Wednesday, December 15, 2010

Wikileaks Lessons

Well, I have an admission to make: I have been all over the map about Wikileaks. Perhaps it is because I have focused on the content of the disclosures. When it exposed US intelligence operatives and “friends on the street” helping our offshore operatives, I was critical. When it made clear that Arab leaders fear a Nuclear Iran as much as we do and made clear that Iran’s Nuclear capabilities needs to be eradicated, I was rather giddy. So my attitude on Wikileaks at one level oscillates with each passing day and the new disclosures.
But that is not the real lesson from the Wikileaks chapter of the ongoing data saga we all live every day called “As Information Flows.” Upon reflection, this is what I have learned in the past several weeks with the Wikileaks exposures.
1. Our controls on information are not good enough and that includes the most important military secrets.
2. Controlling serious content takes serious management of people, process and technology.
3. Small cracks in the armor can really hurt.
4. We need a more secure infrastructure because this one is seriously flawed.
5. For the regular business, you need to redouble efforts on training and controlling what employees say in eCommunications. Businesses need to better control different classes of information by better managing it by its value.

We have lost some of our credibility with the world. While our vulnerability will likely hurt us and our international reputation for the foreseeable future and make our friends clam up a bit, I believe it sent a huge message to every major office around the globe of any business or government leader. Information matters. Lose control and lose the farm.

Are You Kidding me.

Friday, December 3, 2010

What's a Dialoginar?

I have spoken far and wide, long and short, here and there, but I have never done a Dialoginar. Well, I am doing an amazing Dialoginar Series where I play an expert and explore some interesting Information Lifecycle Governance topics. In the near future you will see a YouTube advertisement in which I play a superhero jib jab bobble head and tell you all the fun facts about the Dialoginars. BTW- a bobble head is perfect role for me. The Dialoginar is a great way to learn and have fun while doing it. So, bring your lunch, bring your friends, bring your coworkers, but leave your bad attitude in your cubicle. A Dialoginar tastes great and it's less filling. Can I say that or will that cause a problem with my favorite Wisconsin brewer?

Topics that will be discussed in the initial Dialoginar Series are:

Content Analytics Compliance refers to the text analytics process plus the ability to visually identify and explore trends, patterns, and statistically relevant facts found in various types of content spread across internal and external content sources.

Defensible Disposal – How do companies develop the policy rules to defensibly dispose of information? The only way to purge content is to dispose of it pursuant to written retention policies which take into consideration business needs, legal requirements and legal considerations like statues of limitations.

Information Lifecycle Governance is a way of managing information over time with the necessary controls to advance good business practices. ILG encompasses policies, processes, practices, and technology used to manage information throughout its life starting with creation and ending with proper disposal.

These are just a few of the topics to be discussed in a series of quirky “Dialoginars” to be presented by Randy Kahn and IBM. Prepare to be educated and entertained in a unique approach to the discussions of everything Information Governance. Keep your eyes open for upcoming dates and times!

Friday, November 19, 2010

The risk of failure

Years ago the Basel Accords was promulgated to allow banks in Europe, who better assess financial risk, to keep less monetary reserves. In other words, if the bank could have a better handle on their information so they could methodically assess risk of delinquency, then they would be required to kept smaller reserves. In essence, the more the banks knew about their loan portfolio the less risk of failure and the less money they needed to keep in case of a problem. The upside was that they could use more of the money they took in to do more loans and make more money so information could have real business value.

Anyway, I have been watching the Greek and Irish banking crisis for months. Months before that I watched as the Bank of Iceland hung in the balance. I still thought they used fish as currency in Iceland. Anyway, I’m wondering if they all ignored the Basel Accords or did bad analysis or maybe it just failed.

Are You kidding me.

Thursday, November 18, 2010

Rerouted through China. Really???

If Information is the lifeblood of our economy, then computers are the citadel in which the information nuggets come to securely rest until needed. Wars are now fought across transmission lines and the front line is the internet. If you don’t believe me read the article entitled “US web traffic rerouted via China Telecom” covered in the BBC Technology News on November 17, 2010, in which it recounts how “traffic to some highly sensitive US websites was briefly rerouted via China.” Traffic that was destined for the US Senate, Secretary of Defense, NASA and Department of Commerce found itself in China.

Wow. How in the heck does that happen?

Are You kidding Me.

Monday, November 8, 2010

We need responsible gate keepers.

Weeks ago, there was a leak of thousands of classified military documents on a website called Wikileaks. Mr Assange, the guy (a former hacker) who runs WikiLeaks fashions himself a modern day information “Robin Hood”—giving information gold to the average guy who would otherwise not have such access. In this case, a military guy (currently being court-martialed for this and other breaches of classified military secrets) ALLEGDEDLY gave Wikileaks tens of thousands of pages of classified documents which were then published to the world. Now that is serious “generosity.” Besides fame, news coverage, and being vaulted onto the international media stage, why did Assange make such a “generous” gesture? (At this point, my kids would say ‘dad stop being so sarcastic’) Take from the information rich and give to the information poor. Sounds great. But wait, there is more to this story. In the documents that were exposed was information about folks who were working clandestinely with the US military to deal with combatants in Iraq or Afghanistan, etc. When Wikileaks shared the stolen classified information, it not only shared military secrets but exposed the identity of locals helping the US military. To the extent that any “helper” was assassinated for his trouble in helping the US military, do you think their families consider Mr. Assagne a Robin Hood? I consider him wholly irresponsible with information. In this world where information flows, sometimes too freely, I want gate keepers who are responsible and thoughtful about the consequences of their actions. Hey Mr. Assange, you’re no Robin Hood in my book. Are you kidding me.

Wednesday, November 3, 2010

More FBI Computer Woes

Every so often I get the opportunity to speak or write about the FBI case management systems and its tale of unending failures. The saga continues.
The Oct. 21 Wall Street Journal story entitled “Audit Sees More FBI Computer Woes”, noted that the FBI “struggles with technology are expected to continue to eat up millions of dollars and still leave agents without a seamless electronic system to manage investigations.” Yikes. This issue has been going on for years and we have spent hundreds of millions. I've got an idea, could the FBI hire Kahn Consulting? Maybe we could help. But if we can’t, at least Kahn Consulting could benefit from this seemingly unending money pit. According the article the tech problems “have potential consequences for efforts to prevent terrorist attacks, [particularly when the domestic terrorist threat is growing]. The Sept. 11, 2001 attacks exposed poor information sharing by the FBI and other agencies. Is my recollection failing me or was that the reason we have Homeland Security. Yikes.

Are you kidding me.

Friday, October 29, 2010

Are we contenders?

Some tend to think of China as the young upstart, gaining greater footing on the world economic scene, but in the end controlling only things like the world’s underwear production. If you have that belief, you have underestimated China. This morning it was reported in the Wall Street Journal that the new supercomputer in China can do 40% more calculations than the American supercomputer which held the record. If information is our new lifeblood, we better get busy making sure we can compete on the few playing fields left open to us.

Are you kidding me.

Monday, October 25, 2010

Are you afraid of the "Scraper" man?

Please sing the following to the muffin man song --“Do you know the scraper man, the scraper man, the scraper man…” I find that when you sing, even about scary stuff, it makes things all better. Right? Does it work that way for you. Oh. Don’t you know what a scraper is? Sit tight while I explain. According to the recent WSJ article, ”‘Scrapers’ Dig Deep for Data on Web”, software specifically designed for “scraping”, or copying all sorts of personal data and private conversations off of all types of websites and social networking sites are being used by many sites without notice or knowledge. Using under the radar memberships or some scraper services actually “stage blitzkrieg raids, mounting around a dozen simultaneous attacks”, the Scrapers are entering and stealing as much data possible as quickly as possible without being detected. All types are firms are paying for our personal data for marketing surveys and demographics to learn more about Joe Public to up their bottom lines. Marketers spent $7.8 billion on online and offline data in 2009. Spending for online data alone is expected to more than double to $840 million in 2012.

Remember information is big business. Getting better quality of information is the objective. But what does “scarpers” mean for privacy?

Now, are you afraid of the “scraper man”?

Are you kidding me?

Tuesday, September 7, 2010

Is where you're parking secure?

Watch the money flows and understand the direction we are going? Right now HP and Dell are battling for a smallish Cloud storage provider. In just a few days, the battle over who will own this Cloud storage company has increased its value nearly 300% to just shy of 2 billion dollars. Just because it's hot doesn’t mean it's secure. “Calling all Cloud Angels-- please make sure you and the powers above watch over my data” If you are short on Cloud Angels call us before you park data in the Cloud without proper protection. Are you kidding me.

Friday, August 27, 2010

What if more were known?

Last November a Muslim military bloke slaughtered a bunch of his “bothers in arms” at Fort Hood. When the massacre happened, I was struck by the information that immediately came out as the military tried to manage the event—seeking to make it less about the dual loyalty a Islamic member of the military may feel and this guys hate for America and the Judeo-Christian heritage. Thereafter, I read that the guy was on-line communicating with radical Muslims—information that seemed fairly important and the type the military could and should known about. Anyway, 13 Americans were killed and dozens more injured by this hateful zealot and I wonder if more had been known, if the result could have been different.

This past week, the final report following the investigation into the event was released. One of the reported findings was that supervisors would be better served if they had access to personnel records—DUH. And also the report made clear military policy “lacks clarity necessary to help commanders distinguish appropriate religious practices from those that might indicate a potential for violence or self-radicalization. Wait a minute, I remember his colleagues reportedly complained about his hateful anti-American rhetoric and radical Islamic rants. Wait-why didn’t the military intellegence monitor his on-line radical Muslim’s involvement? Were they nervous about appearing real and preferred to be PC? OUCH-tell that to the families of the dead and maimed.

Are you kidding me.

Friday, July 30, 2010

We had it all wrong.

We now know that the US intelligence community got the Iran Nukes issue wrong. They are making nukes and it is a major problem for the western world and for our friends in the Middle East. That said, I was reading an article in the Wall Street Journal entitled, “How the CIA Got It Wrong on Iran’s Nukes.” One thing struck me in a kind of way that I can’t explain—“in 2004 a CIA communications officer accidently included data in a satellite transmission to an agent that could be used to identify ‘virtually every spy the CIA had in Iran’. This disastrous error was compounded… because the recipient of the transmission turned out to be a double agent controlled by the Iranian security service. So the Iranians knew the identity of all the agents that the CIA had arduously maneuvered into positions of access, and the technical methods by which the CIA communicated with them… If so, the CIA may have been vulnerable to receiving misleading secret intelligence that Tehran had abandoned its nuclear ambitions in 2004.” OUCH. Are you kidding me. Are you so stupid as to expose the whole operation by attaching the wrong document in one transmission?!?!

Yikes.

Thursday, July 29, 2010

Documents are believable.

An allegedly sick terrorist was released from prison because he said he wasn’t feeling well. The guy took down Pan AM flight 103 over Lockerbie Scotland killing 270 innocent people and was a Libyan Agent but what’s the big deal—he was not feeling well so the British let him go. Now there are allegations that BP put pressure on the British government so Libya would give BP oil concessions. Ok, seems really ugly but I got the point. Maybe it’s true, maybe it’s not.

Now Scotland is asking the US to declassify documents to see what we know about the bad guy, his health and the motivation for Great Britain to let him go. In the end everything is always evidence and the documentary type is usually more believable than say a British politician talking about how sick the guy was. Guess what, the Agent is free walking the streets and not even in a hospital.

Are you kidding me.

Monday, July 26, 2010

Many Thanks

I just completed an amazing trip to China. I was hosted by Renmin University Professor Xiaomi An and had occasion to talk and interact with her students. I spent a lot of time with her graduate students Weakow Wang and Ye Shen. First, when it comes to Information Management they are ahead of the pack. Second, when it comes to navigating China’s bright future, they will play an important role. Finally, when it comes to the deep goodness that makes our world smaller, more connected and joyous, they are some of the reasons why.

China has come so far so fast. China will go even farther with people like Xiaomi, Weakow and Ye Shen. Thanks for opening your world to me and teaching me so much.

Friday, July 23, 2010

If you keep it, it will cost you.

“I am thinking my company would like to be sued and I want to make it as painful as I can.”
“Brilliant. Seems like a prudent plan.”
“What can I do to spend a million dollars or more on discovery?”
“First don’t implement a records program so information will stay around way too long. Then when litigation happens you can do discovery on more stuff, some of it really old.”
“OK. Seems like a perfect plan. By the way, would we ever have to go way back in time for discovery?”
“Sure, if it’s around and potentially relevant you may have to do discovery on it."
"OK, got it.”

In Takeda Pharm. Co. v. Teva Pharm. USA, the litigants had to go back and unearth records 18 years old and it was projected to cost well over a million dollars just to look, excluding lawyer review time. OUCH.

The only way you can clean house and not worry about destruction of evidence claims is have reasonable records retention rules. Many companies (not unlike the ones above) who keep stuff around and don’t apply retention rules, from here on out it only gets more painful and expensive.

How about bringing your record program into 2011 and helping your company out for real.

Are you kidding me.

Tuesday, July 20, 2010

Too much information???

When is information too plentiful? When information is too plentiful does it become less useful? Are you kidding me.

BBC reported today on a Washington Post investigation. Here is some of the conclusion.
“Secret US intelligence gathering has grown so much since 9/11 no-one knows its exact cost, nor how many people are involved, the Washington Post reports.”
According to the Washington Post:
• Some 854,000 US citizens have the highest level of security clearance
• A fifth of the US government's anti-terror organisations have been created since the September 2001 attacks
• More than 250 security bodies have been created or restructured since 9/11
• More than 30 complexes with 17m sq ft of space (1.6 sq m) have been built for top-secret intelligence work in the Washington area since the attacks
• Various agencies publish so many reports these are often ignored by officials

Friday, July 16, 2010

One thought leads to another

I was thinking maybe I would switch careers. I was thinking of opening up a business that drills in deep water for oil might be a good business venture? Thoughts?

I was also thinking about the risk of such a venture. How do you assess risk — number of tolerable failures, severity of a failure, length of a failure, etc. Maybe all of the above. I was also thinking about how the experts in the industry could be helpful to minimize risk on my new venture. And that got me thinking about the Deep Water Horizon failure. And that got me thinking about the email from Halliburton to BP recommending 21 equalizers instead of the 6 that BP used to stabilize the drilling platform, the platform that failed and killed 11 people and caused the greatest environmental disaster the world has ever known. And that got me thinking about records. And that got me thinking that a record is evidence of business activities. And that got me thinking how important one email will be in a liability trial to see who is to blame for the failure. And that got me thinking about a client I talked to recently who wants to get rid of all email WITHOUT regard to its content after 30 days. And that got me thinking about Halliburton’s ability to defend itself without that email, and that got me scared. So, I decided I would just run my lil consulting business and not change careers.

Are you kidding me.

Tuesday, July 13, 2010

Defining Success in Discovery

I was reading an IDC survey about discovery. It stated that 79% of IT executives rate their ability to respond to litigation by finding and producing responsive information as “above average” to “very well prepared”. I don’t care what the survey says and I don’t care what the IT executives believe they are able to do. I don’t believe they are right and in any event, I don’t think they know what success is in the discovery context. Are you kidding me—read the Wall Street Journal and you will realize the defining success in discovery through the eyes of the IT executive is not prudent.

Are you kidding me.

Monday, July 12, 2010

Records Live

A drug that is supposed to help with diabetes is in the hot seat right now as the FDA tries to figure out if it should be pulled from the market. The issue is whether or not the drug increases risk of heart attack. What will decide the drugs fate? RECORDS of the users’ experience and potential side effects will tell the story. Manage records well and the business runs efficiently. Fail to have them and your blockbuster drug is off the market with only expenses and no revenue to show for your effort. Please tell me again why I should care about investing in a Records Program in a down economy.
RECORDS LIVE

Are you kidding me.

Wednesday, July 7, 2010

Social networking and litigation

When litigation happens and it always does, litigants will seek all potentially relevant evidence no matter where it is. Does that include social networking content? Of course. Will they be entitled to it? It depends. But could it be discoverable even if it’s embarrassing? The more the merrier. OK got it. But what if I use Facebook for work and part of my Facebook is personal and the other part is for business. [Message for businesses letting their employees use social networking sites for business. You need to deal with this NOW. Just consulted with a client last week on these issues.] Back to the discovery problem.

In Crispin v. Christian Audigier, Inc. a litigant subpoenaed a few social networking sites for info. While initially the court said they could not get the info from the social networking company because it violated the Stored Communications Act, eventually the court said it was allowed to the extent the information was “not private” but needed to find out what was posted on a wall (thus sort of public) vs. what was private information. The court also looked into privacy settings.

Companies and organizations need rules of the road. Driving without them is stooopid.

Are you kidding me.

Friday, July 2, 2010

It's broken. Let's fix it.

I had a conversation with a colleague yesterday that made me think everything I have already been thinking is not only true, it is truth. He is OLD SCHOOL. Old is pain, lethargy, slow and no longer nimble. School is out for the summer. Change in the information management world is not good, it is essential and foundational. Transformation of the rules that tell us what to do with information is not just needed, it is the only path forward. Without this major transformation in the way we think about information, we will never get the problem under control. Simplicity should not be a guiding force, it must be presumed and the base from which we start. Purest dogma, or anything like it as it relates to how we manage, must be done today so we can start fresh tomorrow. Placing a veil of ignorance on your head(a no brainer for many of us anyway), is the only way to solve the problem without being clouded by past ideas that did not work anyway.
If you don’t understand what I am saying, then let me help you. There are 1800 new exabytes of data that will be created next year which is double the amount of new data created this year. Organizations couldn’t manage the information that they had 5 years ago when volume was way lower-so why will they even have a fighting chance now. ITS TOTALLY BROKEN AND UNFIXABLE. SO DO SOMETHING DIFFERENT. I WANT YOUR HELP TO CHANGE THE INDUSTRY. ARE YOU IN?

YOU ARE KILLING ME.

Tuesday, June 29, 2010

It's just a click away

Ben Worthen’s article “Hackers Aren’t Only Threat to Privacy” in the Wall Street journal was really interesting. But it caught my interest because of the obvious—there is way too much personal information available online. You don’t need to be an information miner with criminal intent and you don’t have to be a dufus to expose information. It happens all day, every day. As he points out “such information is accessible to anyone who knows where to look”.

“A file containing names, social security numbers and home phone numbers of about 1000 current and former Atlanta Fire and Rescue employees was discovered online in April by city officials.”

Are you kidding me.

Thursday, June 24, 2010

Records Don't Forget

Records are the institutional memory when people forget. This morning the BBC reported that the Belgian Officials raided the Catholic Church offices looking for evidence of sexual abuse. What they were really looking for is records documenting past abuse. Records allow us to run our business, document our obligations and remember the past for future reference. Are you kidding me.

Monday, June 14, 2010

Explain the unexplained.

I can’t help thinking about my dear mother saying “do as I say, not as I do”. As I was rereading a Wall Street Journal commentary entitled “Check It Again” about the FBI having issues with inaccurate data when I turned to another Wall Street Journal article entitled “FBI to Probe iPad Breach”. Putting aside the irony, as they exist all the time in info management world, the FBI is investigating email addresses exposed by ATT of some iPad users. Another case of an unexplained “glitch”, bad planning and/or info mismanagement?

Friday, June 11, 2010

Do you need motivation?

A Drug company client was seeking our help to justify further implementation of their records program. I found the following which I thought was fairly instructive. THIS an OLD story from 2002 but I thought pretty on point if you need a “stick” to motivate you. “Shares of Johnson & Johnson (JNJ) tumbled to a 16-month low on Friday after federal regulators began probing allegations of fraudulent record-keeping at a plant that makes one of the healthcare giant's best-selling medicines.” Don’t worry nobody cares about record keeping. Are You Kidding Me.

Thursday, June 10, 2010

The Court of Public Opinion Works

Often I am asked, "Why should I worry about failing to manage information properly?" My first response is that if you are an information intensive business in an information economy then failing to harness the lifeblood of the organization is like giving away a competitive advantage, while squandering corporate assets. Next I say if you get nailed for information mismanagement, you can get whacked seriously by court, regulator and worse of all, the court of public opinion. By the way, for public companies the court of public opinion works on Wall Street as well as Main Street. Well some wise guys then say either aloud or internally, “forgetaboutit”. Brilliant I say. Lets take a look at how forgetful our public is and just how sleepy their eyes really are.

About seven week ago, 11 hard working Americans were killed in an explosion aboard the Deep Horizon that lead to the worst gas gusher leak experienced in America. BTW-my heart goes out to all those families that can't escape their loss as they are reminded of this tragedy all day long on every media outlet. Irrespective of who ultimately is at fault, BP is definitely getting whacked in so many kinds of ways already. Let’s take a look at some costs so far. BP has spent about 1 billion dollars on clean up already. The lawsuits and fines will be rolling in real soon. But wait—that is not the real pain. Remember the court of public opinion. People have told me they drive by BP stations to give their money to another gas station. OK-7 weeks ago they likely didn’t make that decision and we will see how BP is impacted next quarter and next year. How about Wall Street? Well here is where the hurt really hurts and the blood flows freely. Since the explosion, BP has lost about 50% of its value in the market or about 82 BILLION DOLLARS. Now that is serious dough.

Next time you wonder if destroying evidence plays bad on Wall Street or Main Street say the following—“I remember Andersen Accounting and they are out of business because they failed to properly manage information and I like my job.”

Wednesday, June 9, 2010

Abysmal...never a good word

The Wall Street Journal reported yesterday that Bank of America agreed to pay $108 Million dollars to settle claims that a mortgage company it bought cheated customers. No record-keeping issues there. Right? Nope. According to the article, “Because of Countrywide’s ‘abysmal’ record-keeping, the FTC said it would take some time to figure out who should be reimbursed. Most frat houses have better record-keeping…”

I was never in a frat, but they looked like it was big fun. Anyway, If you can’t get your record-keeping act together, have I got a consultant for you :)

Are You Kidding.

Monday, May 24, 2010

Information and consequences

Duh.

I don’t want to sound like I don’t care about privacy (heck, I wrote “Privacy Nation”), but I am struck about the recent spate of articles regarding Facebook and MySpace. As a business model they have created amazing SOCIAL NETWORKING sites to allow people to SOCIAL NETWORK and PURPOSEFULLY share personal and business information to connect and advance a new way of interacting. One rub is that some technical “glitches” have caused personal chats to be exposed to the world. No doubt a problem. Another rub is that business policy (with privacy policy in the background) behind the social networking sites advance a default which is to “expose” information not “hide” it. So, in the end, I guess the sites are working (but not without hiccups). There are ways to lock your information down. Maybe they could be better. There are privacy policies that seem to reflect an “opt out” mentality for information sharing rather than allow all users to make all decisions about what each viewer can see or not and thus “opt in” with respect to sharing information. It is good when technology advances the economy. It is also good when new ways of communicating promotes better communication for business and personal reasons. All new technologies applied to business problems are information and consequences - but these(but for pure technology and security failure)seem intended. Buyers Beware. Are You kidding me.

Friday, May 21, 2010

Wipe it Clean!

My memory started out shaky and has gotten worse as I have gotten older. When I coach my son’s baseball team and have a brain stutter prohibiting immediate recall of a kid’s name, I rely on work-arounds like “Let’s go CHIEF”. Not necessary when it comes to electronic devices of all kinds. Just about every electronic device has memory and some devices have full blown hard drives allowing recall of tons of stuff. There was a recent CBS investigative report of the sale of used copiers. I rarely am surprised but when I saw the kinds of information retrievable from a used copier in just minutes, I was stupefied. Bottom line, when getting rid of not just computers, not just PDAs, but any electronic device you need to wipe it clean before you expose yourself.

Tuesday, May 18, 2010

"Mistakenly" grabbing data?

A German agency is in the process of conducting an investigation of the privacy practices of Google. In the context of the investigation, the governmental agency asked Google about its Wi-Fi data storing practices. Long story short, what came out is that when Google sends vans around the world to map streets and locations, it was also “mistakenly” grabbing website traffic and usage from users that was available through unprotected Wi-Fi connections.

Far be it from me to question Google, but its structured technology grabbed the usage data mistakenly? Ouch, that is one major engineering glitch. The Wall Street Journal article covering the story quotes Google on the mistake—“ It’s now clear that we have been mistakenly collecting samples of payload data . . . We are profoundly sorry for this error and are determined to learn all the lessons we can from our mistake.”

Well, I am a big fan of learning lessons and this one gives American business a black eye in Europe well beyond Google. Information flows. Information stores. Information transmits. I like Google, don’t get me wrong, but when in Rome do as the Romans do. And when doing business in Europe or anywhere for that matter, respect their laws about information because information matters.

Tuesday, May 11, 2010

2009 NARA Records Management Report

On April 19, 2010 NARA sent its assessment report to Congress regarding how Federal Agencies in 2009 were doing at managing records. Nearly 90% of the Agencies responded to the assessment. I am wondering why the other 10% didn’t-but whatever. I am also wondering why they are just getting around to making the findings public for a study done in 2009-but whatever. What was really terrific was the results that indicate that 79% of agencies are either at “high” or “moderate” risk of improperly destroying records. Brilliant.

Are you kidding me?

Friday, May 7, 2010

Thank Goodness for Records.

Sing the following to the Madonna song “Material Girl”--“I am living in a glitchy world and I am a glitchy boy”. The more the world changes, the more it stays the same.

This week it was reported that a Facebook software flaw allows others to see your private instant messages. That’s a Facebookery problem of major magnitude.
Yesterday the market inexplicably tumbled on a “trading glitch” taking 1000 points off the DOW for a time. Certain stocks like Accenture went down 100% in a short time. Imagine buying or selling during that period of time. That’s some serious Wall Street IT shenanigans.

The government is investigating an insurer for improper rate increases due to a “math error”. Thank goodness they have records so we can verify if they made an adding error. That’s some seriously bad mathematics.

R U kidding me

Wednesday, May 5, 2010

All business happens through email.

For years I have been saying that email is the transmission vehicle or conduit through which all business happens. Getting rid of the entire contents of the email system because of fear of the “smoking gun” message is like “throwing the baby out with the bath water”. Well I know now that indeed email is the vehicle through which ALL business happens. Take for example, the May 3 Wall Street Journal story entitled “Pope to Overhaul Legion of Christ”, a story about a Catholic organization with a “military-like culture, which led its members to maintain a code of secrecy in the face of sexual abuse committed by its late founder…” In the story, it states, “in an email (emphasis added)responding to an interview request, Luis Garza, the Legion’s No. 2 official, said ‘For the moment, we will have to wait a bit to have the context and full knowledge of everything.” Are You kidding me, everyone uses email for everything.

Tuesday, May 4, 2010

Letter to Wall Street Journal

Dear Sue,

Loved your Best of the Juggle in the April 29 Wall Street Journal.

Years ago I wrote “Email Rules” which made clear that we need to refrain from “throwing the baby out with the bathwater”. Email allows us to be “faster, better, cheaper” in doing all forms of communicating. In commerce, it is the medium through which all business happens. Sure there is abuse and overuse, but in the end it allowed the fabulous “Fab” do his job around the world in an instant. If he was careless in his writing and/or memorialized information that hurts him and his employer then so be it. Email is not the problem. Don’t blame the messenger for your stupidity.

Best regards,

Randy Kahn

Monday, May 3, 2010

Records tell the story.

Coal mining is dangerous. In fact it is one of the most dangerous jobs out there. That is why compliance is a big deal in mining. That is why laws tend to be rather prescriptive in mining. That is why good records management is a must in mining. But we will come back to that shortly.

So a couple guys die in a mine a while ago. I guess it’s part of the hazards of the job. For the family it is an overwhelming tragedy that they will never forget. And it’s good that mine companies retain records because that way we know when they are doing what they’re supposed to. So the president of the company that was subject to one of the most horrific accidents in mining history—remember the one on April 6 that killed 29 American miners, a memo from him seems relevant to the accident. Now I might be taking it out of context or misinterpreting it but seems interesting. According to the Wall Street Journal Article covering the story, among other things, the memo states “If any of you have been asked by your group presidents, your supervisors, engineers, or anyone else to do anything other than run coal (i.e. build overcasts, do construction jobs, or whatever) you need to ignore them and run coal”

Given that attitude it is shocking there was yet another mine accident killing 29 people. Are You Kidding me?

Thursday, April 29, 2010

Computer glitch??

A financial services company reported that in certain computer controlled investments, that there was a computer glitch which affected performance. Upon investigation they found a coding error. Terrific, perhaps that explains why investments lagged behind the industry by as much as 90%. You know the “old school” expression—behind every good pool of data, is a computer that is properly implemented and managed.

Are You Kidding Me.

Monday, April 26, 2010

Time for Policy Review

From time to time I like to check and see how our policies are being followed by our clients. Whether a records management, legal hold email back-up or internet use policy, it’s always instructive for us to see where we can evolve in policy work or how we can redouble our efforts with clients to attain compliance. When we see failure that is too pervasive, perhaps we need to do some more training for our clients. More generally, I read the papers to see how industry is doing as well. So let’s take a look, shall we. Today is Saturday April 24, 2010. I read the Wall Street Journal and found an article directly on point, entitled “Workers Punished In SEC Porn Flap”. Now that salacious title peaked my curiosity so I read on. “Thirty-three people at the agency (SEC) were found to have looked at porn.” According to a Congressman on the House Committee on Oversight and Government Reform, said it was “’nothing short of disturbing’ that SEC employees viewed porn during the worst financial crisis since the Depression” The Congressional report into the government employee smut watching noted, among some really tasty morsels of information, that an SEC attorney in Washington “spent up to eight hours a day watching pornography… an accountant in a regional office was denied access by the government firewall 16,000 times when he tried to access web pages containing pornography.”

Well far be it for me to be my Brother’s Keeper. But these guys at the SEC sure could use a policy review session or perhaps an Information Management Compliance Boot Camp weekend retreat.

Are You Kidding Me — Though I wasn’t there, seems like maybe the SEC is not doing its job.

Thursday, April 22, 2010

Can your PII walk out the door?

Everybody thinks it’s funny until someone gets hurt. Well maybe they don’t think it’s funny but employees certainly fail to take Personal Identifiable Information (PII) seriously and as a result companies get nailed regularly for its mismanagement. Recently, a company made national headlines because it stored the PII for over 3.3 million people on removable media which was stolen from their corporate headquarters. The good news is that the suspect is in custody and it appears that the data contained on the disks was not accessed. But will the public or customers remember the good news or just the bad? PII walked out of the doors of the corporation’s headquarters and was in the hands of a thief for over 2 weeks. Talk about the potential for mass identity theft. Organizations need to take more proactive measures to protect their data and their client’s data.

Are you kiddin’ me.

Friday, April 16, 2010

History repeating itself or was it not fixed the first time?

No doubt history repeats itself. And to a great extent, if you don’t fix problems completely, they will likely come back to haunt you at a later point in time. Sometimes it's not clear if history is repeating or you are being force fed the problem you failed to solve completely before. In any event, many months ago I was speaking about information management compliance and used an example to make the point that today decisions need to be made thoughtfully and thoroughly about what records to keep to properly document business activities. You can keep A RECORD of an event but it might not be THE right or complete record. In the electronic world this is way more complicated than meets the eye. In essence it’s an evidence building exercise. Anyway, the story I was talking about related to a database kept by federal regulators on mine safety. The problem was that the regulator IT department set up the database to track safety problems and compliance issues by mine name only. However, had they also tracked who owned the mines, they would seen patterns of safety violations with certain companies. Addressing the company level problem would have been way more useful as certain companies were the major offenders. As I read an article entitled “Appeals by Mines Delayed Sanctions” in the Wall Street Journal today, I couldn’t help but wonder whether the recent spate of mine disasters was because certain companies that own mines are generally less vigilant on safety and compliance issues. Seems to me loss of human life argues in favor of good and complete mine safety database tracking. But the database tracking failure was many months ago and nothing was fixed to preempt the recent mine disasters. Today Governor Massey of West Virginia is calling for a cessation of coal production tomorrow to allow time for companies and mines to assess mine safety. Now maybe loss of profits will move somebody.

Are You Kidding Me.

Wednesday, March 24, 2010

Generally speaking. . .

Accurate information is generally a good thing. Inaccurate information is generally a bad thing. Relying on inaccurate information can have serious consequences. For example, the March 19, 2010 Wall Street Journal story entitled “Faults Exposed in Oil-Data Collection” addresses the recent admission that the size of our strategic oil reserve is not precisely known because of outdated technology and methodology making “it nearly impossible for staff to detect errors” in the size of the reserve. As a result of errors the world‘s oil price is subject to fluctuations and it affects production of oil and prices.

As the “world’s most important industrial commodity” one would think we would manage the data a bit more rigorously.

Are you kidding me?-

Tuesday, February 16, 2010

Expensive and inconvenient. Really?

A coffee purveyor from Seattle with great coffee and cool employees, (not to mention any names) gets involved in a business dispute with another company who fails to produce email, among other things. In the discovery process the company argues that the email should not have to be produced because it was not “reasonably accessible because of undue burden or cost.” In a world where we use so many great business productivity tools every day, by now all companies should expect to be required to manage the contents and make it available when needed for audits, litigation or investigation. It is too late in the process to be arguing expense and inconvenience when we use the tools everyday to be a more efficient business. Are you kidding me. Of course the court sanctioned the whiners.

Wednesday, February 10, 2010

Why do we need records?

A hypothetical to ponder: A foreign car manufacturer who creates products that are loved the world over, uncovers that one of its vehicles may have a defect that causes a braking fault. That hypothetical company does not go public with the defect issue as it will cost great money to fix, saying nothing of the bad PR to the otherwise revered company. Sometime later after receiving many complaints and experiencing several disastrous accidents that may be been caused by the alleged defect, the United Stated government commences an investigation. When that investigation happens do you think it will rely on people telling the whole story or records to really piece together what happened and when. Employees get fired, forget, selectively forget, lie, retire, move on and get new jobs. At the center of the alleged problem will be records that will either protect the company or demonstrate there was a problem. So why exactly do we need records anyway? Remember you can’t throw the baby out with the bathwater. Are You Kidding me.

Wednesday, February 3, 2010

How accurate is feedback?

What is in a statistics? Let me admit that Kahn Consulting has done many surveys over the years and I have analyzed data provided by many companies responding to survey questions. We labored over how to write them to get “useful” feedback. Yet, “at the end of the day”, “in the final analysis”, “after thinking outside the box”, I was left wondering about the veracity of the input—was the respondent “in the know” and did we get “the straight dope”. Loath to be trite, I wonder about stats all the time. For example, according to an Economist Intelligence Unit Report on Information Governance, “…nearly 73% of respondents report that their company’s overall ability to provide access to critical business information when needed is good or very good”. HOGWASH!!!!—I think? I have no way to verify the report or determine independently whether or not the feedback was indeed accurate. I am not being critical of the report, but rather questioning the feedback. Is it true or not? But in the my heart of hearts, it doesn’t feel right. News reports about business failure after business failure remind me daily that managing information is not nearly as good as it should be. Take the Christmas day terrorist bomber for example. Information about the terrorist existed, in various data bases, from various intelligence agencies and units, in various forms, but the dots were not able to be connected. So is it failure or success even if each of the databases “owners” would say that their “overall ability to provide access to critical business information when needed is good or very good”. I am not convinced we are doing very well at governing or managing information. How many exposures of personal identifiable information (PII) do we need to experience before we conclude something is broken. When my gut says something smells fishy I tend to listen. Are You Kidding Me?

Thursday, January 28, 2010

Tales From the “Not So Swift” Employee Archive

An employee is on his way to the mailroom. Correction, an employee is on his way to the lunchroom. Correction, an employee is on his way to his cubicle to do some more on-line shopping during lunch as he texts his friend about the hottie sitting next to him in his “borrowed” office cubicle (as he normally works at home). Not surprising he is using his company-provided phone. By the way, his company doesn’t have a mailroom anymore as there is no need and people don’t eat during lunch they shop on-line or troll the internet for a weird You Tube video. Anyway, As our youthful employee gropes the texting keys he runs right into a Stuart, the Big Boss- who falls to the ground, fracturing his ego. Thank goodness the new law against texting while driving doesn’t apply in the halls of the work place. After putting together his phone and helping Stu to his feet he sends a text to a vendor stating “got the revised proposal. It looks good. We would like to move forward asap”. You make the call-- Do you think the company needs A) a doofis policy; B) a records policy applied to every communication device known to mankind or c) a social networking policy? At least B & C and maybe all of the above.
R U Kidding Me.

Friday, January 22, 2010

Come on, look me in the eye.

I am looking for one brave soul who can look me in the eye and tell me that the employees at his/her company are actually doing records retention properly. Correction: I am looking for one brave soul who can look me in the eye and tell me that the employees at his/her company are actually doing records retention. Correction: I am looking for one brave soul who can look me in the eye and tell me that SOME of the employees at his/her company are actually doing records retention. Correction: I am looking for one brave soul who can look me in the eye and tell me that SOME of the employees at his/her company are actually doing records retention ONCE IN A WHILE.
Correction: I am looking for one dreamer who thinks that employees can get records management right. After all, “you can fly if you believe wendy”

Thursday, January 14, 2010

It's in there. In the records, that is.

Did you ever hear the old adage-that history repeats itself. According to the Jan 7 Wall Street journal, just recently again another Chinese dairy allegedly tainted its alleged substandard milk with melamine allegedly. Melamine apparently thickens milk (and allegedly kills some people too). It’s great for building products but not great to make substandard milk more healthy. Anyway, it was disclosed that while the Chinese investigated the events for 11 months, they just this week made it all public. We know all this because records tell us so. Remember the last Chinese debacle over melamine tainted milk from 2008. BTW, anyone want to buy some Chinese drywall really cheap? Are You Kidding Me.

Friday, January 8, 2010

Information Determines Our Fate

We live in an information nation. In deed it's almost an information world. And increasingly that information can be used to determine our fate. One case in point is the recent “Christmas Day Bomber” scare. The young man’s dad tells the CIA about the violent proclivities of his son on more than one occasion and worries that he may do something stupid like blow something up including himself. The young man is from a target country that we are concerned about. He has trained and learned radical Islam making him a good candidate to be concerned about. The young man buys a one way ticket. Big Red Flag. He pays cash. Another red flag. The problem was the young man didn’t even make it on the “no fly” list but he did make it on a lower level list. The USA Today story about the failure called it “one database failure after another”. Brilliant.

Are You Kidding Me.