Value vs. vulnerability: the business dilemma of information on the move

The information created and processed by a business, whether about products, operations, customers or financial performance, can play a vital role in commercial success and even survival.

The information created and processed by a business, whether about products, operations, customers or financial performance, can play a vital role in commercial success and even survival. 

While every business keeps different types of information, some unique and some typical of its industry sector, it is widely believed that exploiting data sets to inform business decision-making can deliver measurable competitive advantage. You would expect businesses, therefore, to be making the most of emerging technologies and deploying resources suitably to exploit their information to its fullest. The truth is that, in most cases, they are not. In a recent study undertaken with PwC[i], we set out to explore how mid-sized (from 250 to 2500 employees) and enterprise-level organisations (more than 2,500 employees) in Europe and North America approach the task of harnessing information value. The research uncovered an interesting discrepancy.

Many businesses (64 per cent) believe they are already getting the most from their information. Yet, a closer look at how the businesses are managing their information reveals that the majority (76 per cent) are not extracting full value because they lack the culture, skills and tools they need to do so. It seems that a majority of business leaders exhibit a false confidence when it comes to the ability of their businesses to manage information for value. More than two in three businesses (69 per cent) believe they know how information flows through the business and where it is most valuable; and 76 per cent say the same about knowing where it is most vulnerable. Yet when asked how they determine either of these, few were able to give a clear answer and most didn’t answer at all.

Historically, information management focused on mitigating the threats to information, with most attention given to getting the security right and remaining compliant with regulatory requirements governing privacy and records retention. This would help explain why the number of companies that said they could pinpoint vulnerability is slightly higher than those that understand where it delivers greatest value. It also explains why many companies are finding it hard to adjust to the new information dynamic. Exploiting information for value will create a tension between the need to keep information secure while sharing it with those employees best placed to use it for business insight and advantage.

The triumph of caution is seen elsewhere in the study. For example, the results reveal that  73 per cent of those surveyed are confident that valuable information can be accessed easily by all those who need it. However, the research also tells us that just 50 per cent of senior managers in Europe and North America are allowed access to such information. In some instances of course, this is absolutely the right thing to do: no business would want to provide anything but highly restricted access to records that contain personally identifiable information or intellectual property, for example. However, when such restrictions do not apply then access should be granted to the data if it is deemed useful, or measures taken to “de-identify” personal information before sharing.

Companies that allow their IT department access to the most valuable information are more likely to grant such access to a number of other functions, including research and development (27 per cent), finance (35 per cent), records and information management (27 per cent) and marketing (26 per cent). However, these numbers also mean that two-thirds of R&D and finance departments and three-quarters of records management and marketing don’t have free access, despite the importance of high-value company insight to areas such as customer engagement and innovation.

This suggests that IT’s traditional role in protecting information could be leading it to restrict data flow through fear of risk or a data breach, and this represents a significant obstacle to deriving the full value from information. Businesses need to create an information strategy up front with the decisions made on who should have access to what information and for what purpose. IT can then play a role as a strategic partner and enabler rather than act as a gate keeper. IT is not the only potential barrier; in a study conducted with IDC earlier this year[ii], we found that legal departments represent a similar and possibly even greater obstacle. Legal and compliance departments were found to prioritize security and risk mitigation over ease and speed of access, with a mere third (38 per cent) believing that data archives can enhance revenue. Moreover, just under half felt that they should be responsible for several key aspects of data archiving – with IT and other business functions disagreeing with them on all counts.

In other words, exploiting information for competitive advantage is not as simple as it seems. Entrenched attitudes, inter-departmental silos, a lack of mutual understanding around information needs and the continuing dominance of security concerns can lead to information being caught behind barriers or even locked down. This has far-reaching impact on a company’s ability to make the most of its information. It is well known that information is at greater risk while in motion than when it is at rest.  But that is no excuse to put it to sleep. The C-suite has a major role to play in breaking down unnecessary barriers, while keeping the information secure. It needs to ensure that important decisions about information access and protection are made by all those affected, and that responsibilities are allocated to reflect the needs of a knowledge-enabled business.  Our study shows that currently just four per cent of companies get it right; we need to work together to multiply that by 25.



[i] Iron Mountain and PwC, September 2015. Iron Mountain and PwC surveyed 1,800 senior business leaders across a broad range of sectors (energy, financial services, legal services, manufacturing and engineering, healthcare (US only) insurance, pharmaceuticals), in North America (US and Canada) and five European countries (France, Germany, Spain, the Netherlands and the UK). The responses to 36 of the questionnaire statements in the survey drive and populate the information value index. PwC and Iron Mountain consider these statements to represent the core organisational (governance and culture) and technical capabilities (skills and tools) and the associated benefits that demonstrate an information advantage.

[ii] “Mining for Insight: Re-Discovering the Data Archive,” an IDC white paper, sponsored by Iron Mountain (NYSE: IRM), May 2015.

Read more

Latest News

Read More

Untapping the potential of diversity

26 November 2024

Newsletter

Receive the latest HR news and strategic content

Please note, as per the GDPR Legislation, we need to ensure you are ‘Opted In’ to receive updates from ‘theHRDIRECTOR’. We will NEVER sell, rent, share or give away your data to third parties. We only use it to send information about our products and updates within the HR space To see our Privacy Policy – click here

Latest HR Jobs

About the Company: Fortress is a purpose driven organisation. “Saving lives by providing the best safety solutions” is at the heart of decision making and

Maru is seeking an enthusiastic and knowledgeable HR Coordinator to join our global HR Team and work alongside our UK HR Manager. This role is

Reporting into the HR Manager, this role is integral to the UK people function in providing a first class, business focused HR solution, in all

About Leader Engineering Leader Engineering is on a mission to transform energy recruitment. For nearly 20 years, we’ve built real, lasting partnerships in the oil

Read the latest digital issue of theHRDIRECTOR for FREE

Read the latest digital issue of theHRDIRECTOR for FREE