Even after years of migration to the cloud, the largest collection of unstructured content in the enterprise is the shared network drive. We know that it is insufficient for a wide variety of tasks and it is the single largest impediment to good Information Governance. Justifying its transformation requires some insight into what weaknesses it has, what behavior it supports and encourages, and what is the impact of these two things.
Enterprise governance limitations
Even if users had perfect discipline on capturing and labeling individual files, there are still some systemic limitations to file shares that impact an enterprise’s ability to effectively manage unstructured content:
Shares tend to be allocated across servers and NAS devices to level workloads. All of one department’s files, therefore, can end up scattered across 100s of servers, and 1000s of shares. Finding “everything we know about xxx” can be extremely inefficient
No global controls between geo locations or functional areas means content is organized at the root level on different ad-hoc criteria (I.e. by function, system, event, entity, users or something else). This makes searching and classification efforts substantially less accurate
Security on users and groups can easily get so complex and nested that administration is fraught with complexity and open holes
It is a security risk just because there are so many ways to get to it, delete it, or exfiltrate it
It can be difficult for any one organization to keep up to date with latest cybersecurity technologies, versions, or practices
It is not feasible to technically protect record immutability or legal holds preservation
Little protection from “Administrators” moving large clusters of information eliminating file ownership, create, and accessed date details. Often, 40% of file share content is “owned” by administrators
It is not easy to meet data privacy regulations requiring information about people to be produced or deleted as per privacy regulations like GDPR
No logical place to put event-based retention trigger details. How do you know what files belong to the people who recently left the organization? The content itself doesn’t say
Granular governance limitations File shares also make it difficult for individuals to meet their obligations to effectively manage information:
Possible for a user to mistakenly delete a file, move it to another folder, or save over it using the wrong name
No way, other than templates, to guide users on classification standards, naming conventions, metadata, processes, approvals
Limited access, credentials, or file version control can lead to duplicate or redundant files
Lack of version control poses the threat of users unknowingly accessing the wrong version of an important file
Lack of “discussion thread” identifiers (other than in saved emails) to automatically track versions for any other purpose
There are also some technically valuable capabilities in other platforms that just are not available or functional on shares:
File path or file names that get too long can no longer be seen by the operating systems and therefore can never be accessed or deleted
Users can’t easily access the shared drive remotely using mobile devices or tablets
Although it is possible to limit access to specific folders or files, there is limited security functionality beyond that, e.g. ensure no confidential files are stored in folders to which many users have access
Limited built in indexing functionality on a shared drive greatly limits search capabilities
Limited ability to add metadata for files to help you search – or filter/cluster search results – to find relevant files
The good side of network drives Even with all those downsides and limitations, a mass migration and shutdown of shared drives can cause problems that you should be aware of:
Low cost - 5% cost of traditional ECM per document, several time the cost of cloud collaboration systems – means a mass migration without filtering or culling can drastically increase budgets
50% of your content is already there. If there is no added value from transforming it to a new location, you should consider alternatives
Provides an environment to develop database applications or software code in a way that cloud storage does not
Supports vertical proprietary application formats or inter-linked/embedded documents including spreadsheets, engineering drawings, published compound documents
Supports large file sizes that can cause performance issues if in the cloud
Supports odd characters in file names or folders
Inexpensive and easy way to share personal, temporary, or non-critical information
Short term priority requirements for legal and compliance resources for speed and performance are still in your (relatively) immediate control – you can’t pull strings to make your cloud provider jump through hoops the same way you could with internal IT
After all that, If you have implemented a governance regime for on-going content, such as an M365 program, and you have not done anything about shared drives, keep two important takeaways in mind.
There is ongoing risk for keeping shared drives around that does not abate just because you have adopted M365.
Mass migration to M365 may solve that risk but will introduce costs, impediments, and additional risks if you are not thoughtful.
Check out the this blog post about how to use Azure AI to do a smart and fast transition from network drives to M365 the Azure Share Drives.