Powered by procore

The Survival Guide to Data Sprawl and Governance


Share


First there was suburban sprawl (i.e., the spread of residential, commercial, and industrial properties beyond city centers) and now there’s the similarly problematic-–for construction firms and other enterprises in particular––issue of data sprawl. While the causes of suburban sprawl included rising rates of car ownership and new factory openings, data sprawl has its roots in the brisk adoption of mobile computing devices and cloud-based services, as well as increased reliance on branch offices and remote sites.

Nearly two-thirds of IT professionals in North America used cloud services of some kind.

Popular business initiatives such as bring-your-own-device policies, under which employees can use a phone, tablet, or other computer of their own for work purposes, have made data sprawl a thorn in the side of control-minded IT departments. Consider that the average "mobile" employee now has more than 3 IP-enabled devices at his or her disposal, and that the volume of smartphones purchased as part of BYOD programs was projected by IDC in 2014 to rise 30 percent each year until 2017.

At the same time, cloud applications have rewritten the rulebook for how software behaves, pushing data control from its traditional spot within the data center all the way out to the network edge. Spiceworks' 2014 State of IT report revealed that nearly two-thirds of IT professionals in North America used cloud services of some kind, whether for server infrastructure, packaged applications, or something else. With this greater reliance on cloud services, you lose control over where your sensitive data is residing.

This risk, and the many others associated with data sprawl, have made governance a huge concern for CIOs in construction. Forrester Research has even estimated that 20 percent of CIOs could lose their jobs by 2016 due to failures in implementing information governance. With that in mind, what can be done to keep data sprawl in check? Let's look at a few practical steps towards governance.

1. Create policies for the organization's most common data workflows.

Application data is frequently on the move. For example, budget projections stored in a legacy business application may be queried by a cloud-based solution running on a tablet at a construction site. This request would, in turn, require that sensitive information be moved reliably and safely over the network to the client device. Where would such requirements be codified, though?

Just as there are numerous laws governing driving and parking on actual roads, there should be clear rules in place for their digital equivalents: data in transit and data at rest. Effective information governance starts with policies that cover everything from retention and loss prevention for data to classification of specific assets and use of metadata.

2. Effective data policies can help with compliance

How long should a document be retained after it was created? Is it okay to share files with others in the company using a cloud-based collaboration tool? 

These types of questions should have unambiguous answers provided by company governance policies.

3. Consider technical solutions such as VDI, MDM, and secure SaaS.

If detailed policies provide the "skeleton" for sound information governance, technical solutions can serve as the "musculature" that fleshes them out and ultimately sets them into motion. Tools for virtual desktop infrastructure, master data management, and cloud security are all common solutions to the problem of effectively extending company policies over the wide range of products, services, and information that cause data sprawl in the first place.

VDI can standardize the user interface and available applications across many devices, from PCs in the office to tablets at the construction site. From there, it is easier than ever to keep tabs on remote devices and ensure a consistent user experience as well as regulatory compliance.

4. Cloud security should not be overlooked when pursuing information governance

MDM allows all critical data to be linked to a common file, which serves as a universal reference point. This arrangement makes it easier to share files across complex organizational structures, such as construction firms with multiple projects and sites in play at the same time.

Check to see that any SaaS solution is backed by secure, redundant hosting and a service-level agreement that spells out each side's responsibilities in the event of a breach or other failure. Storage capabilities should also be watched carefully with cloud solutions, so that sprawl does not put too much strain on infrastructure.

5. Be consistent and inclusive with your governance strategy

Data sprawl is synonymous with mobile and cloud, but those are hardly the only two sources of informational overload for construction firms. Desktops and laptops, on-premise applications, and legacy IT infrastructure all contribute to sprawl and as such, bolster the case for a governance strategy that tackles all assets with the same gusto.

Make sure you are subjecting your cloud applications to the same or similar standards of performance and security that apply to your on-premise tools. This approach contributes to a more manageable policy position, further simplifying the complexities and confusions inherent in data sprawl. With such consistency in place, benefiting from cloud and mobile applications need not entail additional risks related to data control.

Along the way, gather input from all necessary parts of the business––not just IT. Experts in legal, compliance, and records management may also be necessary to formulate and enforce suitable policies for your data. Overall, look to have a governance strategy that is both technically and procedurally sound.