We often find that file structures are not well defined by division or department, and governance and retention policies are not standard, making it difficult for employees to find what they need easily. There are often old folders with information from prior years with no plan for deletion and no regulatory reason to continue archiving. All of this can bog down processes and unnecessarily fill up network file storage—developing well-defined retention and organizational policies keeps your business running efficiently and securely. All of which adds cost to the organization and produces negative value.
Managing Shared Drives
Many corporate offices rely on a shared drive for employees to access the files and information necessary to do their jobs. When all employees are in the office, accessing their information works reasonably well, assuming the files are organized coherently, and providing consistent expectations around file organization can help employees streamline productivity and collaborate more efficiently.
If your company manages large amounts of data, creating a file management framework allows you to better organize files to meet your business needs. With features that help you name, sort, organize, code, retrieve, share, and secure your files, you will be able to manage a large volume of information effectively.
A key word to think about is compartmentalization. This concept is that people only need access to the data and systems they need to do their work and nothing else. Compartmentalization mitigates both unintentional and intentional data access breaches. Restricted access by default limits the scope of any data breach. This is also a foundational concept in most security standards (NIST, ITAR, and CMMC).
How long should you hold onto files?
While this answer may vary between industries, individual businesses should work closely with their business advisor to ensure record-keeping dates back an appropriate length. Archiving documents quarterly can help keep folder sizes manageable and create a valuable resource for previous work.
Some industries have established a standard, such as the Health Insurance Portability and Accountability Act (HIPAA), requiring the retention of patient health records. Knowing where to begin with effective management and governance of company files is challenging, especially for businesses with decades of files and no established document retention policy.
While sensitive data must be tracked and secured, many business files don’t require extensive permissions or retention practices. A quarterly review of the most-used files can help leaders manage a large amount of company data and determine what should be kept and what can be archived or even deleted. Businesses should carefully outline a retention policy, paying heed to any regulatory requirements, and develop an easily understood process for employees to intuit which of their own files they should be archiving.
Managing Sensitive Data
Depending on the regulatory environment or sensitivity of the information, separate drives or permission access may need to be managed by folder. File sharing solutions for organizations handling sensitive data, such as medical records, should consider sophisticated encryption and careful permissions access.
To keep files secure in the cloud, the system must be configured correctly and maintain appropriate change control access. Many cloud storage solutions have default settings for security and access. These do not necessarily meet the configuration needs for every company, and business leaders should carefully assess the settings and ensure they meet the necessary standards.
For example, certain well-known file storage and sharing solutions allow users to share a link to access a file. The default settings do not restrict the recipient from passing it along to someone outside the company, potentially allowing external access to confidential information. This setting is easily configured by an administrator familiar with and knowledgeable about the system, and more importantly, knowledgeable about security and the applicable regulatory requirements.
Aldrich Technology is Here to Help
Companies of all sizes can benefit from these file storage best practices. Developing a manageable data management strategy requires blending your business plans, operational needs, cybersecurity, and regulatory requirements. Enabling your workforce to access and store information is critical to business operations and has the potential to impact productivity dramatically. If your organization has questions about creating an organizational framework or a document retention policy, reach out to the Aldrich Technology team of professionals.
Meet the Authors
Aldrich Technology LLC
Throughout her career, Peggy Kitzmiller has been a builder and coach of teams exceeding organizational objectives. In her role with Aldrich Technology, she leads the business and works closely with clients on their IT strategy, governance, and regulatory compliance. She is a skilled collaborator, enabling cross-functional success throughout organizations. She has built divisions of publicly…
- Business Operations
- Strategic Planning
- Operational Excellence
- Information Management
- Client Experience
Vice President, Business Strategy
Aldrich Technology LLC
Peter Adams leads business strategy for Aldrich Technology. Prior to Aldrich, Peter founded and ran Lighthouse Information Systems, a West Coast technology consultancy focused on leading clients through technological and operational challenges in order to promote growth and facilitate successful systems. While running Lighthouse for more than 35 years, Peter served clients across countless industries,…
- ERP selection and implementation
- Operations and process analysis
- Technology as a strategic asset
- Business assessments