Your Most Important Information Silos

I had the pleasure of attending Igloo Software’s annual ICE conference in San Antonio last week. The conference was very well run and held in a beautiful venue in the Texas hill country, and was something of a cross between a tech conference, a seminar on HR issues, and a symposium on the future of work. Very definitely time well spent and next year’s conference in Las Vegas will be free — Igloo’s president has even invited the company’s competitors to join the conference!

Igloo is in the business of providing a “digital workplace” — a digital destination that allows employees to get information, share information and integrate a growing variety of corporate tools like email and file sharing into a centralized, cohesive experience. One of the fundamental goals of the Igloo platform is to significantly reduce the friction that exists in the traditional employee communication and collaboration experience that relies on email, file-sharing platforms and other less-than-ideal collaboration tools. Using  the Igloo platform, employees can blog, share documents, find people within the company, manage tasks, share calendars, search for information and perform a wide range of other activities.

The ultimate goal is to improve employee engagement, which most all senior managers would acknowledge is valuable, but which too few prioritize with the resources necessary to make it happen. For example, a Towers Perrin study found that only 21 percent of employees are “engaged” on the job, eight percent are fully disengaged, and the rest are, at best, only partially engaged. Yet the more employees are engaged, the less likely they are to leave their employer, the lower their rate of absenteeism, the less likely they are to make mistakes on the job, and the more likely they are to please their customers — all of which results in lower costs and higher revenues.

One of the key benefits of Igloo’s digital workplace and solutions like it is the ability to reduce the negative impact of information silos. We hear lots about information silos in the context of physical repositories like email, CRM, ERP, HR systems and the like, and how these silos are proliferating as more cloud-based solutions are employed. Siloed information results in higher costs and more mistakes for activities like eDiscovery, litigation support, regulatory compliance or even just informal searches for data. Imagine, for example, conducing a Subject Access Request under the GDPR and you had 250 different silos of information to search through to find the requested information.

But what about your most critical information silos — the ones who go down the elevator shaft every night? Your employees are incredibly valuable sources of information that can provide enormous value above and beyond just what they do for your company — what they know that is not directly related to their job is also valuable. For example, what if Bob the salesman is trying to sell your company’s solutions to XYZ company. Would it be useful for Bob to know the decision influencers in XYZ that don’t show up on the organization chart and that might not have been at his introductory meeting? Maybe Alice the purchasing manager, who used to work at XYZ, might be able to provide some insight on who these influencers are. But if Bob and Alice don’t work together or even know each other, how is that going to happen? A digital destination that includes information on employees’ past experience can be the type of tool to bring employees together by breaking down the personal silos of information that we all possess.

Plus, a key value of a digital destination shared by most or all of the employees in a company is that it can bring people together in unexpected ways. For example, maybe Bob and Alice share photos of their pets or details of their river cruise down the Danube on the corporate digital workplace. That might be the catalyst that could start a conversation between the two that might end up providing useful information for Bob as he tries to sell into XYZ. At a minimum, a digital workplace enables a freer flow of information than would otherwise be possible and, hopefully, will make employees more engaged.

How to Protect Corporate Data When Employees Leave

A key part of employment – particularly in a good economy – is that employees leave employers on a regular basis. According to data from the US Department of Labor, mean turnover among US-based employees in 2016 was 23.8 percent. That means in an organization of 1,000 people, nearly one-quarter of them will quit or otherwise be terminated during a year’s time, or about 20 people per month.

How do employers ensure that departing employees don’t take important data assets with them when they leave? The answer, it turns out, is that they don’t protect against this eventuality. Our research found that for many organizations, information governance policies, practices and technologies focused on data protection are not well implemented, if they are implemented at all. This puts these organizations at significant risk from employees who either quit or are terminated involuntarily and take with them key data assets, such as customer lists, trade secrets, financial projections, or various types of intellectual property.

Here’s what we found in a recent survey:

  • In only 48 percent of organizations can HR data be relied upon to determine when someone is going to leave a company.
  • Only 33 percent of organizations are sure they can detect if an employee that has left the company is still using their access to corporate data.
  • In only 16 percent of organizations does HR take the lead in ensuring that access to data sources, devices, accounts, etc. is disabled for departing employees.
  • Only 24 percent of organizations know when third parties stop working on their systems and data, and only 12 percent know if employees or third parties are sharing access to data through the same account, bypassing any terminations processes.

There are several processes and technologies that organizations can implement that will enable them to gain visibility and retain control over their sensitive and confidential data assets, while assuring that employees are not leaving with these assets. There are a number of technologies that can be implemented to protect corporate data from exfiltration by departing employees, but a governance-based model for user lifecycle management and access management can provide organizations with a high degree of assurance that only the right employees have the right access to corporate data at the right time.

For more information about these issues, please feel free to download our white paper, Protecting Corporate Data When Employees Leave Your Company.

What Can You Do With Archived Data?

Archiving as a defensive tool is well-trod ground: it’s an important best practice for eDiscovery, litigation hold, regulatory compliance, storage management, and end-user access to content. Every organization should archive their employees’ data to ensure they can meet these defensive uses of archiving – what we call Archiving 1.0.

But what about Archiving 2.0, or a more proactive use of archived data? Here are some things you can do with your archives:

  • Investigations: The ability to extract intelligence from the content within email archives can significantly reduce the amount of time spent on investigations, such as early case assessments in advance of an anticipated legal action, an investigation about inappropriate employee activity, or an investigation about why a key customer account was lost.
  • Sales support: Communications with customers independent of a CRM system can be used to determine how sales, support and other staff members’ emails correlate with customer retention and follow-on sales. Similarly, the speed and quality of responses to customer inquiries can be correlated to sales in order to determine how best to respond to inquiries in the future.
  • Risk mitigation: Archived data can be used to mitigate risks from data breaches, employee fraud and related types of threats. Senior managers can look for employees who are more likely to commit fraud by looking for managers who are treating their employees badly, they can find employees who are communicating with an organization’s competitors, transferring sensitive files to a personal email address, or running a personal business on company time.
  • Customer service: Archived data can be useful in determining who in an organization is talking with specific customers, to whom in the customer organization they are speaking, the content of their conversations, and other relevant information.
  • Supply chain management: Another application is analyzing messaging and relationship intelligence to visualize employee communication with unauthorized parties.
  • Litigation management: Legal can use messaging and relationship intelligence to zero in on individuals or domains to understand communication trends and which individual(s) or domain(s) needs to be investigated further, enabling useful pre-trial or pre-litigation discovery information.
  • IT support: Help desks can become more proactive by conducting ongoing investigations into what employees are saying about particular applications, the goal of which is to address problems as early as possible.
  • Human capital management: An archive can be used to determine when employees are going to leave an organization and thereby minimize the impact of an employee departure.

We have written a white paper that focuses on Archiving 2.0 – please feel free to download it here.

What About a Morals Clause for Social Media?

USLegal.com defines a “morals clause” as “a contract or official document that prohibits certain behavior in a person’s private life.” Should your company have something like this with regard to what your employees say on social media, even when they’re posting content on their personal, non-company accounts and doing so on their own time?

Consider the following tweets collected late in the afternoon of January 6, 2015:

  • “Clients are always especially stupid their first week back.”
  • “Feels good to give $50 to a small company for something that fits my needs instead of stealing from Adobe!”
  • “My boss is such an idiot. Why is she Fwd’ing me emails that I am copied on”
  • “I have a problem with stupid client. in fact, Clients are all stupid.”
  • “I am sleeping with my boss and I don’t know why.”
  • “My boss wasn’t impressed by my Don Draper impersonation, specifically the drinking and smoking at work and the sleeping with clients.”
  • “This sounds weird but I drive better when I’m drunk. For some reason when I drink I can see better”

There are a couple of risks to your business that you need to consider if even one of your employees is posting this kind of stuff. First, there’s the risk that an employee is revealing that they’re doing something illegal, offensive or inappropriate. Yes, they may not be telling the truth because they’re attempting to be funny or they are simply trying to elicit a reaction, but not everyone will see it that way. An offensive or vulgar tweet, Facebook post, Instagram photo or some other objectionable content could trigger an investigation, such as the just launched police inquiry into a Scottish broadcaster and businesswoman who last week tweeted some offensive comments about Ebola patients.

Second, some of your clients and prospects are aware that these social media users are your employees. Whether these clients and prospects intend to or not, some will inextricably link your company with these employees, and the offensive content will reflect badly on your company. While few clients or prospects would make a decision about your company based solely on a rogue employee’s social media posts, it could be a factor that plays into their overall decision process, even if it’s simply a desire not to have to deal with an employee careless enough to post offensive content.

The bottom line is that you should at least pay attention to what your employees are saying on social media, even when it’s on their own time. Whether you can actually do anything about it through a moral clause in an employment contract or some other means is a matter for others to address.