Yes, I know -- all of this talk about private clouds can seem very futuristic to some.
In essence, though, we're talking about nothing more than the industrialization of IT infrastructure. If you're inside the IT business, it all can seem so complex. But if you're outside of IT, you might wonder "what's the big deal?".
Assuming that -- yes -- we can get our IT infrastructure to behave like other forms of modern infrastructure: telecommunications, power, water, transportation, etc. -- what lies beyond?
In my mind, the answer is pretty clear -- it's information governance.
In essence, though, we're talking about nothing more than the industrialization of IT infrastructure. If you're inside the IT business, it all can seem so complex. But if you're outside of IT, you might wonder "what's the big deal?".
Assuming that -- yes -- we can get our IT infrastructure to behave like other forms of modern infrastructure: telecommunications, power, water, transportation, etc. -- what lies beyond?
In my mind, the answer is pretty clear -- it's information governance.
A Bit Of Context
So much of the IT infrastructure discussion today is focused on the plumbing associated with applications and their delivery to users.
Information governance turns this discussion on its head -- it focused on the information itself as a source of cost, value and potential risk. It answers such questions as "who owns corporate information?" and "how do we continually optimize our information management policies to maximize value, minimize costs and avoid risks?"
The rationale for information governance as an emerging discipline is easy to understand. We usually have good enterprise governance for really important stuff like money, people, etc. Given the growing strategic importance of information, why should it be exempt from good corporate governance thinking?
Information governance is a discussion that IT can (and should) lead -- but can't own. To be successful, it needs a business voice, a finance voice and a risk-mitigation voice.
If you're a long-time reader of my blog, you'll probably remember several posts on this topic. Although it's older material, it still is relevant today. Maybe I was a bit ahead of my time :-)
So What Brought This On?
Yup -- it was an EMC product announcement.
This time, it's the new EMC SourceOne Email Supervisor. In a nutshell, it scans incoming and outgoing message traffic (emails and other forms of messaging) for compliance with corporate policies.
Discovered policy exceptions trigger workflows which trigger remediation. Everything is logged for later review and compliance auditing. Neat stuff -- I could argue that everyone needs this sort of thing.
The real question is -- will the ideal response be a single point product, or part of an integrated capability? Of course, I'm going to make a case for the latter rather than the former.
On a product level, the integration -- both today and tomorrow -- is pretty easy to see. Today, the new capability integrates with the rest of the EMC SourceOne environment, including the SourceOne Manager, the newer Kazeon-based eDiscovery suite (after all, most email gets reviewed in the context of potential legal action).
But there's more potentially waiting in the wings. RSA's DLP capabilities can extend this concept to sniff out risky information wherever it might reside. The newer Archer-based GRC frameworks can provide a "big picture" view of managing aggregate risks. EMC Ionix's ability to monitor and orchestrate infrastructure can help measure the costs and performance impacts associated with additional compliance activities.
And that's just the beginning.
The Big Picture
Today's private cloud discussions are all about making IT infrastructure a service, whether consumed internally, externally or both.
The goal is to free up resources and smart cycles to go tackle strategic IT issues that can fundamentally change how an organization creates value, minimizes costs and avoids risks. Going further, we can make a persuasive argument that implementing any form of IT or information governance is far easier and far more effective in a fully-virtualized private cloud model than the traditional, physical IT world we're coming from.
One thing's for sure -- this isn't the last time you'll hear the term "information governance".
Comments