|By Jeremy Thake||
|February 25, 2013 08:00 AM EST||
If you've missed any previous part of this blog series, you can read them here.
When people think of "compliance" from a Microsoft SharePoint perspective, it can mean a lot of things to a lot of different people. Every organization will have different considerations for compliance: Essentially, which regulations they need to comply with according to their specific industry vertical, including HIPAA/HITECH, DOD 5015, Section 508 and WCAG 1.0 and 2.0.
There are two main drivers for compliance I see in organizations for SharePoint, due to the risk of non-compliance and subsequent legal and financial penalties:
- Records Management
- Legal e-Discovery
In my post last week on governance and discoverability, I focused on the typical stories I hear around people not being able to find content they need. Compliance takes this a step further, because legal teams and records managers require that the content be available for years to come.
Being in Manhattan, I work with a lot of large financial organizations and one of the most important requirements involves tracking "Regulated Users" activity in SharePoint. These users - based on the sensitivity of their work - are required by law to be tracked for all activity within SharePoint. At any point in time, a court of law can request the organization provide evidence of what content that user has accessed, created, or modified in SharePoint. In the industry this process is called the e-discovery process, and it is essential that the business expectations are set of:
- How you obtain information for the courts.
- What information you will be able to provide.
- An estimated time of delivery for the promised information.
The out-of-the-box auditing features in SharePoint 2010 have some key limitations in this space, specifically regarding the storage of this data over a prolonged period of time (most acts seem to be approximately seven years) as well as the ease of producing a report of an individual user's activity and attached content. The most common format followed by customers with whom I work is Concordance, which is supported by LexisNexis. But more importantly, from a content perspective, the attached content should be exactly what the user viewed, modified, or created at that point in time so versioning here is the key. This can prove hard for wiki pages that have dynamic web parts, and therefore will always render the real-time information rather than the point-in-time information (e.g. a weather web part or stock web part). Consequently, it is important to set the expectations with all involved with this issue as soon as possible.
The legal holds capability of SharePoint 2010 is also required when providing information to the courts concerning records. Although legal holds can be applied to individual documents, there is no easy way of setting legal holds on multiple documents based on reports generated on a user as part of the e-discovery process. The common issue I see with our customers is that business users often assume that this will "just work" and have experienced this streamlined approach in other records management systems. So records managers and those involved in the e-discovery process will have to be aware of this in order to set the proper expectations.
With the business requirement to maintain content to be discoverable for the e-discovery process, a suitable archiving policy needs to be put in place to manage the growth of content within SharePoint. It is important to understand which content is required to be maintained in SharePoint for compliance perspectives, and which content can be archived out of SharePoint to reduce storage consumption. Customers I speak to often struggle with how they plan for growth, especially when maintaining versions of documents. A customer spoke to me recently who said that they had one document with 90 versions which took up 8 gigabytes (GB) of storage space, essentially because SharePoint does not store differentials of files and each version is a complete file. Any "save" command in Word for instance, would mean a new version of the document. It is essential that the planning of the information architecture takes into account the configuration of Lists and Library version settings to be consistent across the environment - and not all these scenarios - unless it is necessary. The best approach to mitigate this is to store all Major versions, but only a set amount of Minor versions and train and encourage users to create Major versions when distributing to other users.
SharePoint is not always the only content repository within an organization, as we talked about in a previous blog post which homed in on appropriateness of content in SharePoint. To reiterate from a compliance perspective, in my experience I have seen customers' concerns around particular sensitive data being stored in SharePoint when it should be stored in other repositories. It is hard to enforce out of the box that users follow the guidelines on where content should go depending on the type of content it is.
From a usability perspective, SharePoint 2010 added many improvements by stating WCAG 2.0 AA compliance. In my experience at customer sites, although organizations are required to obtain Section 508 compliance, the business is not driving this as a priority over other issues mentioned above. In my opinion, I believe it will take a few public financial penalties set out by the courts around Section 508 to drive this requirement. To reach full compliance on Section 508, however, would take significant effort and expertise by modifying how SharePoint 2010 renders.
Edward Cedeno, Product Manager here at AvePoint, has also recently written a related post on Risk-Based Approach to FRCP Rule 26(f) Compliance with DocAve.
The IoTs will challenge the status quo of how IT and development organizations operate. Or will it? Certainly the fog layer of IoT requires special insights about data ontology, security and transactional integrity. But the developmental challenges are the same: People, Process and Platform. In his session at @ThingsExpo, Craig Sproule, CEO of Metavine, will demonstrate how to move beyond today's coding paradigm and share the must-have mindsets for removing complexity from the development proc...
May. 28, 2016 07:00 PM EDT Reads: 1,950
SYS-CON Events announced today BZ Media LLC has been named “Media Sponsor” of SYS-CON's 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. BZ Media LLC is a high-tech media company that produces technical conferences and expositions, and publishes a magazine, newsletters and websites in the software development, SharePoint, mobile development and Commercial Drone markets.
May. 28, 2016 07:00 PM EDT Reads: 3,571
SYS-CON Events announced today that ContentMX, the marketing technology and services company with a singular mission to increase engagement and drive more conversations for enterprise, channel and SMB technology marketers, has been named “Sponsor & Exhibitor Lounge Sponsor” of SYS-CON's 18th Cloud Expo, which will take place on June 7-9, 2016, at the Javits Center in New York City, New York. “CloudExpo is a great opportunity to start a conversation with new prospects, but what happens after the...
May. 28, 2016 07:00 PM EDT Reads: 1,241
SYS-CON Events announced today that Alert Logic, Inc., the leading provider of Security-as-a-Service solutions for the cloud, will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. Alert Logic, Inc., provides Security-as-a-Service for on-premises, cloud, and hybrid infrastructures, delivering deep security insight and continuous protection for customers at a lower cost than traditional security solutions. Ful...
May. 28, 2016 06:45 PM EDT Reads: 2,850
SYS-CON Events announced today that MangoApps will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. MangoApps provides modern company intranets and team collaboration software, allowing workers to stay connected and productive from anywhere in the world and from any device. For more information, please visit https://www.mangoapps.com/.
May. 28, 2016 04:30 PM EDT Reads: 901
WebRTC is bringing significant change to the communications landscape that will bridge the worlds of web and telephony, making the Internet the new standard for communications. Cloud9 took the road less traveled and used WebRTC to create a downloadable enterprise-grade communications platform that is changing the communication dynamic in the financial sector. In his session at @ThingsExpo, Leo Papadopoulos, CTO of Cloud9, will discuss the importance of WebRTC and how it enables companies to fo...
May. 28, 2016 03:45 PM EDT Reads: 2,537
The IoT is changing the way enterprises conduct business. In his session at @ThingsExpo, Eric Hoffman, Vice President at EastBanc Technologies, discuss how businesses can gain an edge over competitors by empowering consumers to take control through IoT. We'll cite examples such as a Washington, D.C.-based sports club that leveraged IoT and the cloud to develop a comprehensive booking system. He'll also highlight how IoT can revitalize and restore outdated business models, making them profitable...
May. 28, 2016 02:00 PM EDT Reads: 2,923
In his session at 18th Cloud Expo, Bruce Swann, Senior Product Marketing Manager at Adobe, will discuss how the Adobe Marketing Cloud can help marketers embrace opportunities for personalized, relevant and real-time customer engagement across offline (direct mail, point of sale, call center) and digital (email, website, SMS, mobile apps, social networks, connected objects). Bruce Swann has more than 15 years of experience working with digital marketing disciplines like web analytics, social med...
May. 28, 2016 02:00 PM EDT Reads: 1,364
IoT generates lots of temporal data. But how do you unlock its value? How do you coordinate the diverse moving parts that must come together when developing your IoT product? What are the key challenges addressed by Data as a Service? How does cloud computing underlie and connect the notions of Digital and DevOps What is the impact of the API economy? What is the business imperative for Cognitive Computing? Get all these questions and hundreds more like them answered at the 18th Cloud Expo...
May. 28, 2016 01:00 PM EDT Reads: 2,339
SYS-CON Events announced today the How to Create Angular 2 Clients for the Cloud Workshop, being held June 7, 2016, in conjunction with 18th Cloud Expo | @ThingsExpo, at the Javits Center in New York, NY. Angular 2 is a complete re-write of the popular framework AngularJS. Programming in Angular 2 is greatly simplified. Now it’s a component-based well-performing framework. The immersive one-day workshop led by Yakov Fain, a Java Champion and a co-founder of the IT consultancy Farata Systems and...
May. 28, 2016 11:00 AM EDT Reads: 4,051
Customer experience has become a competitive differentiator for companies, and it’s imperative that brands seamlessly connect the customer journey across all platforms. With the continued explosion of IoT, join us for a look at how to build a winning digital foundation in the connected era – today and in the future. In his session at @ThingsExpo, Chris Nguyen, Group Product Marketing Manager at Adobe, will discuss how to successfully leverage mobile, rapidly deploy content, capture real-time d...
May. 28, 2016 10:45 AM EDT Reads: 1,621
SYS-CON Events announced today that BMC Software has been named "Siver Sponsor" of SYS-CON's 18th Cloud Expo, which will take place on June 7-9, 2015 at the Javits Center in New York, New York. BMC is a global leader in innovative software solutions that help businesses transform into digital enterprises for the ultimate competitive advantage. BMC Digital Enterprise Management is a set of innovative IT solutions designed to make digital business fast, seamless, and optimized from mainframe to mo...
May. 28, 2016 09:45 AM EDT Reads: 2,266
What a difference a year makes. Organizations aren’t just talking about IoT possibilities, it is now baked into their core business strategy. With IoT, billions of devices generating data from different companies on different networks around the globe need to interact. From efficiency to better customer insights to completely new business models, IoT will turn traditional business models upside down. In the new customer-centric age, the key to success is delivering critical services and apps wit...
May. 28, 2016 09:15 AM EDT Reads: 1,198
Join us at Cloud Expo | @ThingsExpo 2016 – June 7-9 at the Javits Center in New York City and November 1-3 at the Santa Clara Convention Center in Santa Clara, CA – and deliver your unique message in a way that is striking and unforgettable by taking advantage of SYS-CON's unmatched high-impact, result-driven event / media packages.
May. 28, 2016 09:00 AM EDT Reads: 2,434
In his keynote at 18th Cloud Expo, Andrew Keys, Co-Founder of ConsenSys Enterprise, will provide an overview of the evolution of the Internet and the Database and the future of their combination – the Blockchain. Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life ...
May. 28, 2016 08:45 AM EDT Reads: 1,982
SYS-CON Events announced today that MobiDev will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. MobiDev is a software company that develops and delivers turn-key mobile apps, websites, web services, and complex software systems for startups and enterprises. Since 2009 it has grown from a small group of passionate engineers and business managers to a full-scale mobile software company with over 200 develope...
May. 28, 2016 07:15 AM EDT Reads: 2,692
SoftLayer operates a global cloud infrastructure platform built for Internet scale. With a global footprint of data centers and network points of presence, SoftLayer provides infrastructure as a service to leading-edge customers ranging from Web startups to global enterprises. SoftLayer's modular architecture, full-featured API, and sophisticated automation provide unparalleled performance and control. Its flexible unified platform seamlessly spans physical and virtual devices linked via a world...
May. 28, 2016 06:00 AM EDT Reads: 2,261
Companies can harness IoT and predictive analytics to sustain business continuity; predict and manage site performance during emergencies; minimize expensive reactive maintenance; and forecast equipment and maintenance budgets and expenditures. Providing cost-effective, uninterrupted service is challenging, particularly for organizations with geographically dispersed operations.
May. 28, 2016 05:00 AM EDT Reads: 2,122
SYS-CON Events announced today TechTarget has been named “Media Sponsor” of SYS-CON's 18th International Cloud Expo, which will take place on June 7–9, 2016, at the Javits Center in New York City, NY, and the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. TechTarget is the Web’s leading destination for serious technology buyers researching and making enterprise technology decisions. Its extensive global networ...
May. 28, 2016 05:00 AM EDT Reads: 3,247
SYS-CON Events announced today that Commvault, a global leader in enterprise data protection and information management, has been named “Bronze Sponsor” of SYS-CON's 18th International Cloud Expo, which will take place on June 7–9, 2016, at the Javits Center in New York City, NY, and the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Commvault is a leading provider of data protection and information management...
May. 28, 2016 04:15 AM EDT Reads: 3,214