Archive for the ‘Training and education’ Category

SharePoint Online and OneDrive for Business – Preventing external sharing of data

October 17, 2017

A recent (September 2017) article suggested that OneDrive for Business (ODfB) (and by extension SharePoint Online (SPO); ODfB is a SharePoint-based service), a key application in Office 365 was a potential source of data leaks and/or target for hacking attacks.

I don’t disagree that, if not configured correctly, any online document management system – not just ODfB/SPO – could be the source of leaks or the target of external attacks. Especially if these systems, and the security controls that can protect the data in them, are not properly configured, governed, administered, and monitored.

But, I would ask, what controls do most organisations have in place now for documents stored in file shares and personal file folders, not to mention USB sticks, and the ability to send document via Bluetooth to mobile devices or upload corporate data to third-party document storage systems? Probably not many, because users have no other way to access the data out of the office.

As we will see, the controls available in Office 365 are likely to be more than sufficient to allow users to access to their documents out of the office, while at the same time reducing (if not eliminating) the sharing of documents with unauthorised users.

How to stop or minimise sharing from OneDrive for Business and SharePoint Online

There is one simple way to prevent the sharing of data stored in SPO and ODfB with external people – don’t allow it.

There are several ways to control what can be shared, each allowing the user a bit more capability. All these options should be based on business requirements and information security risk assessments, and Office 365 configured accordingly.

In this article I will start with no sharing allowed, and then show how the controls can be reduced as necessary.

External sharing – on or off

This is the primary setting, found in the main Office 365 Admin centre under Settings > Services & add-ins > Sites. If you turn this off, no-one can share anything stored in SPO or ODfB.

The option is shown below:

O365_SC_Sites_SharingOnOff

If you do allow sharing, you need to decide (as shown above) if sharing will be with:

  • Only existing external users
  • New and existing external users [Recommended]
  • Anyone, including anonymous users

The second option is recommended because it doesn’t restrict the ability to share with new users. The last option is unlikely to be used in most organisations and comes with some risks.

The next place to set these options are in the SPO and ODfB Admin centres.

OneDrive admin center

If the previous option is enabled, the following options are available for ODfB. Note that BOTH SharePoint and OneDrive are included here because the latter is a part of the SharePoint environment.

  • Let users share SharePoint content with external users: ON or OFF.
    • NOTE: If this option is turned OFF, all the following options disappear.
  • If sharing with external users is enabled, the following three options are offered:
    • Only existing external users
    • New and existing external users [Recommended]
    • Anyone, including anonymous users
  • Let users share OneDrive content with external users: ON or OFF
    • This setting must be at least as restrictive as the SharePoint setting.
  • If sharing with external users is enabled, the following three options are offered
    • Only existing external users
    • New and existing external users [Recommended]
    • Anyone, including anonymous users

If sharing is allowed, there are three sharing link options:

  • Direct – only people who already have permission [Recommended]
  • Internal – only people in the organisation
  • Anonymous access – anyone with the link

You can limit external sharing by domain, by allowing or blocking sharing with people on selected domains.

External users have two options:

  • External users must accept sharing invitations using the same account that the invitations were sent to [Recommended]
  • Let external users share items they don’t own. [This should normally be disabled]

A final ‘Share recipients’ checkbox allow the owners to see who viewed their files.

SharePoint admin center

The SPO admin center (to be upgraded in late 2017) has two options for sharing.

The first option is under the ‘sharing’ section which currently has the following options:

Sharing outside your organization

Control how users share content with people outside your organization.

  • Don’t allow sharing outside your organization
  • Allow sharing only with the external users that already exist in your organization’s directory
  • Allow users to invite and share with authenticated external users [Recommended]
  • Allow sharing to authenticated external users and using anonymous access links

Who can share outside your organization

  • [Checkbox] Let only users in selected security groups share with authenticated external users

Default link type

Choose the type of link that is created by default when users get links.

  • Direct – only people who have permission [Recommended, same as above]
  • Internal – people in the organization only
  • Anonymous Access – anyone with the link

Default link permission

Choose the default permission that is selected when users share. This applies to anonymous access, internal and direct links.

  • View [Recommended]
  • Edit

Additional settings (Checkboxes)

  • Limit external sharing using domains (applies to all future sharing invitations). Separate multiple domains with spaces.
  • Prevent external users from sharing files, folders, and sites that they don’t own [Recommended]
  • External users must accept sharing invitations using the same account that the invitations were sent to [Recommended]

Notifications (Checkboxes)

E-mail OneDrive for Business owners when

  • Other users invite additional external users to shared files [Recommended]
  • External users accept invitations to access files [Recommended]
  • An anonymous access link is created or changed [Recommended]

Sharing via the Site Collections option

In addition to the options above, sharing options for each SharePoint site are set in the ‘site collections’ section as follows. Note that the default is ‘no sharing allowed’. A conscious decision must be taken to allow sharing, and what type of sharing.

O365_SPO_Sharing1

When a site collection name is checked, the following options are displayed.

Sharing outside your company

Control how users invite people outside your organisation to access content

  • Don’t allowing sharing outside your organisation (default)
  • Allow sharing only with the external users that already exist in your organization’s directory
  • Allow external users who accept sharing invitations and sign in as authenticated users
  • Allow sharing with all external users, and by using anonymous access links

If anonymous access is not permitted (setting above), a message in red is displayed:

Anonymous access links aren’t allowed in your organization

SharePoint Sharing option

The SharePoint Admin Centre has an additional ‘Sharing’ section with the same settings as shown above for ODfB. It is expected that these multiple options will be merged in the new SharePoint Admin Centre due for release in late 2017.

Additional security controls

In addition to all the above settings, there are a range of additional controls available:

  • All user activities related to SPO and ODfB, including who accessed, viewed, edited, deleted, or shared files is accessible in the audit logs.
  • SPO and ODfB content may be picked up by Data Loss Prevention (DLP) policies and users prevented from sending them externally. This is of course subject to the DLP policies being able to identify the content correctly.
  • SPO and ODfB content may be subject to records retention policies set by preservation policies. These may impact on the ability to send documents externally.
  • SPO and ODfB content may be subject to an eDiscovery case.
  • Administrators can be notified when users perform specific activities in both SPO and ODfB.
  • Sharing (and access to the documents once shared) may be subject to security controls enforced through Microsoft Information Protection.

Conclusion

In summary, the settings above allow an organisation to strongly control what can be shared. If sharing is allowed, certain additional controls determine whether the sharing is for internal users or for users external to the organisation. If the latter is chosen, there are further controls on what external users can do. Audit controls and policies may also control how users can share information externally.

The key takeaway is that organisations should ensure that the sharing options available in Office 365 are based on the organisation’s business requirements and security risk framework.

Advertisements

Life without folders – SharePoint 2010

June 4, 2014

For a generation now we have been using folders on network drives, in home computers, and in email systems, to categorise and store digital content. We now do it in the cloud too.

They are a hard habit to break because they make so much sense.

Almost everyone in work today uses folders to categorise, store and retrieve digital content. The extensive use of folders in drives and email systems has presented significant challenges for records managers, both in the management of the records contained in them as well as the implementation of recordkeeping systems.

Let’s be clear – users love being able to categorise information in a way that makes sense.

It’s hard to imagine life without folders. Or is it? The last time I looked, one of the biggest social media systems in the world, Facebook, didn’t offer folders.

What are folders, really?

But folders are no more than a virtual construct, like containers in almost every recordkeeping systems. What you see on the screen is a folder (or directory) or container, but it isn’t a real folder like a physical folder that contains paper documents. Documents that appear to exist within a virtual folder include a pointer to the folder in their system-generated metadata.

Folders in SharePoint 2010

The primary way to group digital content in SharePoint 2010 is by storing them in document libraries. Document libraries are the highest level of aggregation possible so, in a way, they are similar to the highest level folders in a network drive.

In almost all cases, the initial, instinctive user reaction to a document library is to want to categorise the content using folders. Newly created, out of the box, document libraries include the ability to create folders, just like on network drives, and so many users start to replicate the structure of their network drives, or copy the entire content from the network drives across the the library using the ‘Open with Windows Explorer’ option.

But, very quickly, users discover that folders in SharePoint libraries have no navigation clues, no way of knowing if you should navigate up or down to find content. Before long, enthusiasm wanes in the trough of disillusionment and users go back to using network drives and the SharePoint site becomes a ghost town.

SharePoint’s neat little trick – making folders vanish

As noted earlier, folders are no more than a virtual construct. In SharePoint, users can make the folders disappear by creating a view (or modifying the existing one) to change the ‘Folders’ setting from ‘Folders’ to ‘Flat’ to show all items without folders.

As soon as the user clicks OK after changing this setting, all the folders vanish and only the documents stored in the folder structure appear. (Note, this does not work in libraries with Document Sets because Document Sets are regarded as documents, and so both appear).

With careful guidance, and subject to the volume of documents in the library, users may then query whether folders are even necessary. Or they may ask if there are alternatives (yes, categorisation or document sets).

In my own experience, once they see how to work without folders, users seem to quickly abandon the previously strongly held belief that folders are the best way to categorise documents and use either categorisation or document sets instead.

Implementing SharePoint to manage documents – changing user behaviours

September 10, 2013

From around 25 years ago, computers began to replace paper-based processes for most office-based workers. Users grumbled and some (mostly at senior levels) managed to avoid using a computer altogether. The majority of office workers (who became known as ‘users’) just adapted to and eventually adopted the new work practices, often with the promise of greater productivity.

Over the past 25 years, if no other system was mandated for the storage of digital records, users mostly:

(a) created new content using desktop applications and stored it on largely uncontrolled and poorly managed network drives; and
(b) sent or received emails (often with attachments from stored on drives) and used email folders to store those emails

… in both cases with scant regard to business or corporate recordkeeping requirements.

The end-result of 25 years of these practices is network drives and email systems full of digital ‘stuff’, little of which relates to each other in any meaningful way (unless it all happens to be stored in a single folder, or folder-based structure, which is not common).

Many electronic document management (EDM) products have been released over the years, ostensibly to improve the management of electronic records, but organisations still grapple with getting users to use them. I suspect that one of the reasons for the poor take-up of EDM ‘solutions’ is that users are so familiar with using network drives and emails folders; it is just so heavily ingrained into the way we work, not to mention the way we manage our own personal records and other digital content on home PCs and laptops.

Interestingly, some of the EDM vendors have developed interfaces that look almost identical with network drive folders. My own personal experience with these products is that users often don’t understand the difference, or the value proposition, that comes with use of these systems.

Along comes SharePoint

SharePoint has been around for about 10 years now, but best practice document management in the product did not really emerge until SharePoint 2010 was released (see my other posts for further information).

What is, for me, interesting about SharePoint is the design of the user interface presented in standard team sites via a browser. Microsoft clearly did a bit of research (and understands) how users work, with document libraries on the left (looking a bit like network drives), as well as a number of other list-based options such as tasks, discussion boards, announcements and calendars.

Not infrequently, the initial user reaction to team sites is one of uncertainty and some degree of confusion – is it the intranet?. Depending on how an organisation delivers team sites, user reaction can be either enthusiastic (so much better than drives/folders) or negative (prefer to use drives/folders).

SharePoint team sites as communities of information

For most of the past 25 years or so, ‘collaboration’ has meant exchanging emails with attachments and/or accessing the same part of a network drive, structured in a way that ‘makes sense’ to the user or the team.

SharePoint also allows users to ‘collaborate’, but quite differently from how users have done it to date. In some respects, SharePoint is more in tune with social media sharing (open access to all, or to a trusted group), than with traditional ‘closed’ methods (i.e., via limited email distribution, or limited access to parts of drives).

SharePoint team site can be used to store documents (and photographs) in document libraries (with unique document IDs, version controls, check in/out controls, out of the box workflows, audit trails and custom metadata). It can also use the rows and columns of data in spreadsheets and small databases and store and present that data instead in lists (including discussion boards, announcements, calendars, task lists and custom lists). As the volume of information stored in the site increases, search becomes an additional valuable resource that brings a range of information together. That is, instead of a list of documents, users can see a range of other contextual data.

A single SharePoint team site starts to becomes a community of information.

Changing behaviours

In my view, the key to getting users on board with SharePoint team sites is selling its benefits, not the technology, and helping users understand how to ‘map’ current practices to the new environment.

One of the best ways to demonstrate the benefits of using SharePoint is to show how it is being used (differently) by other teams, and to emphasise the ability for site owners (not a controlling authority such as IT) to use standard features (not customise*) in team sites to meet the needs of the team. That is, the team identifies and implements ways to use it that makes sense to the team, within a few broad constraints to ensure consistency in use across the organisation.

But, despite the obvious benefits, deeply ingrained user behaviours can be exceedingly difficult to change unless that change is driven by users (preferable) or mandated (may have limited success). The SharePoint team site paradigm *is* a major change from using network drives to store documents and emails (with attachments) to collaborate.

‘Mapping’ current practices to SharePoint team sites in many ways underlines the weaknesses of current practices, and can include things like:

  • Demonstrating the relationship between network drives and document libraries, using document sets or document categorisation to replace folders.
  • Describing convincingly why folders are not a good thing to use (despite the apparently similarities with network drive folders). For example, they can be very hard to navigate, do not have unique IDs (like Document Sets), can be replaced by Document Sets with longer names (including the concatenation of network folder names), can results in very long URLs and so on.
  • Showing how document metadata and views can completely replace the need for folders.
  • Showing how a team calendar (or calendars) can replace white boards or similar.
  • Demonstrating how an Excel spreadsheet can become a much more useful list of information, so that users can edit their own items rather than wait for someone else to stop editing the spreadsheet.
  • Showing how a team discussion can not only replace email but also keep a record of otherwise inaccessible email trails.
  • Demonstrating audit trails and site web analytics to show (and know) ‘who did or saw what’.
  • Demonstrating the use of hyperlinks instead of emails with attachments to share information.
  • Demonstrating features in document libraries that are absent from network drives (including unique IDs, versioning, audit trails).
  • Demonstrating out of the box workflow that remains with the document.
  • Demonstrating search, and in particular searches that return metadata-rich documents.
  • Showing how the Recycle Bin keeps deleted items for three months (which, coupled with the audit trails, help to retrieve those items much more easily than requesting the document back from a back-up tape).

and so on.

*By customisation, I mean changing the overall look and feel of a team site by modifying the theme, creating new types of pages, adding documents to pages instead of to libraries, using folders instead of document sets, and so on. Customisation can lead to confusion which in turn makes users less likely to use the site.

Is your SharePoint team site a ghost town?

May 24, 2013

One of the best ‘unknown’ (to end users, anyway) features of SharePoint 2010 and SharePoint 2013 is ‘Site Web Analytics’, hidden away under Site Settings. This, out of the box, feature provides useful information such as the average number of site views per day, the average number of unique visitors per day, trends, as well as a listing by user names of the top visitors and the number of their page views. It’s a great way to see if a site is being used.

The default date range for Site Web Analytics is the past 30 days but the settings can be changed to the last day, week, month, quarter, half-year or year. Custom dates can also be set, and these reports can be exported to a spreadsheet for further analysis, including through scheduled reporting sent by email.

So, what does this have to do with the subject – is your SharePoint team site a ghost town?

Simply, Site Web Analytics tells you if your team site is being used – by your team. If it’s not used, then it’s a ghost town – and you need to understand why and consider changing or deleting it.

In many cases, the reason a SharePoint site becomes a ghost town is because users simply neither want nor know how to use it.

What makes a document management system popular?

My experience implementing and using many other document management systems (TRIM, Documentum, iManage, Alfresco) over the years, along with considerable anecdotal evidence, suggests that, unless there are legal or regulatory requirements mandating it, end users tend to baulk at using a document (and records) management system, especially if it:

  • Requires more than 20 minutes to learn. Some EDMS systems require hours of training – for end users!
  • Duplicates what they do already with network drives. More often than not it requires ‘saving’ an existing born-digital record to the recordkeeping system (AND leaving the original where it was stored).
  • Stores records of a business activity away from other, potentially rich, related records that are not documents.
  • Provides no obvious or little tangible business value for the user – it’s a ‘compliance overhead’.

A popular document management system is one that:

  • Users can start using the system with very little training. It should be intuitive and make sense at first glance. I often use the example of Facebook – no-one ever got training to use it and yet a billion people registered to use it.
  • Reduces (not necessarily eliminates) duplication of effort. Network drives can still exist to create and manage ‘working documents’ instead of final versions.
  • Can keep records in context with other related records such as calendars, lists, tasks, announcements, social networking messages, and so on.
  • Provides tangible business value for the user, with minimal effort. It’s hard to break the network drive habit but simple things like unique document IDs, versioning, hyperlinks, and the ability to email a link instead of a document help to break that habit.

What can turn a SharePoint team site into a ‘ghost town’?

Microsoft clearly put a lot of human-computer interaction (HCI) effort into the user interface design of SharePoint team sites (along with all their other products). Team sites in SharePoint 2013 are a design improvement over SharePoint 2010 but still maintain the same essential look and feel, which is:

  • Document libraries and lists on the left hand side navigation. It’s no coincidence that this is exactly where network drives and email folders are accessed from.
  • An editable main page that can be modifed as required to present additional information or options, including via webparts.
  • Default and modifiable views of documents and lists.
  • A simple search option on the top right.

Over 25 years of network drive use has conditioned users to navigating for documents from the left hand side, searching from the top right hand side, and seeing information presented in the middle of the page. Change this paradigm and you start to lose users.

I believe there are two main reasons why users don’t or stop using team sites (described further below):

  • The ‘plain vanilla’ out of the box functionality in a brand new team site.
  • Site pages that have been customised to the point where end users cannot work out how to navigate or access their information.

Out of the box generic functionality

Out of the box team sites include the two features which, if not addressed or re-configured (a 2 minute job), can negatively affect take up rates:

  • ‘Shared documents’ under ‘Libraries’. This to me is a ‘bookmark’ library that should be removed almost immediately and replaced with a library that has a name that makes sense, ideally named after a business activity. Otherwise, ‘shared’ is like ‘general’ in a network drive. If users have only one, generically-named library to choose from, they are unlikely to use it (compared to the rich tapestry of their network drives).
  • Folders. Unfortunately, while SharePoint folders look like network drive folders they don’t work the same way. They create unnecessarily long URLs and are often impossible to navigate. It’s not uncommon to hear users say they cannot find documents in a site because they cannot work out how to navigate folders (as they don’t include a + to guide navigation). My recommendation is to turn them off under Advanced Settings after the library is created. However, users inevitably want a way to categorise or group documents in a document library. Document Sets generally make sense to users and get quick take up but you can only have one level. A good site has a reasonable number of smartly-named document libraries – perhaps no more than 10, grouped as required by Headings – using Document Sets instead of folders. Another form of categorisation is using categories in the document metadata and then creating a view that groups the documents by those categories.

Customisation

Too much customisation of site pages can also turn users off. As noted above, it’s worth keeping in mind that Microsoft spent a lot of effort (and probably dollars) on designing their standard team site user interface. Some of the common modifications I have seen on ‘ghost town’ sites include:

  • Using themes that make the site look completely different from all other sites. It’s important to maintain consistency in themes.
  • Using unnecessarily large font sizes on the page.
  • Using too many images or graphics on the front page.
  • Assuming the text or content on the page is actually of interest to the target audience. I usually suggest that Site Owners (note, there should never be just one) agree among themselves; if this is not possible, test the proposed page design on a user who has never seen it.

Avoid ghost town sites – keep users coming back

Remember, most users are familiar with using network drives and folders. Use document libraries with sensible names that are obvious to users, don’t use folders, and keep the front page content simple and easy to view, and you are more likely to attract users back again and again.

Principles for managing documents as records in SharePoint 2010

May 8, 2012

These are my quick tips for managing documents as records using SharePoint 2010.

Keep it simple 

  • End users will not use the system if it is hard to use or requires too much extra work. Keep the UI clean and simple (and common). Make it intuitive.

Promote the benefits of the application, not the application

  • Users want to know what’s in it for them, how it will make their lives more simple, not what they HAVE to do or HOW they have to do it. Sell the benefits and, if it’s intuitive enough, the system will sell itself. Benefits include document IDs, versioning, hyperlinks, single source of truth, access controls.

Create a repeatable deployment model

  • A repeatable deployment model is easier to manage and maintain consistency across the farm.

Create and maintain re-useable metadata

  • Use the managed metadata service to establish and use common metadata terms.

Establish a common model, minimise customisation

  • Common models mean common user experiences and better take up. Customisation is a yoke that should be resisted as much as it is tempting.

Use the application as it was intended to be used

  • Documents are commonly stored at the bottom of a team site hierarchy, in libraries and maybe in document sets. Understand (and convey to users) that SP folders aren’t the same as network drive or email folders.

Paper based ways of doing things don’t always convert into electronic ways

  • Look carefully at ways to change or enhance the process. For example, a spreadsheet could become a list with a form.

Performance is a killer

  • Make sure the system is architected to maximise performance. Slow loading pages will kill the user experience.

Respond quickly

  • If there is a problem address it as quickly as possible. If there is a bug or a problem with the application/UI, fix it quickly.

The future of records management and the implications for RM education – a personal view

November 8, 2010

The following was published in Informaa Quarterly, the official magazine of the Records Management Association of Australasia (RMAA), November 2010

Recent debate about the most appropriate name for the RMAA has underlined a fundamental shift in the way some members of the profession sees themselves and wish to be seen by others.  It has highlighted an apparent gap between records managers and information managers, a gap that may reflect emerging differences in the type of knowledge and skills of those who lay claim to either description.

Despite the name, the records management profession continues to evolve, in some cases struggling to find relevance or acceptance in the face of the digital information universe. Records managers must learn new skills to survive, skills that will require more knowledge and understanding of technology than ever before.

In 2004, the authors of the book The Jobs Revolution: Changing How America Works concluded that American employees needed to improve their skills for the 21st century.  One of the most frequently cited extracts from the book was that ‘the top 10 jobs that will be in demand in 2010 didn’t exist in 2004’.

Whether that statement has come to pass or not may never be tested.  Nevertheless, it is probably true that records management jobs, just like many others, have undergone change with the impact of new technology over the past two decades.

Many professions that were once paper based now work almost entirely with computers. Their knowledge and skills are programmed into the applications they use, the information they need to do their jobs is accessible on their screens whenever they need it.

Some jobs have either vanished or morphed iteratively into new ones. Secretaries and typists have largely disappeared in western countries, replaced largely by executive assistants.  The records management profession has undergone similar changes.

The old registry premise, based on physical objects (files), still exists but is giving way to digital-only methods of managing information.  Most records managers have adapted, evolved, and learned new IT skills, some even taking on the name information managers.

Are the skills being taught now to records managers suitable to sustain the profession into a future digital world?  Are records managers really learning skills suitable for this future?

Will the professional be overtaken by a new profession, the name of which has yet to emerge, populated by individuals who are, currently, still in primary school?

Let’s consider the possible nature of work in 15 years from now and the skills that I believe will be needed by records managers.

The working environment of 2025 will be different.  Born digital records will be the primary form of a record, and paper versions will be the exception, printed only for reference. Digital readers will be commonplace.

The meaning of a record will change.  This change will include a shift from the concept of a digital record as a single binary object with (separately stored) associated metadata, to structured data probably using a form of XML much like we find in the docx we see today.

Records will cease to be something ‘different’ from other forms of information, or needing to be ‘declared’.  They will instead be all types of information created, received or stored by an organisation that is not personal information.

Information will no longer be stored or presented in pre-defined collections or aggregations based on the legacy classification structures of the old physical world of records, but viewable dynamically, ‘on the fly’, fitted to a user’s profile and interests.

We will witness a change in the way organisations communicate, both internally and with the external world.  Communications will be almost entirely conducted via mobile devices and with real-time interactions between clients.  While some older forms of technology such as word processing, spreadsheets or email may still exist, mobile computing applications will be the primary method of working and communicating.

New forms of search will find and present information depending on who we are, where we work, and what access we are granted, as well as our professional and private interests.

Data visualisations will help us to make sense of the zetabytes of data, to interpret and understand it, and possibly to help us decide if and when to destroy it.

In this new world, the skills required by records managers (or whatever their future name may be) will be increasingly focussed on the ability to understand and manage structured data rather than unstructured digital objects with associated metadata.

Records managers will use search, data mining and reporting tools, apply logical rules, and ensure that information is truly destroyed from all locations when no longer required.

The legacy, digital ‘black hole’ from the 1980’s through to the 2010’s will become an area of historical interest, mined and accessed through tools that will be developed from discovery and forensic methods used in the early part of the century.

Digital preservation will become a specialist new profession, one that will emerge as a much sought after role, drawing on the old email archiving and storage platforms of earlier decades.  In this new world, where records managers are focussed on digital records, the job of managing any remaining paper records that are not sent to archives will become a new specialist role, more in line with the current archivist role.

This will be similar to the role that some librarians will have in the future managing the old physical books, compared with the new age librarians managing digital content on mobile devices. Digital records, in the broader and more encompassing definition, will be managed by records and information managers who will have stronger IT knowledge and training than today’s records managers.

They will occupy the space currently located between the records management and information management professionals who manage EDRM systems and the IT staff such as database administrators who manage the organisation’s applications.

These new “records and information managers” will need new skills to develop governance policies and procedures for all types of information.

They will drive paradigm shifts to the meaning of a record, and the way records are managed, in a fully digital world. These new roles don’t yet exist.  The individuals who will fill these roles don’t know it themselves either.

They are still in primary school, the children of the age of social networking.  They have grown up in all digital classrooms where USB-based memory ‘sticks’ are the only way they know how to submit an assignment, where laptop computers and other portable devices are a given.

In 15 years time, when they appear in the workplace, Facebook and Twitter will be forgotten remnants of the digital past, as distant a memory as Usenet is to the present generation.

The records and information managers of the future will not only understand how to manage and use digital information, they will expect nothing else, leaving paper to older records manager and archivists who failed to keep up and were left behind in the digital explosion of the early 21st century.

Reference: Robert Jones, Kathryn Scanland & Steve Gunderson.  The Jobs Revolution: Changing How America Works. (2004).