Compliance is a thorny topic, and very much a buzz word in the industry. Everyone and their grandmother is getting on board this cart, but if your horse doesn’t know where it’s going, who does?
Most people thinking of compliance think in terms of user permissions. “If I can restrict what they can do, surely that is all I need to worry about.” Well, think about it this way: I leave my wallet on my desk and pop into the kitchen to make some coffee. You walk past my desk, see it sitting there, and it is human nature to feel temptation. What makes the difference is the choice not to act. You could dip in there and steal £10, you could borrow my credit card and have a splurge on www.shoppingwithstolencreditcard.com, or you could hide it the dishwasher. But you don’t. (At least I hope not.)
I admit that means I’m placing a reasonable amount of trust in my colleagues. Now, if I was an administrator, should I trust in the same way? I may grant you Control Access to a Team Site, but just because you can randomly start deleting records, does it mean you will? That’s a tricky one.
User Permissions will only control what you can or can’t do. But there are so many things you could still do that are equally as damaging. You may have access to upload files to the public area of your corporate intranet, but you accidentally upload pictures of a night out that should best be forgotten. Permissions will not help you here. What administrators need are better tools to manage their users – something that could keep an eye on what they are uploading and where, filtering or blocking if necessary, or just advising them to be more careful before making a public embarrassment or costly mistake.
To find out how AvePoint Compliance Solutions take you beyond permissions management, visit our website.
