Protect Your Business Information

Protect your information and your business

It is not uncommon to encounter media accounts of a data breach or loss. The consequences are usually severe, including monetary loss and loss of confidence in the organization. In fact, a study completed by Symantec in 2006 determined that 60% of organizations that lose their data shut down within six months of the loss. You don’t want to find yourself in this number, but where can you begin to make a difference?

What information do you have?

In order to effectively and efficiently manage information, it is necessary to first confirm what information assets the organization has and also to identify people in the organization that “own” the information. The owner of the information is responsible to determine who can access information and how it will be used.

What types of data do you have?

After information assets are identified, they should be classified according to their sensitivity relative to unauthorized disclosure. For example, there may be legal or regulatory requirements that specify that certain information must be protected. There may be industry guidelines that address information protection, for example the Payment Card Industry Data Security Standard that outlines requirements to protect credit card data. When classifying information, it helps to consider information in broad categories, for example, corporate intellectual property, human resource information, financial information, information to access systems and records (user-ids and passwords) and information that could typically be found in the public domain.

It is important not to develop too many classifications of information because such a scenario will likely become unmanageable. Quite often, three classifications are often sufficient. For example, information that should only be shared amongst management may be classified as restricted. Information that is less sensitive, but should not leave the organization may be classified as confidential. Information that typically exists in the public domain may be classified as non-sensitive.

Getting started?

  1. Make a list of the information: who is responsible for it? Who should have access to it?
  2. Determine the different categories of information: remember, probably no more than 3 categories should be enough.

Protect Your Business Information – Prevent Document Deterioration, Misuse and Loss With EDM

Security concerns are in the news a lot lately. The government has issued public alerts against terrorist activity. Military experts are debating how to maximize armed forces’ safety amid intensified conflict in Afghanistan. Medical experts are producing vaccine to combat Swine Flu. Each issue focuses on the need to ensure public safety. Yet most businesses – including agencies that rely on timely, accurate information to make decisions about public safety – overlook a serious risk that jeopardizes their effectiveness and ability to survive. The threat? Inadequate document security.

Businesses need secure access to accurate information to make smart decisions. Usually information is scattered: on paper (subject to deterioration, misfiling, security breaches, and loss); trapped in the minds of executives, managers and workers (subject to unintentional alteration and selective memory); and stored in electronic documents and software applications (subject to inconsistent rules, conflicting policies, and difficult to lock down). A recent 2009 AIIM report entitled Electronic Records Management – Still Playing Catch-up with Paper shows 60% of managers surveyed couldn’t be confident their records hadn’t been altered, deleted, or inappropriately accessed if they were challenged. More than 70% had no provisions for long-term electronic record archival; 31% had twenty or more content repositories that could be usefully linked (and presumably weren’t, complicating access and security). Many respondents described their electronic records as unmanaged; most lacked email management policies. It doesn’t take an expert to uncover a foul brew of document security concerns. Ignoring document security invites trouble.

Set clear policies Document security has two sides: human and technological. Management has the onerous job of weighing rules and regulations against operational needs and determining acceptable risks versus those that jeopardize their business objectives. Identifying unacceptable risk is a precursor to creating governance policy.

Communicate policies frequently – in writing Rules are futile unless they’re communicated – frequently, understandably, and in writing. Understanding what constitutes risk, acceptable behavior, and the penalties for disobedience dramatically reduces employee blunders. Convey your rules and reasoning clearly. Document your communications. You’ll reduce company risk by demonstrating intent to comply.

Well-laid plans, smart hiring decisions, and regular communications minimize risk, but they don’t guarantee document security. Where 100% document control is hindered by human limitations, web-based electronic document management (EDM) excels – governing, observing, and tracking file use, 24/7.

Emulate policies electronically Everyone hears about planned security breaches. Yet typically, compromised document security is unintentional:

People view sensitive information while searching for unrelated information. Employees inadvertently destroy original files without noticing copies or imported documents are faulty or illegible. New employees don’t know the rules and handle documents improperly. Temporarily removed or inappropriately stored documents can’t be located on demand for audits, subpoenas, or processing. Workers delete documents deemed worthless, learning afterward that retention rules changed or they were mistaken. EDM ensures security from the moment of capture, preserving file integrity throughout the business lifecycle and providing a central repository for stored information. Readability and integrity are verified upon capture. Digital storage eliminates deterioration, misfiling, or loss. Files are readable, properly stored, and secure. Customizable security determines who can retrieve, view, edit, annotate, manage, move, or delete files. Administrators can set rules for data use and walk away, knowing employees can access whatever they need.

Remove temptation and filing mistakes Companies are increasingly subject to strict regulations governing information use. EDM enforces your governance policies, letting you:

Restrict file access by creating pre-defined searches to retrieve files staff need. Restrict document viewing to specific personnel by job role and document type. Associate individual editing and annotation rights to pre-specified users and file types. Ensure only authorized persons can delete batches, files, and/or pages of documents. Assure consistent indexing Employee logic varies for document classification and search. EDM enables standardization, making filing consistent and search 100% successful.

Assign documents to batches during scanning or importing. Index documents by document type, customer ID number, and other unique identifiers. Associate related documents for a comprehensive view of information. Validate the integrity and accuracy of scanned and imported files through automated validation; request alerts when documents require intervention. Digital capture gives you control over your content.

Prevent document alteration Document alteration poses huge security risks, especially in the face of litigation and audits. ECM allays fears of inappropriately altered documents. You can:

Restrict document annotation and alteration rights to pre-designated persons. Ensure file alteration and editing rights reflect current policies. Store business-critical emails as unalterable documents. Avert inappropriate file deletion Missing and lost documents typically comprise 7.5% to 11% of all document requests, with workers spending anywhere from 20-50% of their time looking for information. MIA documents cost time and money to recreate; if they’re needed for an audit, subpoena, or industry mandate and not found, penalties can accrue.

EDM ensures documents aren’t deleted until they’re scheduled to be migrated or destroyed. By limiting user rights, you ensure against accidental and intentional purging. Automated retention assures document migration, purging, and deletion follow your rules. Regulatory changes? No problem: EDM grasps new instructions immediately, adhering to governance directives.

Adjust rules as hierarchies change Between a quarter and a third of employees change jobs or positions annually. Promoted employees suddenly need access to additional information. Demoted workers lose rights to access particular documents. Some are fired or leave, creating concerns they may take information with them, and new problems arise as knowledge must be transferred to new hires.

EDM tackles these issues with ease:

Users and feature rights are pre-designated electronically, making appropriate files accessible immediately to new employees. Administrators make documents instantly inaccessible to departing employees by deleting user rights and features, eliminating the risk of inappropriate file use. Rules and rights are easily reconfigured, ensuring new employees can access repositories and files they need without the risk of stumbling on sensitive information or overlooking policies for document access and use. Lock down email Email management eludes many managers. Critical communications about customers, partners, third-party vendors, staff, products plans, licensing information and more often are trapped in email Inboxes, inadequately archived and difficult to find.

By managing business email within EDM, you can:

Index and archive critical emails as documents of record. Restrict access to email content, while disclosing contents to authorized persons. Regulate printing, migration, and deletion of stored emails to specific users. Avoid disaster The topic of avoiding business disasters drew attention this year when the Association of Corporate Travel Executives (ACTE) recommended that companies limit how many executives can travel simultaneously on the same corporate or commercial plane. Experts recognized that a single calamity involving the loss of multiple top-tier executives constituted unacceptable risk, as it could destroy a company and result in considerable job loss. The same is true with the loss of your business-critical documents.

Document preservation is the left hand to the right hand of document security. Careful planning, quality EDM, and appropriate professional services ensure you have:

Effective backups and fault-tolerant, redundant systems that ensure you stay connected to your information. A disaster recovery plan that outlines the hierarchy of document importance to ensure business continuity and accelerate document recovery. Uninterrupted access to your business-critical information if a disaster prevents staff from working onsite. Physical data recovery in case a real disaster strikes or your system is shut down. Forge ahead If your company makes the headlines, don’t let it be because of a security breach or shutdown. Creating a document management strategy and investing in EDM means your past, present, and future documents will be in the right hands, whenever and wherever they’re needed. By leaving the arduous task of document management to EDM, you’ll have more time to focus on taking your business to the next level. Good luck!

Building Your Coaching Business – Information Marketing – What to Do When You Get the Appointment

Here are some power questions that will grab your prospective client when you have your meeting.

Stop selling, and start helping. You will see your sales close ratio go up 5-10 times from where you are if you’ve been “selling” during those meetings.

Although this article is meant to show you how to follow up the Information Marketing letters we mentioned in the previous article, this approach still works for almost any sales appointment.

Just keep in mind that “you are not there to sell,” you are there “to help.” There is a clear distinction, at least as far as how the prospect perceives it.

Does that mean that you aren’t going to close, no, you will. However, you MUST be there to help him no matter where that may go. You are there to help the prospect find the answers he needs to solve the problems you are going to help him discover. You will work on HIS problems together heading for the answers. When he finds those answers, he will recognize that you were the one that guided him there. And, in most cases, there is still more work to do. He’ll want you around to help him find more and more answers, and help him implement the actions.

Since you are not here to SELL, you will not be in the TELL mode. You will be coaching him to find his most important answers to his most important problems.

Here are some questions that just might help:

Start your meeting off by asking them to explain what was the most beneficial thing they got from the article (assuming this is the follow up to that information marketing campaign). If this isn’t a follow-up to an information article campaign then just go directly into the questions that follow.

  • What are your biggest goals for your business this year?
  • What are they worth to you, if you could achieve them?
  • If you could achieve them sooner than expected, what would that do for you?
  • What has been the biggest obstacles to you pulling that off?
  • What might have delayed achieving those on time?
  • If you could solve those problems in the next week or two, what would that do for you?
  • What has it cost you for not achieving those?
  • What is it costing you every week that you don’t achieve those goals?

You want the prospect to define the value of achieving those goals in dollars and cents. What it has cost them in not achieving them. That sets a value for moving forward and a cost for not acting.

You’ll see that most will decide to move forward either at this meeting, or a meeting that follows up quickly.

If the prospect ultimately says he isn’t ready to move forward, what do you do?

Ask him when he absolutely has to have this problem resolved?

Make sure that you know what the weekly cost to him is for every week that this is delayed, because the chances are that the delay is more costly than your fee. This might be worth a discussion before leaving.

When he gives you a date, ask him if he’d like to continue receiving your articles on how to resolve his problems. He’ll be on your list, and it wouldn’t hurt to have some hints and tips about it.

When the date comes up, give him a call. There is a really big chance that he hasn’t done anything to fix the problem. In that case, show a concern that he said it was costing him $______ a week, and you have some other suggestions that might help out. Schedule another appointment to talk it over.

Remember, your fees ARE going to be less than the costs he is facing in not getting it fixed.

You are selling your value, not coaching or consulting. Be able to give a testimonial that shows how much other clients gained from your coaching.