Internal versus External

Enable or Protect

In many discussions the view of customer  is often cited as a core driver. Organisations have long made a distinction between an external customer and an internal employee. While there is a strong push to only see one customer in recent times, this push comes from a UX (user experience perspective) and “mobile first” perspective.

In this post I’m looking at Information Management from a security perspective. I strongly believe there are differences for employees and customers. In this case customer includes the B2B (Business to Business) and B2C (Business to Customer) elements.

The Internal View

Enable and Protect

Most organisations have adopted a policy of openness and information sharing. Fileserver security is often implemented as open unless specific needs require folders or files to be secured. The latter is usually bound to confidential or sensitive information like commercial negotiations and agreements, NDA (non-disclosure) data, and personnel files. Other information is shared to achieve better re-use of data, enable master data management, foster staff engagement, and nurture cross functional teams.

The element of trust plays a significant role at what level data is shared.

The element of control plays a second level role which data is classified and who is the gatekeeper.

The balance between those two is for each organisation different and largely influenced by what is commonly called Culture and the Industry the organisation plays in.

A good description is “Enable and Protect if necessary”

The External View.

ProtectAndEnable

Customers want to have easy access to their information with the organisation. Repeat data entries is a turn off. If I can’t see what I’ve done previously is also a big no – no. At the same time my information should be protected from other customers or organisations but not necessarily from other employees of my business. For example a third party is working on a project with the organisation, then this information should be shared between the relevant team members of both businesses.

Consequently such external collaboration is often implemented in closed groups or spaces where membership is controlled. This model requires a much closer attention to detail and review of membership in particular when staff on either side move to a different business or part of the organisation.

Trust and Control play again an important role, although the weight towards control is much larger and often reversed to the Internal implementation.

The description here would be “Protect and Enable where appropriate”.

Advertisements

Why should I do Information Management?

Wanted! people that follow processes

Wanted! people that follow processes

In my previous post I highlighted the 4 corner stones of good Information Management.

  • people
  • processes
  • content and
  • technology

Today, I want to add more detail on the people section. You can have the most clever system and still nobody cares. That would be worst case scenario. How can we pave the way for being successful on this front?

User Experience

About 10 years ago I was the first time involved in Document Management. A small team having experts from the different business areas designed the requirements. A large 20 page document outlined all meta data we could think of, structured in categories and divided into mandatory and optional items. We presented this to a selected group of people with devastating result. It failed the 7 second filing test.

One guy said, “if it takes me longer than 7 seconds to file a document with all this extra data, I won’t do it. I’ll use my trusted filing system where I know exactly where my documents are. Others are most welcome to follow the same process.”

These few sentences highlighted common problems with projects, that were not designed with the user in mind but with a process or an ideal outcome. In this case, all documents would be perfectly tagged with relevant meta data and a process would take care of that.

Lessons learnt:

  • any system must be at least as good as the existing system
  • any trade offs must be clearly understood and accepted
  • and the system must be designed for excellent user experience

Is UX sufficient?

The answer is likely to find in this quote:

Any information system is only as good as it is being used.

Tell me, what else can you do that people use the system?

 

The User Experience

user exterience layersA few weeks back I met with a colleague in our Service department. She showed me a research she was working on. Whoa!, I thought, that’s exciting!

Effectively she was mapping individual touch points a customer has along the interaction journey with our company. Each touch point had 2 components, importance and satisfaction (or delivery) and was measured on a scale from [-5, +5]. Dividing the journey into logical components like “information gathering”, “consultation”, “requirements and needs”, “finding the right vendor”, ” finding the right solution”, “establishing a relationship”, “designing a system”, and so on allows to have different owners and clear subject matter experts.

That’s good to define the touch points from a service or solution provider. But to get the real user experience you need to see it wearing the customer shoes.

 

Marc Fonteijn provides a great example:

Continue reading