4 Risks from Antiquated Document Capture Systems - Part 2 of 3

May 17, 2016 8:58:26 AM by Mark Brousseau

4 Risks from Antiquated Document Capture Systems

I’m doing three posts excerpted from an earlier AIIM webinar by Mark Brousseau and sponsored by ibml.  The webinar is available HERE in its entirety to professional members of AIIM. Responsibility for this great content rests with them; I’m responsible for any huge editing gaffes. This is the second post; the first one is HERE.

About our guest poster:  Mark Brousseau is a noted marketer, analyst, speaker and writer with more than twenty years of experience advising leading providers of payments and document automation solutions. He is President of Brousseau and Associates, a full service marketing PR and business development firm specializing in the payments and document automation arenas.

Ibml has an interesting white paper on this set of topics -- 9 Ways Your Document Imaging System Could Be Vulnerable to Data Theft and Compliance Violations - check it out HERE.

Free white paper from ibml

-----

Where we left off in our first post…

Despite all these investments you're making at the macro level, despite all the efforts that your IT department is doing on your behalf, there's a gap in your information security systems and it is in the unlikeliest of places -- your document scanning and data capture systems.  Your information on-ramp is leaving you vulnerable to the bad guys. A typical document imaging system is creating four major vulnerabilities that substantially increase the potential for data theft and violations of information management regulations.

-----

Risk One from antiquated capture systems – Not encrypting the data while it's in motion.

The first risk that organizations face when it comes to antiquated systems is they don't have any protection for the images or data as they travel through their capture workflows.

Think about your operations for a second. You don't just scan something and let it sit there. Your image is likely involved in a workflow and that workflow probably is increasingly touching people who are on different floors, in different buildings and maybe in different countries. Yet, most old document imaging systems aren't encrypting this data or these images. While they're travelling across the enterprise or the extended enterprise, they're left literally out in the open for the bad guys to intercept them.

What's more, in most scanning environments, operators must have network or file system rights to the location where images are written. Think about this for a moment.  Images and data aren't being encrypted, and anyone who operates the system is going to have access to them unencrypted.  This obviously opens the door for an operator to read information that they shouldn't be reading. If you're processing medical records, if you're processing financial documents, or if you're processing something on behalf of a sensitive government entity, you've now laid that information open to internal staff.  

Finally, images also can be written to the scanner's local hard drive prior to writing the data to a network file repository. Think about this for a second. Most folks assumed that once an image is captured on a scanner, it goes immediately to an archival. This isn't the case at all. With antiquated systems, they're written to a hard drive and then moved to a network file repository.  Here again, the information is out in the open for a bad guy to be able to look at or to intercept.

Risk Two from antiquated scanning systems – Unsecured log files.

The second risk organizations face is unsecured log files. A key tool in recognizing security breaches is a log file. We all have them. It's a standard feature in every operating system, application, server platform, scanning software, it's everywhere. It shows you what's going on with the health and operation of your system. By monitoring log files, you can identify potential wrongdoing. It helps you and prevent security breaches.

This creates a problem. Antiquated document scanning systems write log files to a local hard drive of the scanner's host PC.  What this does is it puts them beyond the control of the system administrator.  Essentially, this means you've got the fox minding the chicken coop. It is difficult for the administrator to watch that log file and see what's going on. As has been well chronicled at AIIM studies, we know that there's more and more data being captured and put into those log files. That's information you don't want sitting out in the open. This is tantalizing stuff for somebody who's up to no good.

Risk Three from antiquated scanning systems – Poor visibility into operator activities.

The third risk from antiquated document scanning systems is poor visibility into operator activities. Old scanning systems make it difficult to track and audit the activities of their staff and this opens the door for unauthorized access or even distribution of sensitive data in an undetected environment. If you can't track it, you can't fix it and you can't catch it.  17% of organizations admit that their staff already bypasses security restrictions placed on them. That's not to say those folks are up to no good, it's just to show that staff will do the most expedient thing.

Now, think about introducing a bad guy into the kind of environment where it's okay that one in five staff goes around security steps. When you have an environment where it's difficult to track and audit, you have an environment where you're leaving yourself open to risk.

Risk Four from antiquated scanning systems – Poor security management.

The fourth risk that organizations face with antiquated security systems is poor security management. Older systems require manual processes for network administrators to review and to change security settings. In most cases, this stuff is set up when somebody originally came to install the system and is left alone until something goes wrong. That's what is wrong with this scenario. It's a hassle for the administrator to change the settings and this leads to less frequent security configuration reviews and this puts you at risk. Manual processes do not provide a comprehensive view on a network and they don't make it easy for you to adjust to change in business requirements to ensure that you're not at risk.

In our next post, Mark will take a look at the safeguards you can take to protect yourself against these 4 risks.

-----

About ibml (sponsor of the original webinar)

ibml believes in the mission of AIIM to educate information managers on the key issues they face. The company provides intelligent information capture solutions that drive business process improvements.  Combining intelligent scanners, software and services, ibml solutions  automate the most demanding document applications in banking, financial services, healthcare, and government. ibml customers in 48 countries rely on its technology to accurately, efficiently and - most importantly - securely capture and process millions of documents. If you want to learn more about ibml, you can visit ibml.com or contact them directly at sales@ibml.com.

Check out 9 Ways Your Document Imaging System Could Be Vulnerable to Data Theft and Compliance Violations from ibml.

Read More

Topics: compliance, imaging, scanning, capture, security, information security

Increasing Security and Compliance Concerns for Document Capture – Part 1 of 3

May 13, 2016 10:09:04 AM by Mark Brousseau

Think Your Scanned Images are Safe?  Think Again

I’ll be doing three posts excerpted from an earlier AIIM webinar by Mark Brousseau and sponsored by ibml.  The webinar is available HERE in its entirety to professional members of AIIM. Responsibility for this great content rests with them; I’m responsible for any huge editing gaffes.

About our guest poster:  Mark Brousseau is a noted marketer, analyst, speaker and writer with more than twenty years of experience advising leading providers of payments and document automation solutions. He is President of Brousseau and Associates, a full service marketing PR and business development firm specializing in the payments and document automation arenas.

Ibml has an interesting white paper on this set of topics -- 9 Ways Your Document Imaging System Could Be Vulnerable to Data Theft and Compliance Violations - check it out HERE.

Free white paper from ibml

-----

As we begin 2016, the biggest threat to your business probably isn't the proverbial competitor down the street. It's someone who wants to take advantage of your corporate information. We know that a growing number of businesses and government entities have already become cyber war victims.

  1. It wasn't that long ago that there were front page headlines when tens of millions of Target and Home Depot customers had their information stolen from those retailers.
  2. Just last March, health insurance company Anthem admitted that it was attacked. The personal information of as many as 80 million Americans information was vulnerable as a result of that attack. 80 million -- that's one quarter of the entire U.S. population.
  3. Last Fall, the U.S. government's Office of Personnel Management admitted that their employee database was hacked. The bad guys got personnel data on millions of federal employees, including their fingerprints and their job applications. Think about what must be on those job applications.
  4. Even the people who are protecting us are not immune. Just recently, Juniper Networks -- these are the guys who make firewalls and network security equipment -- admitted that they were hacked.

2015 was the compliance and security wake up call for businesses and 2016 needs to be the year you get your act together. You can't afford any more data leaks, lost patient records or corporate espionage. You can’t afford the cost, the penalties, the fines and the reputational risk that comes with these violations and data loss and the impacts of data leaks are significant.

Two-thirds of companies say the potential impact of a data leak would be high. 13% of companies say the potential impact of a data leak would be disastrous. That's not so hard to believe when you consider what that stake from a reputational and financial standpoint. In fact, a lot of folks focus on the financial piece of this. According to studies, the average cost of a single data leak is $7.2 million. When you think about what Target went through with their breach, $7.2 million seems like table stakes.

These costs are only going to go up. Increased regulations, standards, and rules are raising the stakes. They're raising the potential cost and penalties that you could suffer if your data is lost or you have a compliance violation.  Two-thirds of organizations see that ensuring the privacy of customer data is essential. Well, that's good news. Two-thirds of organizations also see that compliance with industry and government regulations is also essential. This is a big driver behind a lot of data capture system purchases.

In fact, 30% of organizations say that compliance and security considerations is the most significant business driver of document and record management projects. That's staggering; most assume it's cost efficiency and productivity.

PCI (payment card industry) compliance is going to take more and more of the headlines as corporate America continues to push harder and harder away from paper based checks and toward electronic transactions. We're going to find that while many organizations knew how to safeguard check information, they really don't understand how to do the same in an electronic world, where it's easier for folks to intercept that information. That’s just the tip of the iceberg. There are 13,982 other regulations that are impacting businesses, all of them with their own cost and their own risk. Every day, there are people in Washington DC dreaming up more regulations about how to manage your data.

You've undoubtedly put in permissions and access controls, and you've implemented antivirus and malware tools. You've probably regulated the passwords your staff uses so they can't use their birth dates or 123456 anymore. You've implemented perimeter security so that folks can't walk in and out your front and back doors and literally take your information with them.

Despite all these investments you're making at the macro level, despite all the efforts that your IT department is doing on your behalf, there's a gap in your information security systems and it is in the unlikeliest of places -- your document scanning and data capture systems.  Your information on-ramp is leaving you vulnerable to the bad guys.

A typical document imaging system is creating four major vulnerabilities that substantially increase the potential for data theft and violations of information management regulations.  In our next post, Mark will discuss the four risks of antiquated scanning systems:

  1. Not encrypting the data while it's in motion.
  2. Unsecured log files.
  3. Poor visibility into operator activities.
  4. Poor security management.

-----

About ibml (sponsor of the original webinar)

ibml believes in the mission of AIIM to educate information managers on the key issues they face. The company provides intelligent information capture solutions that drive business process improvements.  Combining intelligent scanners, software and services, ibml solutions  automate the most demanding document applications in banking, financial services, healthcare, and government. ibml customers in 48 countries rely on its technology to accurately, efficiently and - most importantly - securely capture and process millions of documents. If you want to learn more about ibml, you can visit ibml.com or contact them directly at sales@ibml.com.

Check out 9 Ways Your Document Imaging System Could Be Vulnerable to Data Theft and Compliance Violations from ibml.

Read More

Topics: compliance, imaging, scanning, capture, security, information security

Calling all Information Professionals – What #InfoGov Advice Would YOU give to this company?

May 12, 2016 12:47:31 PM by John Mancini

Calling all #InfoGov experts – What Advice Would YOU give?

I was thinking about one of the data points in our current State of the Industry Report (Free Executive Summary HERE) – the one that points to a rise in focus at large companies on risk and compliance as a primary business driver for IM.

The number of large organizations citing compliance and risk as the largest driver for IM has risen sharply in the past year from 38% to 59%. 44% of mid-sized organizations also cite this as the biggest driver whereas smaller organizations consider cost savings and productivity improvements to be more significant drivers.

To be honest, this data point bugged me a bit – it seemed at variance with some of my thoughts about Information Governance – i.e., that they key to moving Information Governance out of its narrow RM niche was to focus more on value rather than risk.

But I got a call from a significant company on the Fortune 1000 list (that will remain nameless for now) who posed a business problem that perhaps reinforces the above data point – but perhaps in a different way than I would normally consider the question. 

Here are the points he/she raised.  Kind of like a Harvard business case:

  1. We have our knowledge worker content currently in 3 places:  1) Google Docs; 2) an EFFS product; and 3) file shares.  We are not a SharePoint shop.
  2. We are not in an industry space like financial services or pharma where there are a lot of  industry-specific compliance or regulatory requirements.
  3. We want wherever possible to leave our existing information in place, and apply a “lite” governance layer (his/her words) above our 3 primary repositories that would allow us to understand what people are doing, apply retention and disposition where appropriate, be able to audit/verify these processes, and be able to apply holds should the occasion arise.
  4. Usability and simplicity – at both the administrative and individual knowledge worker level – is our top priority.
  5. In a nutshell, we want to be able to demonstrate that there is a level of adult supervision and accountability to how we manage our knowledge worker information. Does this need to be perfect, no.  Does it need to be a verifiable process, yes.
  6. We want to start with three departments, but then scale up.  Ultimately, the potential scale is quite large -- 10+ terabytes.
  7. We are not interested in a lot of workflow functionality at this point. Perhaps down the road, but for now this project is being driven by the legal folks. 
  8. The fundamental question we would like to address and at reasonable cost is a very basic one and one that you, John, have raised in your presentations:
Where should we tell our knowledge workers put their “stuff” so that it is…1) Secure, shareable, and searchable so the ORGANIZATION can accomplish its goals; and 2) Works the way they work and is useful to THEM in getting THEIR job done.

I have my own ideas about this, but I thought I would open it up to the community and perhaps everyone could share in the results. 

The Advice Clinic is Open.

What recommendations would you give, and why?

-----

You might also be interested in this white paper on EFFS technologies:

Download Now

 

Read More

Topics: information governance, electronic records management, records management, efss

The AIIM Community Gives Back - Twice

May 12, 2016 9:30:56 AM by Georgina Clelland

We introduced something new to The AIIM Conference in 2016, an element of social responsibility. As the VP of Events here at AIIM, it was incredibly important to me that we give something to a charity local to our host city of New Orleans that our attendees had created.

Read More

Topics: aiim, aiim16

The E3 Method of eDiscovery at the A+E Network

May 10, 2016 9:11:51 AM by John Mancini

Kevin Craine: Hubie Dorsainvil, Director of Litigation Support and Records Management at A+E Television Networks, and Gretchen Nadasky, Manager at Optimity Advisors, discussed the "E3 Method of Collaboration" at #AIIM16.  Tell us a bit about "E3."

Gretchen Nadasky: The E3 Method for collaboration came out of my experience for the records management project at A&E Network. Together, we were charged with developing a brand-new records management program at the company. It was something that was new to both executives and employees.

 

Since it was going to be an enterprise-wide program, we really had to get collaboration from all twenty-eight departments, as well as buy-in from all of the executives, all the way up to the CEO and the Board. We developed this way of building out a network explaining what records management is, through specific methods by developing messages so people would understand why records management was important to them. Through that experience, the E3 Method was born -- Engagement, Expectation, Enthusiasm.

Really anyone who has an idea, can benefit from the E3 Method. You can use the E3 Method whether you are trying to plan a vacation with your family, trying to do an enterprise-wide project that needs support of employees and executives, or trying to start a new process within a division of your company. It really can be used for anything as a way of getting things done.

The key point is that people have ideas, but they don't know how to initiate them and get support for ideas. Especially in the world of collaboration and networking, where everyone is expected to work together, the E3 methods can be used to make a road map. 

Companies like A&E are struggling with the incredible explosion in content that is being developed. It's great that we have all these new technologies, and that a lot of things are being transformed in a digital way. However, I don't think we are at the point yet, where people have their arms around how to manage all of that content, preserve it, and curate it, and audit it, and make sure they are not paying to store things that aren't useful, or helpful. 

Kevin Craine: Hubie, what are the particular litigation and records management challenges that you face at A&E Television?

Hubert Dorsainvil: My role at the company is to get the word on records management out into the actual company, so that everyone can start using those actual principles.  At the A&E Television Network we have a tremendous amount of data that we are trying to go through. We are trying to reduce the scope of actual discovery and not expose ourselves to litigation risk.

Part of the challenge is trying to control the volume of data that we have, that we can reduce the scope, and reduce our discovery costs in the process. As far as records management is concerned, we are new to this records management game, and we are trying to get everyone on board, so that they understand that records management is the responsibility of every single individual in the company. It's a daily function that should be practiced every single day. We are really trying to teach individuals how to use records management principles to conduct everyday business.

As a media company, we are in the forefront of all of this new technology in regards to digital media, and social media, and things of that nature. Everything is moving so fast. Technology is constantly changing. The amount of data that is out there is constantly growing. We are struggling trying to keep up with all this stuff. 

[Note: The above content was excerpted from an AIIM On Air podcast, hosted by Kevin Craine. Responsibility for the editing rests with me.  Check out the original podcast (and subscribe!) and also all the other additional podcast content -- much more to come!]

------

I'll be doing a member-only VIP debrief of AIIM16 on this presentation -- and 20 others! -- with Kevin on May 19.

Save Your Seat!

Some of my own post-AIIM16 musings can be found in these posts -- check them out.

 

Read More

Topics: aiim16

Update -- Disruptive Technologies Create Need for Information Professionals

May 9, 2016 11:27:47 AM by John Mancini

Make sure you check out our new (FREE) e-book on the Future of Information Professionals.

Future of an Information Professional

Disruptive Technologies Create Need for Information Professionals.

I concluded my previous post with this thought:

The CIP has come to represent a badge of competency and knowledge at the top of the knowledge worker pyramid for those entrusted with the task of building an information STRATEGY in a time of digital disruption. Broader than Records Management and Information Governance, Information Professionals are charged with these questions:

Who owns the BIG PICTURE for how information is managed in our organization?
Who owns our information management STRATEGY?
Who can helps us treat information as the critical business asset it has become?

The accelerating pace of Digital Disruption makes this role more important -- and different -- than ever. But before going there, how exactly is the emerging era of Digital Transformation different from where we are now?

-----

So continuing....

While the concept of professionalism was emerging at AIIM and ARMA, back in the real world a lot of AMAZING technology changes were going on.

I have spoken for the past few years about three key disruptors:

Disruptor #1 -- CONSUMERIZATION is transforming what users expect from applications and how we deliver them. We are now in the era of user-centric IT.

Disruptor #2. CLOUD AND MOBILE are creating an expectation of anywhere, anytime access and transforming how we engage with customers and employees.

Disruptor # 3. THE INTERNET OF THINGS is generating massive amounts of new data and information creating enormous new challenges and opportunities.

An now to make things even more challenging, the impact of these disruptors is accelerating, with profound implications for how organizations manage their information assets.

Klaus Schwab, World Economic Forum: “The speed of current breakthroughs has no historical precedent.”

Steven Kottler: “For the first time in history, the world's leading experts on accelerating technology are consistently finding themselves too conservative in their predictions.”

Dion Hinchcliffe: “The old days of doing it all ourselves using traditional IT projects are receding and even counterproductive much of the time.”

I think one way of thinking about the radical disruption that is upon us is to think about how “Life in the Mainstream” is different from “Life at the Edge” across four variables:

MINDSETS -- “How do we look at things?”
MESSAGES -- “What stories do we tell when we get together?”
MONEY -- “Where is the money going?”
MACHINES -- “What are our technology building blocks?”

In each case, I will talk about three representative data points that describe what life looks like in the mainstream, and compare this to what life looks like at the edge. This is not to imply that life in the mainstream is universally bad or undesirable, or that life at the edge is universally good and desired. Rather, the point is the highlight how things are changing and to urge organizations to think through the dimensions of this change and how it manifests itself in your particular organization.

So let's start with MINDSETS and how we look at things.

In the mainstream, if we have a technology need, we think these terms: 1) Set up a meeting with IT; 2) Make sure we control the information we have; and 3) Look at how we might update our legacy systems.



Compare this to life at the edge. At the edge, we think in very different terms: 1) How I can do it myself without IT intervention? 2) How do I set information free and put it to work? And 3) How can I quickly roll out an app -- without being dragged into endless discussions about updating a legacy system?

Similarly, the MESSAGES we use to communicate in the mainstream -- the stories we share -- tell a lot about our fundamental assumptions with regards to technology.

In the mainstream -- when we get together around expense-account lunches and around the water cooler -- when it comes to collaboration, we often talk about SharePoint. We also talk about how we might take traditional processes like bank teller facilitated deposits -- these typically cost $0.65 each -- and how we might automate that process. Linked to both of the above, our IT Heroes are those that bring greater efficiency into the organization.



Compare these messages and stories to the ones that we tell at the edge. The Cool Kids on the Block are all talking about Slack, an enterprise collaboration platform that in the span of less than 18 months has grown to a market valuation of over three billion dollars. Now Slack may very likely not be the solution for many large Enterprises, but the way of thinking about the problem of collaboration that surrounds Slack -- its nimbleness and openness -- needs to be part of the way that we rethink collaboration.

Taking the example of bank deposits, at the edge, the focus is on mobile deposits, which typically cost less than $0.03 each. Mainstream organizations try desperately to automate a core set of processes and services that have $.65 as their foundation. Edge organizations seek competitive redefinition by ignoring mainstream processes and reinvent the banking industry around processes with $.03 as their foundation. These types of market disequilibriums are occurring in countless processes and industries throughout the economy. This translates into a new set of IT Heroes -- those who can quickly bring innovation and value into our organizations.

Let's turn now to MONEY. Where is the money going and what does this mean?

In the mainstream world, the market valuation for General Motors is $55 billion. At the edge, Uber is now valued at $68 billion. In the physical world -- in the bricks-and-mortar world -- we seek to add digital capabilities to our existing physical business models in order to compete with companies that are natively digital. That is challenging enough. But the challenge is about to accelerate as digital companies like Amazon seek to open up physical storefronts and as digital companies like Uber seek to extend their value proposition into logistics and package delivery.



It is worth thinking about how fundamental Facebook, Amazon, Apple, and Google have become to our collective economic future and what their models of success say about the future. These four companies alone have a market value of $1.3 trillion. This is the same as the GDP of Korea. These four horsemen of the digital world provide perspectives on what life at the edge looks like that we need to incorporate into our mainstream thinking.

Lastly, let us turn to the question of MACHINES. What are our technology building blocks?



In the mainstream, the focus is still on on-premise applications built on and for the PC. The core skills that are valued in the mainstream are focused on building and developing systems. At the edge, the focus shifts to the cloud, mobile technologies become the Lego building blocks of systems, and the skill sets that are valued within our IT staffs shift from building and developing to configuring and connecting.

More to come in the next post.  

Get the free e-book HERE.

-----

Here's the keynote deck in case you missed it. Socialize it and share it if you are so inclined. Also a fun compilation of AIIM16 Tweets HERE.

 

Read More

Topics: cip, information professionals

Update -- A short history of where Information Professionals Came From

May 5, 2016 2:49:18 PM by John Mancini

Make sure you download our new (FREE) white paper on the Future of Information Professionals.

Future of an Information Professional

A Short History of Where Information Professionals Came From.

I concluded my previous post with this thought:

Many people do not realize that AIIM was founded in 1943 as the National Microfilm Association. Many people are mystified about how an organizational journey could somehow begin in 1943 with microfilm, and wind up in 2016 with content and information management.

So what is the connective tissue in this strange story?

I think it boils down to 3 words.

People. Process. Technology.

-----

So continuing....

A Short History of Where Information Professionals Came From.

Of course, what People + Process + Technology adds up to IF DONE RIGHT -- is intelligent information management, which is what AIIM is all about. The reason I say “If Done Right” is that over the course of managing this triad, organizations have tended to get parts of this equation right, but seldom do they get all three working in sync. Which is why there is so must frustration out there. I happen to think that an “Information Professional” is the person that weaves this story together, but I’m getting ahead of myself.



Let me go through a very short pre-history of how we came to think there was even such a thing as an “information professional” in the context of this triad of PEOPLE and PROCESS and TECHNOLOGY.

From 1996 to 2006, the PROCESS questions we asked in our organizations centered around this fundamental question: “How can we automate content-intensive, complicated, and mission-critical processes?”

On the TECHNOLOGY side, most implementations in this period were complex and custom and expensive. There was no standard body of knowledge. Technology expertise was lodged in the consulting community. Looking over to the PEOPLE side of the equation, solutions were difficult to use and required LOTS of training. But nobody really cared because the people who used the solutions were specialists and were only a tiny percentage of the overall number of knowledge workers in our organizations.



“Professionalism” in this world was narrowly defined. If you think about the overall universe of knowledge workers, you can divide them into Gurus, Techies, Line of Business executives, and Everybody Else (in other words, those pesky end users). “Professionalism” in this world was defined principally by AIIM with its MIT and LIT designations (“Master” and “Laureate” of information technology) and by ARMA/ICRM with its Certified Records Management (CRM) certification. And the focus was on the tippy top of the pyramid.





In this tight little world, something was missing. Even 20 years later, there are still less than 1,000 CRMs in the world. The CRM certification was (and still is) extremely valuable, but it only tapped into the surface of the education needed by technology and business people. There was clearly a need for industry-standard technology education, focused on standardizing the hodge-podge of consultant delivered training that was the norm in 2006.

In 2006, the nature of content, records, and information management training changed with the launch of AIIM’s ECM Practitioner, Specialist, and Master training programs. AIIM followed up its standardized ECM training with training in Electronic Records Management, Business Process Management, SharePoint, and a host of other content technologies. By 2010, the concept of “professionalism” was stretched to also include the “techie” and line of business communities via the AIIM designations.

In 2010, AIIM came to the conclusion that there was an opportunity to standardize an even broader body of knowledge under the concept of a “Certified Information Professional,” or CIP.

AIIM’s original conception of what it meant to be an “information professional” was not unlike the definition of professionalism that came to be accepted in the 1980s and 1990s in project management. In the early stages of the professionalization of project management, if you had proposed that there was a common body of project management knowledge that could stretch across a wide variety of domains and industries, people would have thought you were crazy. “How could the project management knowledge to run a software project possibly be similar to that required to build a bridge or that required to construct a building?” In the course of the 1980s and 1990s, the Project Management Institute succeeded in establishing the PMP as the standard body of knowledge associated with project management across a broad variety of disciplines.

It its original conception, AIIM thought the CIP would become an “everyman’s” certification, relevant to gurus and techies and business people alike. The reality after 1,000 CIPs and six years is that it has come to signify something different.

The CIP has come to represent a badge of competency and knowledge at the top of the knowledge worker pyramid for those entrusted with the task of building an information STRATEGY in a time of digital disruption. Broader than Records Management and Information Governance, Information Professionals are charged with these questions:

Who owns the BIG PICTURE for how information is managed in our organization?
Who owns our information management STRATEGY?
Who can helps us treat information as the critical business asset it has become?

The accelerating pace of Digital Disruption makes this role more important -- and different -- than ever. But before going there, how exactly is the emerging era of Digital Transformation different from where we are now?  More to come in the next post.  

CIP Study Guide

-----

Here's the keynote deck in case you missed it. Socialize it and share it if you are so inclined. Also a fun compilation of AIIM16 Tweets HERE.

 

Read More

Topics: cip, information professionals

Updated - From Jurassic Park to Digital Transformation -- a Tale of Information Professionals

May 3, 2016 7:42:05 AM by John Mancini

It is literally 20 years to the day since I first started at AIIM. I've been thinking about how the technology landscape has changed since I first walked on the scene at AIIM and what the implications of these changes are for how we think about what it means to be an “Information Professional."  This was the heart of what I spoke about during my keynote at AIIM16, and we've now published as a new e-book.  Click on the image to get it!

Future of an Information Professional

 

How We Got Here

Slate.com did a good article a while back talking about how much technology has changed since 1996. They used the term “Jurassic Web” to describe 1996, and I rather like that characterization.

 

So let's think a little bit about what 1996 looked like:

  • Only 20 million American adults had access to the internet.
  • Something called “a blog” was still three years away.
  • 99% of phone users did not find text messaging to be of any use whatsoever -- assuming they even knew what it was.
  • The first iPhone was still 11 years away.  That’s right, 11 years in the future.
  • Microsoft Office 97 was published in December on CD-ROM but also - get this - on a set of 45 (forty-five!) 3.5 inch floppy disks.

In 1996 there was no YouTube. No Huffington Post. No Google. No Twitter. No Facebook. And no Wikipedia.

In 1996, AIIM was also in what I would call the pre-web phase of its existence. One month before I joined AIIM, the association's magazine, INFORM, had this quote:

“Despite the area of Internet enthusiasm and the hyped up selling palaver of some web services providers, we remain uncertain as to the long run substitute benefits the internet will bring to businesses and to individual users.”

Oops.

As Yogi would say. “It's tough to make predictions especially about the future.” I'm especially glad that this AIIM prediction was before my time.

How did AIIM Survive for all of these years?

So that's the backdrop for the past 20 years. Of course, against this, AIIM goes back even further. Many people do not realize that AIIM was founded in 1943 as the National Microfilm Association. Many people are mystified about how an organizational journey could somehow begin in 1943 with microfilm, and wind up in 2016 with content and information management.

So what is the connective tissue in this strange story?

I think it boils down to 3 words.

People. Process. Technology.

CIP Study Guide

-----

Here's the keynote deck in case you missed it. Socialize it and share it if you are so inclined. Also a fun compilation of AIIM16 Tweets HERE.

 

Read More

Topics: information professionals

3 Quick Snapshots You Don't Want to Miss From #AIIM16

May 1, 2016 10:00:44 PM by John Mancini

There will be more follow-up re AIIM16 in the weeks ahead, but suffice it to say it was one incredible event.  800 people pasionate about helping their organizations turn information chaos into information opportunity.  On behalf of the staff, thanks so much to the speakers and attendees who made #AIIM16 a roaring success.

Read More

Topics: information governance, information chaos, digital transformation,, aiim16

Where do you stand? -- 6 Key Findings - new "State of Information Management" Benchmark report

Apr 15, 2016 12:08:09 PM by John Mancini

What's the status of Information Management in your organization?

Check out our new State of the Industry findings.

Download Your Report

Managing and recording what the organization knows, what has been said, what inputs are received, what decisions and commitments have been made, and what results are achieved, is paramount to improvement and success. Failure to manage this information, and make it available for sharing, search, controlled access, defined process, audit and secure archive limits operational capability, stunts new initiatives and exposes the business to potential liabilities.

In this [free] executive summary, we've compiled our key findings, including:

  • How different ECM system strategies match the overall goals of the information management lifecycle.
  • The governance and adoption issues that users face.
  • The impact of extending access to mobile and the new cloud services.
AIIM's new Industry Watch report -- 6 key findings:
  1. The number of large organizations citing compliance and risk as the largest driver for IM has risen sharply in the past year from 38% to 59%. 44% of mid-sized organizations also cite this as the biggest driver whereas smaller organizations consider cost savings and productivity improvements to be more significant drivers.
  2. 17% of responding organizations have completed an enterprise-wide ECM capability, including 4% on a global scale. 23% are rolling out company-wide, and a further 15% are integrating across departments. 6% are looking to replace existing system(s) with a new one.
  3. Only 18% align their IM/ECM system strategies with agreed IG policies. 15% have IG policies but they do not drive decisions. 29% have no IG policies. 
  4. 39% describe their email management as “chaotic”, including the largest organizations. 55% agree that email is their big untagged, ungoverned, high-risk content type. Only 10% selectively archive emails to ECM, RM or SharePoint.
  5. 22% consider their ECM project to be somewhat stalled, and 21% have user adoption issues. 52% admit that they are still dependent on their network file-shares.
  6. 38% are actively focused on extending their ECM functionality and 25% are rolling out to a wider user-base. 30% are improving collaboration and 21% are working on mobile and remote access.

Get it while it's hot!

Download Your Report

Read More

Topics: industry watch, enterprise content management, content, ecm, aiim, Industry statistics and research

About AIIM

AIIM provides market research, expert advice, and skills development to an empowered community of leaders committed to information-driven innovation.

Subscribe to Email Updates

Process Improvement and Automation 2016