Once again, I have to spend time with Law Enforcement and Lawyers; fortunately, this time around, it’s at the EnFuse OpenText conference in Las Vegas. It’s the security conference that isn’t – in the sense that it’s more about compliance, legal and forensics than an RSA conference would be. Though we don’t specialize in security technology research at Deep Analysis, it’s a topic that rears its head all the time. Not so much in terms of stopping bad actors hacking systems, more in keeping things straight with regulators, and ensuring information governance isn’t compromised. Much of the information shared at this event was interesting but not directly relevant to our research and advisory services. But some of the information shared here was a direct hit for us.
Security is a topic that, as an analyst and research director, I have always struggled with. It’s a vast and amorphous topic that seems to cover everything from the question of whether to write passwords on sticky notes, rather than in notes on your laptop (oddly enough not a bad idea) to cloud encryption and beyond. One area of security that has always fascinated me is that so much of it is unnecessary if only information is appropriately managed and secured in the first place. In the past, this has meant things like secure content repositories with strict access controls. But here’s the kicker, compliance and good governance of information is by its nature the implementation of multiple sets of rules. This person has access; this person doesn’t; this type of data is ok to collect, this type of data isn’t, you can keep this kind of information for this many years, but this kind of information needs disposing of sooner. For no other reason, than there has been no alternative, we have tasked individuals in our organizations to impose and administer these rules. That is possible with limited volumes of controlled information, but impossible in today’s virtual Tsunami of information. The only way forward, in our opinion, is to ensure that individuals and regulatory bodies set the rules, but the administration of those rules is automated by technology. It makes perfect sense, it’s entirely possible, yet it hardly ever happens in practice.
OpenText has a long history of buying and selling technology for use in the legal sector, over the past few years it has added further to its portfolio with the acquisitions of Recommind, EnCase, and Catalyst. Hence the legal and law enforcement attendees this week. OpenText is the firm you go to if you want to find out, for example, what someone is hiding on their cellphone or laptop. It’s the firm many go to, to manage information from its creation and onward throughout its lifecycle. It’s also a firm with strong AI & ML capabilities, and that is what piques our interest.
Automating the management of information and data correctly in the first place mitigates, in part at least, the need for tools to mop up the digital mess of compliance and security breaches. It should be a virtuous cycle of automated governance, compliance, and security. That is both a challenge and an opportunity, not just for OpenText but for our sector as a whole. Law enforcement and legal forensic folk live in their silos, just as governance and information management folk do. The need to bridge these silos at least conceptually is critical. That bridge will come through education across the silos and smart business design, not the development of new technology; the necessary change needs to be driven by the business, not IT.
Work with us today to ensure you are a disruptor not one of the disrupted!
Get trusted advice and technology insights for your business from the expert analysts at Deep Analysis. [email protected]