Digital Transformation

Lotusphere Session Highlights – IBM Connections Auditing and Compliance Infrastructure

IBM Connections Auditing and Compliance Infrastructure

I attended a session with Rene Schimmer, Offering Manager, IBM on Connections auditing and compliance.  As social business continues to grow and become the norm, auditing and compliance becomes more critical, especially in certain industries that are subject to government regulations.

Social Business and Compliance

There are quite a few key concerns with governance, risk management and compliance for social business.  These include:

  • Avoid conflicts of interest (between employes, customers, partners and/or investors)
  • Establish safe practices and policies on how to use social media
  • Protect reputation and image
  • Protect confidential information
  • Balance information retention and storage cost

There are quite a few regulations which have existed for some time in financial services, energy, healthcare and government which directly impact social solutions.  A best practice is to develop safety conscious external practices and a managed social business network for internal communications.

To demonstrate the importance of this, 98% of companies cite defensible disposal of information is important to governance yet only 22% of companies can prove they have done this properly. A typical average cost to retrieve information per legal action can be around 3 million and 70% of the information is typically irrelevant.  This problem only grows as social tools become pervasive.

Information Life-cycle

Here are the typical information life-cycle steps for email or document retention.

  • Create
  • Collect
  • Analyze and dispose if not relevant (This is a risk if the wrong content is exposed)
  • Archive (This can be expensive)
  • Discover
Covid 19
COVID-19: Digital Insights For Enterprise Action

Access Perficient’s latest insights into how you can leverage digital technologies to not only respond to the pandemic, but drive your operations forward and deliver experiences your customers need.

Get Informed

Connections is different because now you don’t just have email and documents, you have profiles, communities, forums, wikis, activities, blogs and more.  This complicates the information life-cycle problem since there are many different types of content.

Compliance Related Capabilities in Connections 3.0.1

Connections has the following built in auditing and compliance capabilities.

  • Event tracking
  • Access control
  • Moderation
  • Simplified UI customization

IBM Connections Event SPI

Real-time events are generated for all create, update and delete operations.

  • End-user actions
  • End-user changes in preferences
  • Administrative actions
  • Automatic system events
  • Content moderation
  • Bullets

Moderation

Moderation is the process of controlling end user content ensuring it is appropriate.  This helps control the quality of communication making sure it is appropriate.

There are 2 types of content moderatoin:

Pre-moderated

  • Automatically – E.g. a profanity filter grammatically looks at words and replaces them or blocks the content
  • Manually – putting content in a queue and manually review it

Post-moderated

  • Triggered by flagging published content
  • End user reports content
  • Content reviewed for appropriateness
  • Enabled in both the UI and the APIs

Vantage for IBM Connections

Vantage is a product by Actiance that helps organizations manage compliance across Connections.

  • Content logging captures content posted even if deleted
  • eDiscovery – Reviewer UI shows content in context of related items
  • Real time integration captures events instantly
    • Real-time content monitoring
    • Keyword blacklist
    • Granular policies to map compliance requirements
    • Send alerts via email, e.g. when prohibited content is posted
  • Content can be reproduced even with formatting
  • Vantage also supports Sametime

After viewing a demo of Vantage, it looks like a strong product capable of meeting many of the compliance regulations and concerns an organization has.

 

About the Author

Technical Director, Portal

More from this Author

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Subscribe to the Weekly Blog Digest:

Sign Up