1 / 78

Information Governance: Securing data to manage risk

Information Governance: Securing data to manage risk. Pablo S áez Montequín Enterprise Account Executive pablo.saez@AvePoint.com | @ psaez. Agenda. Why implement Governance Compliance, Risk, and Privacy Out of the Box Information Management Solutions and Summary.

brian
Download Presentation

Information Governance: Securing data to manage risk

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Information Governance: Securing data to manage risk Pablo Sáez Montequín Enterprise Account Executive pablo.saez@AvePoint.com | @psaez

  2. Agenda Why implement Governance Compliance, Risk, and Privacy Out of the Box Information Management Solutions and Summary

  3. Why Implement Governance

  4. Importance of Information Governance Gartner Research: 2016 Prediction in regulated industries will lose their jobs for failing to implement discipline of information governance 20% CIOs

  5. How Much Governance is Needed? Portal Community Sites Visibility Project/Team Sites Personal/My Sites Governance

  6. Typical Policy Categories Infrastructure Operations Information Architecture Information Management Project Management Leadership Customization Adoption Continuous Improvement

  7. How SharePoint is Deployed

  8. How SharePoint should be Deployed

  9. Typical Issues with No Governance No way to know what to recover when Breaking SharePoint Boundaries Search results are too generic Pure Chaos No capacity planning(read budget!) Everyone is to blame (SP Admin) SharePoint is down due to bad code/cannot upgrade Users loose faith “I will use dropbox” We will fix next version migration

  10. Compliance, Risk and Privacy

  11. Compliance Standards for Consideration • Others • Records Management • Sarbanes Oxley (SOX) • Operational Security (OPSEC) • Export Control Requirements (ITAR) • Brand and Site monitoring • Bad or Broken Links • Metadata Policy • Improper words or phrases • Identity mismanagement • Marketing Standards • Metadata Policy • Risk Level Tagging • Dublin Core Metadata Initiative • Z39.50 Tagging • Custom Vocabularies • Pointer Records Accessibility Compliance Section 508 and 508 Refresh Web Content Accessibility Guidelines (WCAG) 1.0 Web Content Accessibility Guidelines (WCAG) 2.0 Canadian Government common Look and Feel Privacy Compliance Gramm-Leach Bliley Act (GLBA) California SB1386 and AB 1950 European Union Safe Harbor US Section 208 Privacy Act of the USA UK Data Protection Act Health Insurance Portability and Accountability Act (HIPAA) Canadian Personal Information Protection and Electronic Document Act (PIPEDA) European Union Data Protection Directive 1995/46 European Union Privacy and Electronic Communications Directive 2002/58

  12. These laws have common elements Information must be accessible and available to the people who should have access to it and protected from the people who should not Further this information may need to be stored, archived and preserved for some period of time

  13. Some specific risks to consider… Confidentiality leaks —Compromised privacy Loss of data integrity No access to or availability of data

  14. How Much Compliance is Needed? Compliance Portal Community Sites Visibility Project/Team Sites Personal/My Sites

  15. Out of the Box Features

  16. Management controls and scopes SharePoint Service Isolation Service Application Configuration and Data Blocked File Types SSL Farm Zone Web Application Service Application Web Application Data Storage SLAs Content DB Quotas Ownership(Full Control) Site collection Features Security Permissions Top-level site Sub site List/Library Sub site Security Permissions [Folder] Item / Document

  17. Some limits

  18. Some new SP2013 features on this topic • Central Hub • Export to NTFS • Preserve in Place • eDiscovery • Identity • Content Mgmt • S2S authentication • Login tokens in DCS • Store and App Catalog • Site Based Retention • Cross-site Publishing • Site Policies • From 2007 and 2010: Self Service Sites; Content Types; Metadata Publishing; Information Management;

  19. How we will Proceed with OOTB features Central Administration - Service Applications (Shared) Central Administration - Settings Site Collection Settings Site Settings

  20. Don’t panic – plan with end in mind… Example IA On-PremiseFarm TEAMS* EXTRANET TEAMS SOCIAL INTRANET APPS <LOB> Content DB Content DB Content DB Content DB Site collection Site collection Site collection Site collection HR Marketing Finance Intranet Home Finance Marketing HR SEARCH PROFILE METADATA BCS ServiceFarm

  21. Central Administration

  22. Service Applications

  23. Create Term Sets for Policies

  24. Information Management Policy

  25. Manage Information Management Policy

  26. Site Usage Policy

  27. Manage Site Usage

  28. Site Policies – Self Service Site Creation

  29. Allow for Site Classification (retention only!)

  30. You must tie the MMDS to a CTSH

  31. Bridging the Gaps Who is the business owner? What is the criticality of the site? Business Approval? Chargeback or cost model?

  32. Site Collection

  33. Building the Policies Configure SC Audit Settings Configure Content Type Policy (IRM) Configure Site Policy (Closure). Create Content types, Site Columns.

  34. Configure Audit Settings

  35. Configure Content Types Policy Templates

  36. Labels have been Deprecated in SP2013 Labels are available for use by default!

  37. Don’t panic – plan with end in mind… On-PremiseFarm TEAMS* EXTRANET TEAMS SOCIAL INTRANET APPS <LOB> Content DB Content DB Content DB Content DB Site collection Site collection Site collection Site collection HR Marketing Finance Intranet Home Finance Marketing HR SEARCH PROFILE METADATA BCS ServiceFarm

  38. Don’t panic – plan with end in mind - (IM)

  39. Create a new Site Collection (template)

  40. Configure Site Policy

  41. Edit the Content Type Policies

More Related