Why you need information management tools

Features to look for include search, classification, tracking and auditing, policy enforcement, information movement, and access control.

By Tom Petrocelli

Over the past several years, three trends have been converging that significantly affect how companies handle information resources. The first is the constant growth in stored information. This growth has filled up storage systems and overwhelmed administrators. The second trend has been the realization that information is an important asset that needs to be protected and actively managed. Without active management, the value of information is diminished and IT systems clog up like an old drain. The last trend to catch the attention of the IT world is the increased need for regulatory compliance. Managing information is now more complex than ever.

To the rescue come entirely new categories of tools for managing information.

On one hand, this is a positive development. Organizations are gathering and using more information resources than ever before.

At the same time, there are more regulations to comply with and a greater need to squeeze efficiencies out of existing information systems. Having a wider range of tools is helpful.

However, the information management tool landscape can be confusing. Mixed messages from vendors (and analysts) are causing many IT managers to wonder how much of this is hype. Information life-cycle management (ILM), in particular, is suffering from marketing fatigue. Many of the product claims about ILM are sounding a bit too good to be true.

This is normal. All new technologies start with an amorphous set of great ideas, often from smaller companies. Then there is considerable confusion, as many different players latch on to the new buzzword. Finally, things calm down as vendors and IT professionals alike get serious about what the trend really represents. Information management is finally getting down to business. That’s the good news.

The bad news is that IT professionals and corporate compliance officers are being bombarded with complex products and advice. Each vendor offers a magic bullet to solve the problems of information management. We all know, however, that there is no magic bullet.

Before you run out and buy tools-be they software or hardware-consider the following:

  • Information management starts with processes and policies. Get those nailed down before moving on to tools.
  • Not everyone needs all the available tools. For some companies, having a good auditing tool will suffice. For others, a wide spectrum of tools will be required to get the job done.
  • Context is everything. Context consists of the content plus associated data about the information, commonly called metadata. Tools that can’t work with the content and metadata are data management tools and won’t meet expectations for information management.

Once the processes and policies are in order, the next step is deciding what tools will support those processes and policies. What makes this so difficult is that there really isn’t a clean mapping between features and products. Instead, there is a spectrum of features with considerable overlap within and between products.

An information management tool feature set consists of the following:

Search-Tools that index and search for information based on content and metadata. Finding information is the first step in managing it.

Classification-Once information is located, it needs to be classified for easy manipulation later. Classification is based on metadata and content and determined by policies.

Tracking and auditing-An important part of information management is the ability to track changes and provide an audit trail. Tracking changes in metadata is not enough. Changes in content need to be traced and an audit trail created. Policies determine what is tracked and what is reported.

Policy enforcement-Often implemented as a policy engine, policy enforcement gives the system the ability to automate decisions about information. Policy engines drive actions based on changes in the information environment.

Information movement-Information can be moved, copied, and destroyed. Once a decision has been made regarding a piece of information, it is a good idea to have an automated way of doing what the policies dictate, which usually means some form of information movement.

Access control-At some point, it is necessary to secure the information. Policy may dictate that only certain people or software processes can access it. It may also be that information must be kept safe from changes after a set of conditions has occurred. Whatever the reason, information needs a secure wrapper, and the characteristics of that wrapper may change.

Information management tools

There are several types of products that can be part of an information management solution, especially one for unstructured information.

Some of the more common product categories include the following:

  • Desktop and enterprise search engines;
  • Information asset management (IAM) and digital asset management (DAM);
  • Information tracking, reporting, and auditing;
  • ILM; and
  • Content-addressed storage (CAS).

Search engines seek out and find file-based information and index it. Indexing allows for faster retrieval and searches based on a wide range of criteria, especially content. By indexing content and metadata, the software is able to provide a more meaningful retrieval of information.

IAM and DAM also look for and index files, but focus more on categorizing information for later decision-making. DAM has the more-difficult job of trying to derive meaning from video and graphical information. Graphical information has very limited clues as to what the meaning of the information is. As such, these products rely more heavily on metadata for classification than do IAM products.

Document and records management solutions have, for decades, been one of the primary ways companies manage information. What most users dislike about these solutions is the check-in/check-out process. Having to extract a document from the system, make changes, and then remember to put it back, is annoying to people who do this on a regular basis. On the other hand, document and records management solutions are strong on classification, tracking, and auditing and are an important component of compliance monitoring.

ILM is one of the newer segments of the information management product market. ILM requires strong policy enforcement, and products naturally tend to cover this part well. Information movement is the strong suit of ILM products, even though not all ILM processes require that information be moved around or even deleted. The tendency for ILM tools to focus on information movement has more to do with specific regulatory requirements than ILM itself.

Finally, CAS products are excellent ways of providing access control based on content, rather than the blanket access control of ACLs and similar operating system permissions. CAS is often presented as part of ILM, but really should be thought of as its own category. CAS systems are best-suited for securing information from unauthorized changes rather than as core ILM functions. CAS systems do help enforce ILM policies that require access control but are broader than ILM.

Information management starts to get difficult when a set of features are required but not supported by a single product. In that case, there are only two choices: Compromise on features, or deploy multiple products. Since no single product category covers every feature need, comprehensive information management will require a suite of products that are integrated together. Unfortunately, very few information management tools support integration with other tools, especially other vendors’ tools. Support for standard integration and development frameworks should be demanded of vendors to ease integration.

Information management is becoming more complex while, at the same time, it has become more important. Luckily, tools are available, with new ones on the horizon, that help automate information management processes. No single product will do everything, so focus on key processes and match features to them. Then, look for products that provide as many of those features as possible and press vendors for integration tools.

Tom Petrocelli is president of Technology Alignment Partners (www.techalignment.com) in Williamsville, NY.

This article was originally published on August 01, 2005