Getting Started With SharePoint Data Governance

Many organizations don’t pay as much attention to document security and data governance as they should, creating a security risk that SharePoint can fix.

By Cathy Dew


You might not be interested in Data Governance, but Data Governance is interested in you

If you don't have rules around how you manage your digital files, you are exposing your company to a higher level of risk. Unfortunately, many enterprises don’t pay as much attention to SharePoint or OneDrive document security or data governance as they should. As a result, these organizations are leaving themselves—and their libraries full of documents and sensitive data—extremely vulnerable. This post will explain the importance of data governance, from what it is to why you need it. In our next article we’ll discuss the basics of setting up governance for your SharePoint documents.

What Is Data Governance?

Data governance (also often referred to as “digital governance”) is the super set of rules an enterprise has in place to manage the creation, revision, storage, use, security, movement, backup, archival, and deletion of digital information. A smart data governance strategy will set up numerous policies and best practices around the documents and data in an organization. These policies will ensure that information management in an enterprise is carried out consistently, efficiently, and securely. Data Governance will reduce the chance of sensitive files from falling into the wrong hands, make it much more difficult to delete key documents by accident, and ensure compliance with government and regulatory standards—among other advantages.

Proper data governance is crucial to the success and long-term health of the modern enterprise. Virtually every business has made the jump to using digital data—at least in some capacity. As these electronic documents pile up, it becomes increasingly more difficult to manage them in a smart, strategic, consistent, and safe fashion. A data governance policy not only standardizes data procedures and expectations across an organization but also puts members of the enterprise in charge of making sure that key policies are followed or executed.

The Key Parts of Data Governance

Data governance can be challenging to understand because it is usually portrayed as a vast concept. Above, we said that a set of data governance policies should include details about the “creation, revision, storage, use, security, movement, backup, archival, and deletion” of documents and files. Said another way, virtually everything that happens to a document between creation and deletion plays into data governance in some way.

To simplify the concept a bit, let’s try to think of data governance as “managing the document lifecycle.” As soon as a new file is created (or imported, or otherwise stored in the system), the data governance policies kick in. The policies and procedures of data governance then stay in place until the file is permanently deleted.

If we consider data governance in this fashion, then the key roles of data governance come down to two steps

  1. Data Quality and Integrity: The first job of a data governance policy is to ensure that data quality and integrity always remains intact throughout the content lifecycle. Storing the file, tagging it so that it can be found easily, implementing permissions to control who has access or editing privileges for the file: these are all responsibilities that fall into this category. The data governance policy should ensure that the file is secure, uncorrupted, and retained in its initial format, but also that documents are organized logically and intuitively. Removing duplicated documents is also a part of this responsibility. In short, data governance is mostly about making sure that organizations can find a file when they need it—no matter what that file might be.
  2. Data Deletion: If step one of data governance is to make sure that a file is there when an organization needs it, then step two must be deleting the file when it is no longer needed. Many enterprises have data retention policies that they must follow, as stipulated by laws industry regulations. Retention can mean a few different things throughout a file’s lifecycle. For instance, in SharePoint, businesses often store files in one spot when they are active and then archive them to another location when they are no longer used on a regular basis. When the data retention obligations for a file come to an end, then the file should be deleted securely. Part of data governance is to ensure oversight at this end of the file’s lifecycle, to make sure that old and no-longer-useful files are eliminated. Otherwise, old documents remain on the system, taking up space and posing unnecessary security risks due to sensitive data contents.

A data governance policy should outline specific steps, procedures, and plans to ensure compliance with these two categories. Usually, a data governance policy will also appoint a team of “data stewards,” who can help design, implement, and oversee these policies. It is the job of the data stewards to ensure that a data governance policy is being carried out according to plan.

Create an Effective Data Governance Policy for Your Business

Does your enterprise have a comprehensive and up-to-date data governance policy? If the answer is yes, congratulations! You are on top of file security, document retention, and overall data organization. If the answer is no, don’t worry: you aren’t alone. Despite the importance of data governance, it is still far from universal. As more and more businesses take more and more of their data into the digital realm, though, data governance is only going to become more critical. Laying the groundwork now will make things easier for your enterprise in the future.

At 2Plus2, we can help you get started. This blog post is just the first in a multi-part series about the importance of data governance. In future installments, we will look at how you can use other Microsoft tools and programs to create an execute an effective data governance strategy. Of course, our team is also willing to help you with data governance. Whether you need assistance implementing the SharePoint document security tools discussed above or want some help authoring a governance policy for your business, we are happy to lend our insight. Go online to schedule a free consultation with our team or call 510-652-7700 today.

Cathy Dew
Cathy Dew – CEO + Information Architect
Cathy focuses the company on our mission – Real results. Every time. Information architect and strategist, Cathy is passionate about making software work well – the function, the feel, the result.
Send me great news