New Opportunities, New Risks: A Disrupted Workforce is Reshaping the Data Landscape | Headlight

In case the complexity of corporate data doesn’t create enough turbulence to keep corporate and legal teams awake at night, a prolonged pandemic will really shake things up. Because now a complex data landscape has also become a complex employee countryside.

What has been called the “great resignation” (about 38 million workers voluntarily resigned their jobs in 2021) has rocked many businesses as they struggle to adapt their organizations to a reconfigured and remote workforce. With little time to plan for the risks and contingencies such a seismic shift would normally entail, companies are now catching up, looking for ways to ensure good data management, better responses to litigation and evolving internal investigations. fast, and tight security as they grapple with offsite workers, transformative applications, and the impact of an exodus that may have pushed enterprise data beyond its boundaries.

These unique circumstances present a number of challenges for businesses and their legal teams. In one webinar with Today’s Advocate General, I had the pleasure of joining Scott McVeigh, Onna’s Director of Industry, to discuss how many businesses have been affected. We looked at the recent workplace disruption and considered the impact: what data risks have emerged or escalated? What efficiencies or advantages? What areas of the enterprise data environment deserve renewed attention? What steps can internal teams take to ensure data concerns are addressed and legal requirements are met?

The move to remote work is accelerating the transition to the cloud

Before the pandemic, it was estimated 20% of the US workforce was working remotely. By December 2020, that number had risen to 71%. Even with offices now deemed safer as the pandemic wanes, more than 51% of the American workforce will continue to be remote or hybrid.

The impact of this change has already been profound, reshaping how data is used, formatted and stored. As much as 81% of organizations say the pandemic accelerated their cloud calendars as they rushed to engage with new tools and apps that flooded the market to accommodate the remote workforce. Online collaboration has now become the new norm, with document sharing apps, chat features and web conferencing becoming the dominant forces underpinning daily work.

Improved collaboration A mixed blessing

While this change may have resulted in efficiencies as more informal practices took hold, the explosion of collaborative data technologies has also created significant challenges, particularly for data and records management, security and legal teams. As a result, some important business areas are ripe for renewed focus and innovation:

  • Information governance models: The disrupted workforce has made information governance efforts more complicated and necessary. Remote collaboration and sharing applications mean more data in more places, making it harder for internal teams to create and maintain a cohesive view of the data landscape to contain and control growing data volumes.

    The rapid growth of data from authorized and unauthorized tools and new forms of communication (think gifs, memes and emojis) facilitates the proliferation, transformation, or even disappearance of data, which may require modified policies and procedures or additional. From a data security perspective, privacy breaches associated with other security stressors are magnified as siled data, an ongoing problem, strains processes and existing policies.

  • eDiscovery and preservation imperatives: In implementing cloud applications, preserving and collecting data in a defensible way has not been a top priority. More tools enabling informal, dispersed, and fluid content challenge the paradigm of traditional collection and review. Where is a particular type of data located and who controls it? Who is the custodian or author of content in shared collaborative spaces? With so many new types of data, what is the definition of a “document” or a conversation now?
  • Transitioning employee: When employees moved or left during the pandemic, company data may have disappeared with them – if not through malicious exfiltration, simply because HR and IT, with equally reduced teams, n couldn’t follow the process of integration and disintegration. One of the main concerns for organizations is that the lost data or intellectual property could have been transferred to a competitor.
  • Training requirements: With remote workers, training on the company’s privacy, security and safeguard policies – which is expected to ramp up – could take a back seat to other business priorities impacted by the pandemic. Additionally, cultivating a data-aware culture is now more challenging with employees often detached from corporate data access and storage standards and little to no face-to-face interaction with other employees and their own. responsible.

Law firms and legal services not free from disruption

To complicate matters, as businesses have been transformed by the pandemic, so have law firms and the legal departments that accompany them. Already in the throes of change, the legal market has been strongly impacted both by employee departures and migration to telework, relatively foreign to an ingrained office culture. Lack of attention to document management, often a weakness of law firms, has just added fuel to the fire.

The resignation-induced talent drain likely affected workflows, adding to inefficiencies and duplication of work, as legal and internal knowledge, both internal and external, dissipated with the overall disruption of processes and responsibilities. once routine. This certainly had an impact on eDiscovery processes; legal professionals are still striving to master the art of performing remote discovery from cloud-based data sources.

Bucking the Trends: Take These Steps to Reduce Risk

The disrupted work environment requires renewed diligence, agility and a certain creativity on the part of the internal teams in charge of data and their management. Above all, it requires rigorous attention to potential risks exacerbated by an ever-changing landscape.

Here are some important steps businesses can take to reduce risk:

  • Examine what may now be a very different data landscape. As in pre-pandemic times, knowing where the data resides and in what format is a big part of the battle. With new tools and cloud storage locations making everything even more complex, thinking about applications and the data they generate before deploying them can save time, effort and hassle down the line. Analyze: Who uses which applications? Where does the data go and how is it stored? Who has control? From an eDiscovery perspective, with so much data at stake, it pays to match efforts to potential returns; focusing on the most used data sources is more fruitful than “boiling the ocean”.
  • Cultivate partnerships with stakeholders. As the workforce transforms, partnerships between internal stakeholders, particularly IT, compliance, data privacy, records management and information security teams – in close coordination with business units commercial – are more important than ever to control how and by whom data is created and used. Enterprise silos only increase risk, especially when workers are remote and unauthorized applications can proliferate. Remember, however, that data initiatives are most effective when they come from the top, especially if funding is required. Engage the C-suite as much as possible.
  • Improve information governance capabilities. As pools of data from multiple collaborative sources and cloud applications proliferate, making earlier linear processes cumbersome and costly, a shift in focus towards left side of the Electronic Discovery Reference Model (EDRM) makes even more sense now. With the right cloud-based tools and services, along with the right information governance models, teams can perform better upstream and lower costs downstream.
  • Foster a culture of awareness and data protection. Training, training, training – for current and incoming employees – is essential. Sound policies mean nothing if employees don’t know about them, follow them, or understand the nature of the risk they are meant to address. Educate employees on data “ownership” best practices. Encourage good data hygiene and improve onboarding and offboarding procedures to address data risks, especially those related to preservation requirements. Remember that incoming data from new employees entering the company can be just as problematic as data exfiltration.
  • Review and, if necessary, update document management policies. Records management policies should be considered programmatically to align with the nature of the business. Reduce company exposure by updating policy gaps that may be caused by evolution of confidentiality rules (e.g. GDPR, CCPA/CPRA, etc.) should be a top priority for records and data management teams in any business. Remember that training goes hand in hand with any policy change.
  • Hire experts where you need them. The complexity of today’s data, especially related to privacy and security, may require expertise beyond that commonly found in-house. Be sure to work with vendors and experts who are familiar with today’s challenges.
  • Leverage technology wherever possible, keeping expertise in mind. Various data automation tools can provide the power to import, manage and edit records like never before. AI and categorization tools can be used to assess data in place, potentially mitigating the need for linear data collection, processing and review during discovery. Automated tools can allow for a more controlled review of departing employee data. But poorly deployed technology or without the right experts behind the scenes can diminish the potential benefits. Know what questions to ask. Be an informed and thoughtful user: implement wisely.

[View source.]