« Wait, Wait, No, I Have a Better Idea... | Main | It's "Security" - Not "Secure IT" »

The Need for Quality Metadata

Happy holidays! I'm sitting here, recovering from eating far too much over the past week, catching up on reading. One of the things that has jumped out at me is the growing importance of metadata to the enterprise. This trend is important enough that I believe it will become the defining trend in 2009 and beyond.

There are a couple key scenarios that are driving this increased need: encryption and records management. These needs are somewhat interrelated (or, at least, have commonality in certain key cases). For encrypted data, the problem often ties into indexing and data retrieval. You can't quickly retrieve a specific value without decrypting it, so instead need to build intelligent indexes that tell you what the data is without revealing the data itself. This is important for normal operations and will hopefully drive improved application engineering practices that put more focus on architecting useful metadata that support the encrypted data itself.

The other major driver of the metadata space will be records management, including support for eDiscovery and digital evidence. Data management and assurance will, I believe, become a new growing area of focus in 2009. eDiscovery today accounts for a major cost sink that effectively undermines the civil and criminal justice systems. In corp-corp lawsuits, the company with the most money oftentimes holds a distinct and unfair advantage because of the ability to bury the competition in discovery requests and filings.

The best solution to this challenge is to implement strong records management practices that include developing a comprehensive metadata framework that can be used to quickly identify and retrieve needed information while minimizing the cost of those queries and deliveries. Using a standard language for this metadata would be an interesting development that would then allow for much easier scoping of discovery requests. I'm hopeful that the next couple years will see an organization stepping up to formalize and expand a metadata framework for records management with a specific tilt toward eDiscovery and digital evidence support.

It will be interesting to see who will emerge as players in this space going forward. Standards should play a prominent role, if we can put aside differences to achieve best-interest consensus. There is a lot of up-side financially for enterprises to co-develop and adopt strong practices in metadata, so now we just need to start building the case and driving it forward. The trick will be coordinating support on multiple fronts, ranging from security to audit to operations to general counsel. Add in long-term cost-savings and you have a strong win-win-win-win scenario.

TrackBack

TrackBack URL for this entry:
http://www.secureconsulting.net/MT/mt-tb.cgi/836

Post a comment

About

This page contains a single entry from the blog posted on December 29, 2008 12:09 PM.

The previous post in this blog was Wait, Wait, No, I Have a Better Idea....

The next post in this blog is It's "Security" - Not "Secure IT".

Many more can be found on the main index page or by looking through the archives.

Creative Commons License
This weblog is licensed under a Creative Commons License.