No single thing probably drove the early growth of the internet as much as email did. In that way, it’s considered a driver application for internet tech, like cryptocurrency sparked interest in developing blockchain tech. Email gave us an inexpensive (sometimes free) and instant way to communicate all over the world. In addition, email lent itself to automation, collaboration, and integration, which sparked development to incorporate those ideas into other kinds of software that worked better for specific tasks.
That was OK then. But we have graduated — or at least we should have. Today, using email for more than mere communication generates avoidable problems and inefficiencies, particularly in an era when you can rely on better tools that will help improve efficiency and overcome email’s challenges. In particular, businesses that rely on email too much to share files and collaborate will certainly struggle with the many hazards of information sprawl.
Understanding and Overcoming Today’s Challenges with Email
Look at just a few problems information sprawl causes when email becomes the de facto collaboration tool. Even more, understand how smart document management systems can eliminate these kinds of inefficiencies and errors.
In a previous article on problems with using email attachments for collaboration, we brought up the specific example of a CEO who wanted input about next year’s business plan. She attached her draft to the email she sent to her five vice presidents. Each of them made some edits and forwarded their versions to their own department heads. As the day for the CEO to present the plan approached, she found her own inbox full of dozens of versions of the plan, all edited, corrected, and commented upon by different people.
In the end, that CEO found himself trying to consolidate all of these versions — a difficult and error-prone process. Even if some of the executives and directors did not make a single change, he still had to account for each of them to make sure they approved it. If not, he needed to write a follow-up email to nudge them.
Is this really the best we can do in an age with tons of easy solutions to the problem?
With an intelligent information management system, she could have simply shared the document link with each stakeholder, alerted them as their deadline for edits or approval approached, and each person would be contributing to a single authoritative document version. The CEO would then have had one version-controlled and consolidated document. Not only could he view all edits in one place, he could also easily see exactly who generated each change and exactly when they did it. This made it much simpler for the CEO to verify information, accept the right changes, and produce his final business plan.
Today’s businesses don’t just keep information in text documents. Various media may consist of graphics, videos, and sound files. If everybody relies on emailing and downloading these as email attachments, it can bog down both the performance of the email system and the capacity of storage devices. Instead, smart document management can keep track of the single storage place for these files and various versions and simply send everybody a hyperlink to access it.
Security and Compliance Problems
Even with small documents, having multiple copies stored on various cloud accounts, employee’s laptops, and of course, as email attachments generates more security vulnerabilities. Just as bad, storing private or sensitive information may create compliance breaches. With a good document management system, the owners can set rules for files that only allow the right people various types of access. Not only does this keep information secure, it also allows the company to demonstrate their compliance with regulations governing the kind of information they have.
Let’s say the CFO just had the latest version of the company’s financial report stored on his hard drive the day before he caught the flu, needed medication, and was in no shape to remember to tell other executives that he had updated the last attachment he had received from the accounting department. Even worse, let’s say that CFO suddenly left the company and had his server account deleted, along with the latest report.
Thinking she could simply bypass the CFO, the CEO asked the accounting department to email her the figures, with neither party knowing the CFO had the most current document on his own computer. Again, a central store of this information would show the most current version and a history of changes. A high-level user could also set and change ownership permissions with a few clicks, so the person who needed to take over for the CFO would take responsibility for this document.
Business Process Inefficiencies
Using the example of the business draft, the CEO wanted to ensure she gathered approvals from everybody who received her first version of the business plan. In turn, she needed to know when the draft had circulated to all stakeholders and then been returned back to her. With email, she would have the clunky process of sending out reminders and then having to check off names as replied hit her inbox. Instead, she could have set alerts within her document management system both to let the stakeholders knew she had a task for them and in turn, to let her know when they finished it.
How Enterprise-Quality Document Management Eliminates Information Sprawl
Nobody doubts the importance of email. It helped grow the internet and revolutionized communication. Still, as noted on HubSpot, many businesses still relies on email for more than its core function — simply out of habit. It’s not that surprising that even top executives still rely on the tool they’ve probably used their entire career. At the same time, once they’ve been introduced to the benefits of smart information management, these same business leaders are pleasantly surprised to find a comprehensive tool to collaborate, track versions, manage audits, automate business processes, and avoid errors.
There are a surprising number of companies operating without any real idea of their worker health & safety and/or environmental regulatory obligations. This is particularly true in developing countries, where there are undoubtedly many reasons for this lack of understanding of the HSE requirements:
blissful ignorance, i.e., lack of awareness of the requirements
little or no concern about worker health and safety and/or environmental issues
little or no concern about the consequences of not being compliant with the regulations, i.e., lack of enforcement by the regulators
lack of people and/or resources to compile such a register
concerns about the cost to develop or acquire such a register
Equally surprising is that, by far the majority of companies that do have some sort of HSE legal register have one that is incomplete and/or out-dated.
A legal register is a compilation of the laws and regulations that apply to HSE issues at your business. It is simply a tool to help you and your company manage a business issue – namely compliance with legal and regulatory requirements.
What is important is that the register is:
complete, i.e., includes all of the laws, regulations, ministerial orders, etc. that apply to your company’s operations
as simple as possible, i.e., remove the complex legal jargon so that the requirements are clear to all
updated regularly, e.g., real-time, monthly or quarterly update
supported by people knowledgeable in the requirements and how they affect your company’s operations, e.g.., HSE manager, but can also be consultant, in-house legal, or others
There are numerous very good reasons for having a HSE Legal Register:
This is a direct requirement of virtually all corporate health and safety or environmental management systems, e.g., ISO14001, ISO45001, in-house HSE management system, etc.
If your company has operational activities with material HSE operational risks, then the register provides the basis for corporate liability protection, as it is needed for performing a compliance audit.
If something goes wrong and your company has been operating outside of the legal HSE requirements, this can directly affect you. It is strongly suggested that you find a way to protect yourself from the consequences. After all, this is one of the few jobs where the consequence of failing can mean that you spend time in prison!
And, last but certainly not least, compliance with HSE laws and regulations will help protect your workers and impacts on the environment.
There is no legal obligation anywhere in the world that requires you to have an HSE Legal Register but it is advisable to have one.
A HSE Management System is an integrated approach where all the 3 HSE factors are effectively managed to reduce risks in the workplace and environment. The objective of a HSE Management System is to provide a structured management approach to control health, safety and environmental risks.
International standard ISO 45001:2018 Occupational Health and Safety Management Systems lists down requirements with guidance for use. ISO 14001;2015 Environment Management Systems sets out the criteria for an environmental management system.
Regardless of the industry you are in, all organisations need a comprehensive, well-documented HSE management system to ensure that all personnel are safe and environment are protected. A HSE management system must be written down, communicated and practised.
The key elements of a successful HSE management system include:
A HSE plan is a strategic action plan which sets out all current and prospective risks for the company. It provides an analysis of all risks present, with an outline of how to remove said risks. This HSE plan helps to set up a framework for all workers to follow and be held accountable to maintain the HSE record of the workplace. A HSE plan also comprises of HSE inspection checklists and emergency response plans.
Risk assessments document all risks in the workplace. This helps in protecting all workers and surrounding people from potential hazards. All areas of HSE non-compliance are outlined in the assessment and aid in ensuring proper solutions are in place. After risk assessment, risk monitoring is to be conducted depending on the risk level to maintain HSE in place.
Reporting of HSE elements is needed to monitor the performance of HSE elements. HSE key performance indicators (KPI) are needed to measure the performance of the HSE aspects. These KPI help to identify areas that need improvement. KPI for HSE include Lost Time Injury (LTI), number of accidents and incidents, productive days, near misses, etc.
All workers need to receive adequate training on the various HSE rules and procedures at the worksite. A thorough training program includes all HSE aspects e.g. PPE training, fire drills, scheduled waste management, management of pollution control equipment, etc. These trainings must be recorded to keep track of the trainings to ensure a successful HSE management system.
In conclusion, management plays a critical role in making HSE management system a success.
Shadow IT is when employees use unapproved software, apps, and devices to do their jobs. Typically, employees have good intentions and may turn to various ad-hoc services to get their work done because they don’t believe their employer provides them with a good solution. Since the 2020 Coronavirus outbreak, surveys of IT professionals have revealed that the rise in employees working from home has generated a surge in this practice. Find out why even the best-intentioned uses of shadow IT can pose a security threat to your valuable information and how you can control it.
Why is Shadow IT a Security Problem?
According to reports from MS Office, almost three-quarters of executives admit they don’t know how many shadow IT applications or devices their employees use. This isn’t surprising. According to Microsoft, even security professionals gravely underestimate the problem. On average, they believe all workers in their organization use 30 to 40 unapproved tech solutions when a better figure would probably be closer to 1,000.
These facts also aren’t surprising when you see studies that reveal that about 87% of senior managers have uploaded sensitive documents to a personal email or cloud account. If even senior leadership succumbs to these temptations, you can bet your business has a widespread problem.
While mostly well-intentioned, using all of these unapproved and unknown apps can generate dozens of serious problems for datasecurity and data integrity. Some critical issues include:
Lack of visibility: IT can’t manage resources that they aren’t even aware of. Companies need tools to monitor their networks and any new devices or applications that interface with it.
Impossible to enforce compliance rules: If a business doesn’t even know a resource exists, there’s no way to make sure it complies with government regulations or internal governance. Especially with sensitive data, organizations need to ensure employees get permission before using third-party solutions.
High risk of lost data: Again, there’s no way to know if somebody uploaded the latest and most correct version of a document to their personal email or cloud service and then got sick or abruptly left the company or simply had a problem with their unapproved device or software’s storage. Businesses need a way to track information additions, deletions, and changes, and they also need to ensure these changes get backed up.
Impaired efficiency: If one team has decided to share documents on a cloud server but another team’s passing email attachments around, departments will fall out of alignment. If multiple departments need solutions for such issues as collaboration and document sharing, the company should implement one approved solution.
Vulnerability to digital threats: Obviously, this is the 900-pound gorilla in the room. You have probably read plenty of stories about attacks on popular software like Zoom and Google Drive. These days, companies are particularly vulnerable to phishing attempts made on an unsuspecting user’s email. Solutions that can reduce the risk could include enterprise-security software, audit trails, and two-factor authentication.
Again, most employees turn to outside solutions out of the best of intentions. A good first step probably includes surveying your workers to find out what features they lack in the toolkit your business already provides for them. Then, you can keep people productive and your business safe by evaluating various solutions to fill in these gaps.
At the same time, you’ll also help improve company-wide efficiency and alignment and make security’s job easier by keeping your entire company in alignment. You won’t have to worry that a director has uploaded a sensitive document to his email and one team leader uploaded the attached document to Google docs right before sharing the Edit link with his entire group. In the end, nobody can say which version was correct or even if any of them were.
Future-Proof Your Workforce and Business With M-Files
An enterprise-grade, AI-enabled information management solution like M-Files can almost automatically remove the temptation for employees to turn to ad-hoc solutions to do their jobs.
The software’s smart features can give employees everything they need to work, share, and collaborate. They won’t have the motivation to turn to private email, software, or storage accounts to get their jobs done — especially when they can access business critical information from anywhere and from any device.
The sophisticated, certified security will ensure that employees have only the access they need, and even better, M-Files will handle audit trails and version control. You won’t have to worry about lost, missing, or confusing data.
Using this one, standardized solution will also help keep teams, departments, and entire companies in alignment as they all rely upon the same system. This helps improve communication, business processes, and efficiency.
Employees will also appreciate the fact they can securely login to M-Files from anywhere and with various internet-connected devices. M-Files enables the remote workforce you employ today and in the future.
Schedule some time with us — we’re here to be a resource for you about your shadow IT concerns within your organization. We’ll explain how M-Files features can ensure your employees have a secure, workable solution. We can also arrange a free trial or demo, so you can actually watch M-Files in action as it improves your company’s security, efficiency, and alignment.