Organizations need to know which systems their information is stored on as well as the relationship of one system to another; that ability to understand the profile of systems is central in helping today’s businesses assess and act on their compliance, litigation readiness, and retention/disposition needs, making timely decisions about information management, including policy, data migration and systems decommissioning.
Many organizations manage the information about their systems, enterprise applications and repositories in an ad-hoc fashion and lack a visual and dynamic map that provides visibility into their high-value and high-risk information, such as personally identifiable information (PII). This is complicated further when it comes to the rapidly growing volumes of unstructured and structured electronically stored information (ESI) – like email, text messages, social media and voicemails – as only 14 percent of organizations claim to have a data map that identifies key repositories for ESI (from Iron Mountain’s 2013-2014 Information Governance Benchmark). Inefficient manual methods used by these organizations, coupled with a lack of visibility into ESI, increases their risk of non-compliance, drives up storage costs, and prevents them from achieving true information governance.
Did you know that 60 percent of records and information management professionals say their lack of an information map is an issue? Thanks to their new partnership, Iron Mountain and EasyDataMaps created a list of eight steps to master information mapping.
The Eight ‘I’s’ of Information Mapping
Click through for eight steps that can help organizations map, govern and protect their critical data, as identified by Iron Mountain and EasyDataMaps.
Identify your data and where it lives. Know where information is stored, who the custodians are and what systems it is moving through.
Input or upload key characteristics about your systems, repositories and applications into a web-based mapping software. Include information such as system start and end dates and compliance and retention requirements.
Integrate with your existing software tools using a simple API workflow and web form that gives you the ability to collaborate with system custodians and stay current on system changes.
Interpret your data using a visual and dynamic map that shows how systems, repositories and applications inter-relate.
Institute professional services to accelerate mapping and manage key updates going forward. This will provide insight and visibility into the high-value and high-risk information across your business.
Inform your strategic information management roadmap by showing what requires attention. When you know where your high-risk and high-value information is, you have the knowledge you need to inform your strategic information management roadmap and the areas requiring your attention are made visible. You may need additional system controls, backup plans, and policy because the information is PII, personally identifiable information, or is a vital record.
Invest in the information management areas that will provide you the best return on the value of your information. With the knowledge of what systems you have, what information is in them, how they inter-relate and who owns them, you have the facts to make the right investments in them, such as system connectors/API’s, human resources to monitor them, control charts to measure performance, recovery time objectives, location of server (which data center it’s in), how it relates to your ITIL processes, related retention schedule rules, and regulations and processes to automate or semi-automate defensible destruction.
Implement and understand the practices and tenets of ITIL (Information Technology Infrastructure Library). Anyone who will need to make the buying decisions for the business should understand the value of the information that will populate their information map.