In the rush to adopt public and hybrid cloud computing services organizations appear to be ignoring the emerging risks to information governance - policy compliance and enforcement - according to a new report from EMC's Leadership Council for Information Advantage, a blue-chip panel of IT execs. Using IDC data, EMC says 75 percent of IT organizations are running or plan to deploy applications in a private cloud environment, but only 34 percent have a governance policy for cloud-based information. Over half -- 57 percent -- believe their organizations need to do more, and almost a third report they are not confident in their preparedness.
The new EMC report, Creating Information Advantage in a Cloudy World: Intelligent Governance Strategies for Cloud Agility [registration required] , says there are four emerging conditions that can complicate the flow and value of information in hybrid and public clouds. The council say these include: unchecked proliferation of incompatible cloud platforms and services; fragmentation of an enterprise's information architecture through isolated data and content within the clouds; escalating potential for vendor lock-in; and complex chains of custody for information management and security.
Information governance, a.k.a. data governance, is about creating order to the extent necessary and possible out of the existing information infrastructure chaos with the goal of aligning people, processes and information to achieve better use of information, states Network Computing blogger David Hill. It is a cross-discipline that requires the deep involvement and commitment of both IT and line-of-business people, as well as money, discipline and formally adopted processes and strategies.
The move to the clouds will require that corporate IT have a renewed focus on managing information, says EMC's chief strategy officer, Mark Lewis. Otherwise, organizations will not fully realize their business advantages. "Everyone is very, very certain that clouds are the wave of the future... but you need to own the information, ensure that it is protected, secure and available to you alone, assuming it is confidential."
Believing that surveys aren't enough, the council was created where ideas can be exchanged and best practices identified, says Lewis. In addition to identifying the governance issues, the council also provided strategies for dealing with them, starting with owning the information. Even if you don't own the infrastructure, application or service associated with the information, at least own the information.