Even after years of migration to the cloud, the largest collection of unstructured content in the enterprise is the shared network drive. We know that it is insufficient for a wide variety of tasks and it is the single largest impediment to good Information Governance. Justifying its transformation requires some insight into what weaknesses it has, what behavior it supports and encourages, and what is the impact of these two things. 

Enterprise governance limitations

Even if users had perfect discipline on capturing and labeling individual files, there are still some systemic limitations to file shares that impact an enterprise’s ability to effectively manage unstructured content:

• Shares tend to be allocated across servers and NAS devices to level workloads.  All of one department’s files, therefore, can end up scattered across 100s of servers, and 1000s of shares.  Finding “everything we know about xxx” can be extremely inefficient

• No global controls between geo locations or functional areas means content is organized at the root level on different ad-hoc criteria (I.e. by function, system, event, entity, users or something else).  This makes searching and classification efforts substantially less accurate

• Security on users and groups can easily get so complex and nested that administration is fraught with complexity and open holes

• It is a security risk just because there are so many ways to get to it, delete it, or exfiltrate it

• It can be difficult for any one organization to keep up to date with latest cybersecurity technologies, versions, or practices

• It is not feasible to technically protect record immutability or legal holds preservation

• Little protection from “Administrators” moving large clusters of information eliminating file ownership, create, and accessed date details.  Often, 40% of file share content is “owned” by administrators

• It is not easy to meet data privacy regulations requiring information about people to be produced or deleted as per privacy regulations like GDPR

• No logical place to put event-based retention trigger details. How do you know what files belong to the people who recently left the organization? The content itself doesn’t say

Granular governance limitations File shares also make it difficult for individuals to meet their obligations to effectively manage information: 

• Possible for a user to mistakenly delete a file, move it to another folder, or save over it using the wrong name

• No way, other than templates, to guide users on classification standards, naming conventions, metadata, processes, approvals

• Limited access, credentials, or file version control can lead to duplicate or redundant files

• Lack of version control poses the threat of users unknowingly accessing the wrong version of an important file

• Lack of “discussion thread” identifiers (other than in saved emails) to automatically track versions for any other purpose

Technology limitations

There are also some technically valuable capabilities in other platforms that just are not available or functional on shares:

• File path or file names that get too long can no longer be seen by the operating systems and therefore can never be accessed or deleted

• Users can’t easily access the shared drive remotely using mobile devices or tablets

• Although it is possible to limit access to specific folders or files, there is limited security functionality beyond that, e.g. ensure no confidential files are stored in folders to which many users have access

• Limited built in indexing functionality on a shared drive greatly limits search capabilities

• Limited ability to add metadata for files to help you search – or filter/cluster search results – to find relevant files

The good side of network drives Even with all those downsides and limitations, a mass migration and shutdown of shared drives can cause problems that you should be aware of:

• Low cost – 5% cost of traditional ECM per document, several time the cost of cloud collaboration systems – means a mass migration without filtering or culling can drastically increase budgets

• 50% of your content is already there. If there is no added value from transforming it to a new location, you should consider alternatives

• Provides an environment to develop database applications or software code in a way that cloud storage does not

• Supports vertical proprietary application formats or inter-linked/embedded documents including spreadsheets, engineering drawings, published compound documents

• Supports large file sizes that can cause performance issues if in the cloud

• Supports odd characters in file names or folders

• Inexpensive and easy way to share personal, temporary, or non-critical information

• Short term priority requirements for legal and compliance resources for speed and performance are still in your (relatively) immediate control – you can’t pull strings to make your cloud provider jump through hoops the same way you could with internal IT

After all that, If you have implemented a governance regime for on-going content, such as an M365 program, and you have not done anything about shared drives, keep two important takeaways in mind.  

1. There is ongoing risk for keeping shared drives around that does not abate just because you have adopted M365.

2. Mass migration to M365 may solve that risk but will introduce costs, impediments, and additional risks if you are not thoughtful.

Check out the this blog post about how to use Azure AI to do a smart and fast transition from network drives to M365 the Azure Share Drives.  

At Infotechtion, we have years of experience working with large volumes of unstructured content and would love to help you build a shared drive transformation plan or M365 strategy.