Gravity Union

View Original

Compliance in times of crisis

Let’s face it, it’s typically an uphill battle to get support for information governance and compliance focused initiatives in the best of times. In crisis circumstances, organizations experience dramatic changes in the way they work. A crisis could be a cyber security issue, a pandemic, or another serious unanticipated event.

As a result of a crisis, it’s likely that at least some organizations will pause, de-prioritize or outright cancel compliance focused initiatives.

Perhaps somewhat ironically: our need to monitor compliance related issues increases as we go through unprecedented change.

Regardless of the maturity of your program around information governance, there are two questions to keep in mind:

  • What actions can we take to minimize the risk with our activities happening today?

  • What we can do today to minimize the effort in the future it will take to clean up things post-pandemic?

Here are our thoughts on what you can do to minimize risk and make it as easy as possible to get back on track once things calm down.

Standardize on technology (avoid shadow IT)

As organizations are forced to change the way that they work, employees feel pressure to find a way to continue to work even if that means going outside the approved organizational technology stack. We are certainly hearing of cases where employees are using non-sanctioned solutions like Dropbox for file sharing, FaceTime for meetings and other applications for sharing files and communicating.

In many cases it may be impossible to keep track of, identity, classify and discover content stored in solutions that live outside the corporate application profile. In general, the less locations where content lives, the easier it is to classify and clean-up.

While we’re certainly fans of the Microsoft and Collabspace platforms, it’s more important that your organization quickly standardizes and provides solutions for file sharing and communication, than it is to choose the right technology.

Communicate (govern) the appropriate use of applications

Office 365 is an amazing platform, but one thing to be aware of is the number of locations records can live. For instance, documents can live in:

  • SharePoint

  • Teams (though technically this is SharePoint behind the scenes)

  • Yammer

  • OneDrive

  • As well as our desktops

We’ve seen entire departments deploy all departmental content to OneDrive in a reactionary response to a ransomware attack. In general, we recommend using:

  • SharePoint for large volume and complex document management scenarios (departmental sites, employee files, etc.)

  • Microsoft Teams for cross-functional collaboration like projects, committees and working groups, and core functional teams like sales

  • OneDrive for personal content or drafts without a home

Again, consistency is key, and the appropriate use of technology will go along way when it comes time to clean up everything.

Keep everything until you have time to deal with it properly

Recently, we had a client who accidentally deleted a group showing up in Outlook. This had a cascading effect of (unintentionally) deleting the corresponding SharePoint Site and Team.

Perhaps we had given this user too much power in the system. Nevertheless, accidents happen. As organizations rush to move into the cloud in order to support working from home, mistakes will be made, lessons will be learned and there will be attempts to ditch a solution and start over.

The risk that a contract or other important record gets thrown out by accident is all too high. A review and approval of content deletion needs to happen to ensure the organization is not incurring unnecessary risk.

While SharePoint has a recycling bin which stores deleted documents for around 30 days, the recycling bin does not store sites or site collections when those are deleted. You can put in a help desk request into Microsoft to restore the site provided you do so in about 24-28 hours, but overall Office 365 does not have a very robust back-up solution (there are third party products that help).

If the business decides it wants to delete a site and start over, you’re better off to lock it down from a security perspective once the business has had the chance to move content over to the new solution. Then, time permitting, review the content and delete it if it’s transitory, or place it into a permanent location if it’s a record.

One strategy you can deploy is to download the daily list of items that are deleted from your environment. Review the report for any suspicious content that may be an important record and where action is needed to restore the deleted item.

Follow best practices for deployment

Following best practices does not necessarily slow things down when it comes to configuring your solution in Office 365 and will pay dividends in the long run. Following best practices can ensure that:

  • The solution scales properly

  • The content is searchable/find-able

  • The content is properly secured

  • The content can be easily managed

  • The solution can be easily changed or evolved

Taking the first point as an example, SharePoint tends to slow down when rendering views on document libraries once the library contains a couple of thousand documents. This can be frustrating for end-users. You also don’t want to restructure and re-architect the solution while the business is using it, as that can be disruptive.

Understanding the current and expected volume of items informs how many lists, libraries and sites you need to spread your content over in order to avoid end-user frustration and rework in the near future.

Following best practices also:

  • Promotes usage of the platform

  • Ensures that people can find the content that they need to do their job

  • Ensures people are not caching copies of content outside the organization or in other systems

  • Helps content be easily classified once you have the time to do so

  • Maximize the ROI that the business receives from the application

  • Will make the business more willing to work with you in the future to restructure the solution once if need be.

Mind the audit trail

With so much activity happening you may not have the time to classify, identify, protect or manage all the content coming and going until things clam down. The audit trail will be critical to understand if anything important happened during the crisis and allow you to deal with it when time permits.

Keep in mind that Office 365 for example, at the time of this writing, only allows for 3 months or 1 year’s worth of audit history on the content stored in Office 365 (SharePoint, Teams, One Drive etc.) depending on your subscription level. You will want to work with your IT department or a third-party solution provider if you don’t have a compliance focused add-on like Collabspace to download and the audit trail and archive it on a regular basis, so if that you need to review audit entries from during the crises you’ll still have it on hand.

Classify everything

If you have the bandwidth to classify content, then classify everything against the file plan. This includes transitory and convenience files.

We recommend this in projects as it allows us to remove thousands, sometimes millions of documents, over the long run. This has the net effect of:

  • Saving costs on storage over time

  • Improving search. In our experience, erroneous, duplicated or unnecessary content is removed over time and then doesn’t pollute search results.

  • Easily identify content added to the solution that is not classified. This ensures that the content is reviewed, and reasons identified for why the content is not classified (new type of content, rogue sites, lack of governance etc.)

  • Making updates to the system easier — for example, if you decide to add a department field to all documents and need to set that value on your existing set of documents.

How Collabspace helps during a crisis

Collabware’s cloud-based compliance product Collabspace took a completely different approach when it came to compliance in the cloud. To be honest, the architecture, took me a while to grasp. However, over the past couple of years as the cloud became a more accepted platform for records management, I’ve come to appreciate the design of the software. Moreover, I believe that in the face of a crisis, Collabspace highlights its strengths.

In summary, we recognize that prioritizing compliance initiatives right now is not top of mind. Take a few simple steps today while people are still creating and managing content to make sure you’re prepared when things go back to ‘normal.’

The Collabspace design pattern

Collabspace is designed as a data lake, where an encrypted, secured and unalterable copy of content is streamed into the write-once-read-many (WORM) data lake.

Benefits of the Collabspace design pattern

The benefits of this design pattern are as follows:

It allows Collabspace to manage and protect the content in various platforms

Collabspace currently supports SharePoint, OneDrive, Teams, Planner, Exchange, network file storage and SAP. Collabware has several more connectors currently under development and custom connectors in their roadmap. This would allow organizations and/or third parties to create connectors for proprietary or less popular systems, but still need to have content managed, secured and protected to align with an organization’s needs around compliance.

It provides flexibility to the organization to use different software solutions or different cloud providers

The cloud allows not only for solution providers like Microsoft to pump out application after application and enhancement after enhancement at a much quicker pace, it also allows for third party software firms to create solutions based on the Microsoft stack in a more cost effective manner. This means that more applications and specific solutions for your business will appear in the market and more changes will be applied to those applications over time.

The impact to your organization will likely be a higher rate of change the applications that your business uses and a higher rate of change of how those applications change.

These new applications will certainly have a compelling story for the business, but at the same time we don’t want to always migrate historical records from application to application in order to maintain compliance every time a new application comes out.

The Collabspace design pattern inherently protects us from application lock or platform lock-in – the idea that you may feel locked into certain application as you have thousands or millions of documents in the solution and can’t afford to spend the time or money to move the content out.

Collabspace has a copy of your content and is managing the life cycle of both the copying the solution (e.g. SharePoint) as well as the copy in Collabspace. This allows the business to evolve and adopt technology solutions as they become available (and when they provide a competitive edge) and we don’t have to worry about losing records, migrating our content from application to application or platform to platform. We essentially decouple our compliance from the business solution.

In other words, you’re able to walk away from an application or cloud provider and adopt new technology at whatever speed the business needs, without having to migrate content or continue paying licenses for software that the business is no longer leveraging. After all, compliance shouldn’t hinder the business, it should help enable it.

Compliance shouldn’t hinder the business, it should help enable it.

It provides business continuity and disaster recovery

Even if you haven’t classified all your content in Collabspace, having your content streamed into the data lake allows you to search and continue working on content if for example Microsoft 365 goes down (which it does from time to time). I would argue too that with the nearly 800% increase in Microsoft 365 users, the usage of technology in non-traditional sectors, such as education, will result in an increase of functionality to meet the demands of new clientele. The need to scale the platform and add the required functionality at an increasing pace will (in my opinion) certainly increase the risk that the platform needs to be taken down to be retooled.

In my recent experience, there were several times where I went to fetch a document from SharePoint, the application was unavailable, and I was able to easily search for, find and download the latest version of my document from Collabspace with little interruption.

It acts as a Microsoft 365 back-up

Microsoft 365 allows you to restore accidentally deleted content for only a couple of days after it’s deleted, and then requires a help desk ticket to Microsoft. By the nature of Collabspace’s design pattern it automatically backs up all your content.

It provides versions even when version control is unavailable or not turned on

Corrupted Excel file in Finance? No problem – go and download yesterday’s non-corrupted version from yesterday. Overwrote that important contract? No problem… go find the previous version.

Previous versions are searchable

All too often existing documents are taken as a starting point for a new presentation or contract or policy, where we lose the old version. Since Collabspace, as noted above, keeps all versions – we are able to search across all historical version of content – so if you need to produce the draft contract for a client as part of an eDiscovery initiative, Collabspace has you covered.

Searching previous versions and all associated files in Collabspace

Protection from ransomware

Content in Collabspace is unalterable and Collabspace is storing all previous versions of the content. Should your network file storage or SharePoint environment get compromised with ransomware, you’ll be able to search, find and download the previous version of content before it was “ransomwared”.

Protecting your content from accidental or purposeful deletion

Since all the content (that you tell Collabspace to protect) will automatically be protected, regardless if you’ve classified it, you will still retain copies in the event where:

  • Someone purposefully deletes content to cover up a misstep

  • Someone accidentally renames, deletes or restructures content

  • Someone accidentally (or purposefully) deletes a folder, library or SharePoint site

  • Someone turns off a cloud-based application

It’s actually impossible for content that is being protected by Collabspace to be removed from the organizational corpus until it is run through a Collabspace disposition.

How this design pattern can help in a crisis

Now that you understand the Collabspace design pattern and the general benefits, let’s dive into how this can help in a crisis.

Collabspace protects all your content until you have the time to deal with it

In what Collabware has honed “Protection by Default”, where as most records management solutions require you to take action in order to protect content (i.e. classify the content against the file plan and then through some means, declare a record). Not so with the Collabspace design pattern. Once content is ingested into Collabspace, the only way to get rid of it is to run it through a disposition process, with approvals if you desire.

Once content is ingested into Collabspace, the only way to get rid of it is to run it through a disposition process, with approvals if you desire.

This means all we have to do is point Collabspace to our target email accounts, site collections, OneDrive locations, network file storage locations etc. and Collabspace will keep it safe until we have the time to deal with it (classify it and apply a retention policy), which may be months or even years out in the future.

This is especially valuable for organizations that are rushing into the cloud to support working from home but do not have the time to layer compliance on top of the solution.

Collabspace allows experiments with technology

Given that many organizations are rolling out technology in a hurry, they may find that for example, Microsoft Teams was the wrong solution to manage employee files, or perhaps leveraged OneDrive for a department site instead of SharePoint. Organizations will likely want to delete sites or teams that were created and recreate them with a better design. Collabspace will ensure that no documents are lost when sites or teams are delete, allowing the business to experiment with technology to figure out what works without the overhead of migrating documents from solution to solution.

Collabspace protects you from ransomware and cloud outages

As noted, cloud solutions like Microsoft 365 go down from time to time. The huge increase in users and demand for updates will add risk that it will go down more often. We are also unfortunately seeing an increase in cyber-crime like ransomware attacks as the criminal element is taking advantage of crises. Since Collabspace has a fully indexed version of content in their data lake that is searchable and downloadable, this will ensure that your organization experiences a minimal disruption should these events occur.

Collabspace allows users to search your network file storage drive from home

Since Collabspace can index all your network file storage content, it can provide a way for end users to search, find and download content without a Virtual Private Network (VPN) or other technology. Many of these solutions that allow for tunneling into the system require both the proper bandwidth and user licenses that your organization may not be set up for if everyone is now working from home.

We know that time and resources are tight these days and you may not be able to invest in a full compliance solution right now. We believe that Collabspace is a great option to have during a crisis and gets you going with a solution that you can build on over time.


Sometimes it helps to have an outside voice to help with compliance conversations. Reach out to us if you need advice or want to talk about best practices.