Document Security
In this day and age documents seem to move somewhat dangerously around the e-world with reckless abandon. Confidential files are usually sent by email as attachments and are often not encrypted and therefore not secure. Our requirement to maintain a high level of confidentiality is therefore compromised by the limited means by which most people can move a document or receive one.
We have spent the last 2 years changing the way we deal with information flow. The basis of our philosophy is that documents should not move through cyber space for anyone to see. We now require users to come to the document in a secure environment. This simple change in philosophy required a huge mental and physical change in the way we dealt with information flow in the past. We have centralized all documents that pertain to the properties we manage, we track the people that have accessed the documents and we are in the process of having all users go to a document rather having the document move to the user. This is a bit more complex than it seems. We create millions of pages of information per year and they have to be categorised, secured and tracked and then be viewed by different users that have unique needs and security accesses.
Why be concerned?
- I think that IT policy should extend to all areas of your business in which your information resides. Most companies probably have a fairly rigid set of internal controls on how information is managed. But as soon as the information goes outside their firewall there appears to be little or no concern as to the security and integrity of the information. So, the fact that property managers are the temporary custodians of an owner’s information should not limit the owner’s ability to ensure that it is handled in a manner that is consistent with their internal policies.
- Under this philosophy there is only one document generated and stored. A link is then sent that invites someone to visit a secure area in which the document is stored. This allows us to track who has seen the document, who has changed it and who has uploaded it.
- By having only one document we significantly reduce our e-storage requirement which is the fastest growing area of IT.
So, take the time to understand what it means to you to never again send or receive an unsecure email with confidential content and still make the timely decisions that are required to manage a building. I believe that we have overcome this hurdle and we now better align with the governance policies of institutional owners today.
