Do you really know your risk exposure?

Part 2 - A new approach is needed

In the first part of my series of blog posts, I have analysed how Master Data Management can help financial institutions to extract the information hidden as “unstructured data” in their legal agreements. In this part I will talk about how a new approach to enterprise content management (ECM) supports Master Data Management. 

Historically, many companies treated ECM as a ‘tactical’ business application without considering a company-wide strategy.  This resulted in many large organizations having upwards of 20 different systems hosting documents, making it difficult to access and share information quickly across the company. 

On the architectural side, the new approach to ECM requires a single repository with all the business applications integrated.  This is only possible with an architecture in which the ECM is deployed as a platform technology across the entire organization and integrated with various lines of applications. Because of the global nature of the financial firms and the huge amount of information they have to manage, the modern ECM should scale horizontally across the organization and may also need to operate in private cloud or virtual environments.

An ECM that is built for cloud technology and virtualization can further help to lower risk exposure. In 1999, when VMware virtualized the server enabling multiple servers to run on a single physical machine, it paved the way for a stream of related innovations. For instance, a virtualized ECM application offers greater scalability and lower risk than a traditional one by enabling financial institutions to distribute their data globally. If a server that hosts data in one location goes down due to a snowstorm or a hurricane, people would not lose access to their data for very long as the system literally flips over to other servers.

Safety and simplicity are related

There are two other critical areas must be factored in to ensure successful ECM deployment: security and ease-of-use. Despite past misunderstandings about open source software, we have learned through our experience that it offers the most secure environment for ECM. We have deployed the Alfresco open source ECM platform for two major banks. The open source technology enabled us to customize security and authentication mechanisms to suit the very specific security needs and internal policies of these banks, which would not have been possible with closed, proprietary software.

If users feel that they have to work in a completely unfamiliar way with files, they will rebel by store files locally on laptops and share them by e-mail, creating a huge security risk. To address ease-of-use, it’s important that financial institutions involve users early on to test the ECM to ensure that it’s simple and accessible. A modern ECM should offer various ways into the application including a web interface and the familiar experience of using a shared drive. Nowadays it’s also very important to offer users mobile applications that run on different devices and operating systems. As many organisations employ large numbers of contractors and freelance consultants working on different devices, it is particularly important that the ECM is functions securely on both sides of the firewall. 

Fortunately, ECM technology has finally developed to the point where it is fit for purpose even in the most demanding, global financial services environments. There is no longer any need to make difficult trade-offs among security, usability and general functionality. It won’t prevent banks from failing in the future, but it can certainly lower the risks associated with uncertainty.