In a recent Information Age article, AIIM CEO John Mancini argued we are on the cusp of a new of enterprise content management (ECM) – where massive changes (cloud being a central element) are on the horizon and little best practice exists to know how to manage them. If the leader of the ECM industry association foresees challenging times ahead, what chance does the average CIO have of navigating a successful course through this potential minefield?
New research, which suggests that a cloud-centred ECM strategy could deliver nearly three times the return on investment of on-premise equivalents, highlights that cloud could be at a tipping point for many organisations. It has moved from being the plaything of startups, or the financial savior of large enterprises looking to milk the most from their capex budgets.
Most have overcome the irrational, paranoid fear of storing information in the cloud – but the benefits need to be balanced with the information governance requirements of the corporate world.
>See also: The 6th era of people, process, and information is with us
ECM in the cloud
Even as the cloud has emerged as the platform of choice across key business areas, organisations have displayed greater caution in migrating ECM systems.
With many having established strong internal, on-premises information governance principles, the reluctance to expose those to potential damage should their content get into the wrong hands is understandable.
However, many are now realising that there is just as much likelihood (indeed many believe more) of data breaches happening inside an organisation, compared to a cloud environment.
The location of content is not the defining factor in whether it is secure – the information security and governance mechanisms put in place are what make the difference.
So in a world where on-premise ECM is solid, secure and well established, why would anyone want to move to the cloud? While the answer varies between organisations, consistent themes include greater efficiency within the organisation, carefully managed costs, enhanced user support and new functionality, often around mobile and tablet device interfaces.
These benefits are now widely recognised but the key aspect in relation to ECM is whether they outweigh the risk of breaking the status quo of internally managed systems. The question for today’s CIOs is whether the risk is worth the potential reward.
’Vanilla and chocolate‘ or ’chocolate and vanilla’
As with all things IT, the term ’cloud‘ is, well, cloudy. There are, or course, many different flavours of cloud and each have their respective levels of risk, cost and potential reward.
The most similar cloud offering to an on-premise solution is a hosted private cloud. The risk is low, as you are working in as close to on-premise as possible – however, the costs of taking this approach are high, compared to other cloud deployment methods, meaning that the potential reward is lower.
A second (and hugely hyped in the media and by vendors) route is that of hybrid cloud. This solution sees the majority of the environment being on-premise, or possibly hosted private cloud, with certain parts of the solution also exposed via a cloud element.
A benefit of this method is that the organisation is in control of what gets exposed via the cloud – however, this does place a management overhead on the solution.
Hybrid cloud is now seen as one of the main ways in which organisations, especially those with large investments in existing on-premise solutions, will move gradually to the cloud. Again here the risk is slightly greater, but so is the reward.
And finally to public cloud solutions. These are the cheapest of the cloud offerings, potentially delivering the greatest reward. However, configuration capabilities are limited and, more importantly, the risk of a shared architecture and resources for most organisations (other than the smallest businesses and start-ups) make this a non-starter for ECM.
>See also: Is unauthorised use of file sharing solutions putting organisations on a slippery slope?
Legal issues
An undertone to all discussions about corporate content in the cloud is data privacy. Particularly in the EU, this is a powder keg waiting to blow, but data privacy is equally important for on-premises systems as it is for cloud.
The weight of managing data privacy falls on the organisation that owns the data. The cloud vendor will (and needs to be held to) manage the security of the solution, just as the IT department will do for an on-premises solution – but the data privacy aspects need to be managed via the information governance principles of the organisation.
If Mancini’s prediction of a sixth era comes to pass, organisations will have little choice but to embrace mobile, analytics, cloud and collaboration. In this scenario, CIOs need to be aware of all of their options: the pros (and cons) of deploying hybrid versus private cloud, who is responsible for data privacy, and what sort of return on investment to expect from the various strategies.
Sourced from David Jones, OnBase