World's Fair Flushing Queens

Globalization is awesome for a small business like mine. I can do business all over the world almost as easily as doing business locally. I don’t need to set up branch offices in various regions to conduct business. I rarely need to travel. Between cloud services for storing, sharing and managing information, and online tools for communication (Skype, Webex, Goto Meeting, etc.) it’s easy for me to sit in my home office and engage in real time with clients and partners anywhere in the world that has a reasonably functional Internet connection.

But what if you’re responsible for information management for some huge multi-national like big pharma, international banking, or enterprise software and services?


Information still needs to get to where it’s needed. Information still needs to be protected from inadvertent and inappropriate disclosure. Information still needs to be leveraged for maximum business value. Organizations still need to comply with regulations and legislation, as well as discovery requests. In truth, the high-level requirements are the same for managing information locally or globally. Many global organizations can manage information locally because of how they are structured, while local organizations need to take a global view because of who and where their stakeholders are.

But from a legal and regulatory point of view, matters remain unsettled. Matters such as Microsoft versus the US over data stored in Ireland, and EU efforts to standardize and protect information haven’t been resolved. Those two examples illustrate that just because your data resides in one jurisdiction doesn’t mean you’re off the hook if you’re involved in an action from another.

The dust eventually will settle. In the meantime, craft your information governance and management policies based on where the biggest threat or likelihood of action comes from (and get legal advice, don’t take my word for it).


Making information accessible is a (slightly) easier issue to handle than governance. Go cloud. 

Enterprise File Sync and Share (EFSS) platforms have a come a long way in the last couple of years. Leaders like Box and Dropbox for Business have pretty much eliminated the need for emailing files and setting up FTP sites in order to share content. From a governance, risk and compliance perspective, some of the onus is put on the providers rather than the organizations sharing and consuming content. Many EFSS providers have already achieved compliance with various standards for security, data protection and regulatory compliance. The list of certifications with which vendors must comply and the number of vendors getting certified continues to grow.

It’s my belief that the recent consumerization of IT has actually made things easier in terms of doing business on a global basis. Prior to the innovations we’ve seen as a result of consumer-based tools and BYOD, think about what orgs had to go through to serve up information for consumption and collaboration across the globe. Now think about how easy it is to do the same things today with technologies that may be procured without IT involvement.


Globalization has a ways to go before we have definitive answers for everything involved. I certainly don’t have them. Legislation and regulations all over the world are in flux. Data residency, privacy and government access rights are all up in the air at the moment. The US and UK governments want everything open to them, the EU wants everything closed. About the only two things I’m certain of are: 1. regulation and legislation is incapable of keeping pace with innovation; and 2. if I had to make information accessible across the globe I’d go cloud (but I still don’t know where I want the data center to be).

One last thing to remember: Regardless of what your organization does and where it does it, you’re not going to have the same policies for all of your information. Policies, driven by applicable regulations and legislation, need to be crafted based on the purpose, value and attendant risk of the specific type of information being managed. This is true regardless of whether you’re a global multi-national or a sole proprietor operating in your local area.

Creative Commons Creative Commons Attribution 2.0 Generic License Title image by  liberalmind1012 

Title image by liberalmind1012