archived away and forgotten. Fragmented supply chains can mean that information ends up spread across companies and individuals.
The Saturn V rocket that launched the Apollo space missions in the 1960s and 70s was designed and built in great haste by a wide range of suppliers and engineers. Millions of documents were created including blueprints, designs, descriptions and test results. No-one ever pulled these all together into a single document repository for which one company or individual was responsible. Today, only fragments of the information can still be found. Many of those involved in its creation or use are long gone. If mankind wishes to return an astronaut to the moon, much of the knowledge would be have to be recreated.
Most companies don’t have to deal with quite such a dramatic scenario. But, faced with an ageing workforce, a younger generation of employees who change jobs with greater frequency, rapid product life-cycles and fluid supply chains; protecting information so its value is not lost is becoming a major challenge.
Where should you start? First and foremost, you need to introduce a robust, centralised information management policy that can accommodate information in all its formats and structures, and accept that this is not just something to put on the shoulders of the IT department. You need to know what you know, where it is and who is responsible for it. Make your data future-friendly. Establish an approach for converting the most valuable paper information into digital formats that can be read ten or 20 years from now, and securely archive the rest offsite. Accept that you will not be able to keep everything – and probably have a legal obligation to delete certain types of information after an agreed length of time. For the information you choose to keep, it is important to introduce easy-to-use search and retrieval processes, and to know how to extract the value of all your information.
Every year, Data Protection Day marks an important moment for organisations to reflect on what they are doing to protect and extract the value of all their information. The best innovations can come from looking at old data in a new way, so make sure yours is captured and safe. Your successors and their successors in turn will thank you for it.
Phil Greenwood, Director of Information Management & Business Outsourcing at Iron Mountain
Phil Greenwood, Director of Information Management & Business Outsourcing at Iron Mountain, is responsible for delivering information and records management solutions for some of the UK’s largest public and private organisations. He directs and runs specialist teams aligned to the sector specific requirements of Iron Mountain’s clients. With over 10 years’ experience working with UK and international records management, he is also involved with the UK Information and Records Management Society.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.