We are now in the second wave of Document and Records Management, with many organisations that implemented DRM systems a few years ago now looking to replace or roll out their systems to a wider audience. The provision of solutions built on top of DRM systems has greatly extended the capabilities of DRM so that organisations are now able to bring together information from multiple sources -structured data as well as unstructured information - to complete tasks initiated by the DRM system.
There are two approaches to DRM: one is to deploy an Electronic Document and Records Management (EDRM) system that focuses mainly on DRM and workflow; and the second is to implement a much larger Enterprise Content Management (ECM) platform with additional capabilities such as Web Content Management, Business Process Management, and Digital Asset Management. The ECM vendors have also been much more proactive in creating vertical and horizontal solutions that sit on top of their platforms.
KEY FINDINGS
Despite numerous high-profile litigation cases, organisations are still laying themselves open to risk by not managing their information effectively.
A Document Management system cannot provide the level of information management required to prove compliance. Records Management is also necessary to impose the appropriate level of control.
Senior executives must understand their responsibilities for the management of information - claiming ignorance of poor practices is no defence.
Too many DRM implementations fail because organisations do not clearly define their objectives before they start.
A major reason for the failure of a DRM implementation is a lack of end-user buy-in and training during the planning and implementation phases.
A DRM system must be aligned to business objectives and driven by the business and not by IT.
Despite many litigation cases involving e-mail, organisations are still failing to include e-mails and other unstructured information sources within the scope of their DRM solution.
DRM should be transparent to end-users; enabling them to work within environments they are familiar with through the automation of DRM processes.
Retaining information is only half of the process; organisations must also be able to discover and retrieve it within the timeframes demanded by the raft of regulations and legislation which they are subject to.
Disaster recovery and business continuity must be included at the planning stage of a DRM implementation - an inability to access requested information because of a disaster will not be regarded favourably.
Additional Information
CATALYST
Many early Document and Records Management (DRM) deployments were rolled out at the departmental level as point solutions to address a single issue. Now these organisations are extending their deployments enterprisewide to address compliance requirements or to deliver an integrated information management strategy.
ANALYSIS
Introduction
Butler Group last published a Report on DRM in February 2005. Although in many ways the core DRM technology has not changed to a large extent, we felt that the time was right to revisit the topic, as the circumstances in which organisations are implementing DRM have evolved. Many of the problems faced by organisations have changed in the past three years. At the time of writing the original Report, the take-up of DRM was still relatively low and organisations were interested in what benefits the technology could provide. Now, however, we are in the second wave of DRM.
According to research from Datamonitor, Enterprise Content Management (ECM) has a market penetration of over 80%, with more than 40% of organisations planning to invest in new ECM systems or expand their solutions in the next two years.
This means that many organisations that have already implemented DRM are considering deploying a different product, either because the first implementation was less than successful and did not provide the business benefits expected, or because their requirements have evolved and their current solution can no longer address their needs. There are also organisations that initially deployed DRM as a point solution to address a single issue, often within a single area of the business, which now wish to roll out DRM solutions enterprise-wide in order to meet compliance requirements or provide an integrated information management capability. Therefore, what organisations require now is a more practical look at how to achieve a successful DRM implementation and how to apply some of the supporting DRM technologies, and this Report covers these areas.
Business Issues
One of the reasons cited for an initial DRM implementation being less than successful is that organisations, particularly those in the public sector, were panicked into buying DRM for compliance purposes. This resulted in insufficient planning being undertaken to ensure that these organisations were able to derive business benefit from their chosen DRM solution. We believe that organisations must now look beyond the requirements of compliance when considering the implementation of DRM, to also consider how they can derive business benefit from the solution - an implementation to address compliance alone cannot succeed. If organisations are foresighted and look beyond compliance, to plan the implementation so that it provides business benefits - for example, by enabling users to save all unstructured information into a central repository from where it can be accessed and shared - they will also derive cost efficiencies. The other major reason that implementations fail is that organisations do not define their objectives before the implementation. They realise that there are business benefits to be gained from DRM, but have not clearly defined their requirements or how the potential benefits can map to their business strategy. The objectives are the cornerstone of a DRM implementation and organisations must define them clearly or again the implementation will fail. Despite an increase in the number of regulations and legislation to which organisations must adhere, compliance is still low on the agenda for many and litigation risk continues to be a more important driver in the UK and Europe. Better manageability of unstructured information is also a determining factor in the decision to implement DRM. It is our belief that Return On Investment (ROI) can be achieved and therefore DRM justified on the savings that can be made through the better management of information alone, although it is often difficult for business managers to justify the required budget on these grounds.
However, not knowing what information an organisation has is a huge potential risk. There is a danger of contentious information that, were it to get into the public domain, would be damaging for the organisation. Norwich Union discovered this to its cost when it was forced to make an out-of-court settlement of UK£450,000 after it was found that some of its employees had been sending defamatory e-mails about one of its competitors and the company was unable to locate the e-mails - they had been deleted. In other legal cases Morgan Stanley has also been fined over an inability to locate e-mails or even to be able to state whether the requested e-mails still exist. The size of the fines that are now being levied on organisations for a failure to locate information, or in some cases be able to state whether information exists, would more than cover the cost of implementing a DRM solution with the associated services that are generally required.
Technology Issues
In terms of technology the major issue for organisations is how DRM can address their particular needs, and which type of solution will provide the closest fit. For organisations that are document-centric creating most of their documents internally with little requirement for integration with other repositories, an Electronic Document and Records Management (EDRM) system may be sufficient. This generally provides workflows that support the lifecycle of a document, including its declaration as a record, but does not provide extensive integrations with other applications. However, organisations that import (rather than create) a high percentage of their documents have a need to integrate with structured data as well as unstructured information sources, and require complex document-centric processes, an ECM platform with DRM capabilities will generally be better suited. In terms of technology there is often little to differentiate vendors in each of the two categories. The majority of the major EDRM vendors were The National Archives (TNA) 2002 certified and number public sector bodies amongst their customer bases. Their products are therefore geared towards serving organisations in document-centric, regulated industries. In terms of DRM functionality, there is also little to choose between the leading ECM vendors. They too have a focus on certification. Not all of them achieved TNA 2002 approval, although most are certified by the Department of Defense (DoD) in the USA. The areas in which these vendors differentiate themselves are in broader ECM functions such as Business Process Management (BPM), digital rights management, scanning and imaging, digital asset management, e-mail archiving, and output management. These additional capabilities of the ECM vendors are reflected in the price of the platforms, although some of the additional features are offered as optional modules. Organisations therefore need to carefully consider what type of product to deploy, and must take into account future requirements rather than simply current needs. Regardless of the type of DRM system organisations implement, a potential issue that they all face is that of the long-term retention of information. Whilst most organisations now recognise the need to carry out a hardware refresh periodically, they are also faced with the problems of file format obsolescence and there are currently a number of new file formats being developed for long-term retention.
One of the more contentious areas of Records Management (RM) currently is the debate between integrated RM and in-place or federated RM. Whilst Butler Group regards an integrated approach to be more secure, we recognise that there are circumstances when this is not appropriate and federated RM is the only feasible option. In these circumstances organisations need to pay particular attention to the security of the records that are maintained in their native repositories.
Market Issues
Take-up of DRM has greatly increased over the last couple of years with, according to figures from Datamonitor, traditional Document Management (DM) technologies representing 63% of the market, with non-traditional ECM technologies such as enterprise search, portals, content integration, and Information Lifecycle Management accounting for the remaining 37%. Estimates from Datamonitor predict that the ECM market will grow from US$1.6 billion in 2006 to US$3.5 billion by 2012, which means that there is still plenty to play for by the ECM vendors, and in Butler Group’s opinion this is one of the major reasons for vendors outside the ECM market moving into this lucrative area. The DRM vendor landscape has changed considerably since the last Butler Group Report was published in 2005. At that time most of the ECM vendors were still independent, with only Documentum having been acquired by EMC. However, over the past two years acquisitions have accelerated. FileNet was acquired by IBM, Open Text bought Hummingbird, and Oracle finally entered the ECM market through its acquisition of Stellent.
During the writing of this Report, it was announced that HP was to acquire TOWER Software subject to shareholder approval, although as the biggest three shareholders who hold 90% of the shares are in favour of the deal it is likely to go ahead. The addition of TOWER Technology’s TRIM Context to the HP portfolio is an excellent move for HP. TRIM already forms part of HP’s Integrated Archiving Platform (IAP), and the acquisition will enable HP to develop and expand the TOWER platform and provide the company with an immediate share of the ECM market.
The EDRM market has also changed with the entrance of Autonomy through its acquisition of Meridio. The earlier acquisition of ZANTAZ provides Autonomy with the opportunity to build an extremely powerful portfolio through the combination of Meridio with Autonomy’s search capabilities, the ZANTAZ archiving solution, and ZANTAZ e-discovery product. Butler Group expects there to be further consolidation in the market. There are only three major ECM vendors that remain independent: Open Text; Interwoven; and Vignette. Of these three vendors we feel that there will be considerable interest in Open Text from the major Enterprise Resource Planning (ERP) vendors, which could result in a bidding war. There are also other large infrastructure vendors that may wish to move into this market. In addition there is a growing open source presence in the ECM and DRM markets through vendors such as Alfresco and Nuxeo.
Over the coming years the DRM market will continue to evolve. The presence of Microsoft Office SharePoint Services (MOSS), which is Microsoft’s entry into the DRM market, will introduce the idea of DRM to a wider audience, which in turn will benefit vendors with more scalable solutions as the requirements of smaller companies grow beyond the capabilities of MOSS. There is still much to be played for in the DRM market, which will see additional large infrastructure vendors exploiting this lucrative space. This ensures that it will continue to be an exciting area to observe. Butler Group Market Lifecycle Positions Butler Group’s vendor ranking and assessment model groups suppliers into Shortlist, Consider, and Explore categories, and shows the predicted progress through the three major phases of Early Adopter, Market Adoption, and Market Maturity. Within each group vendors are listed alphabetically.
This Report reveals:
How DRM is bringing together information from multiple sources and systems.
The importance of technologies such as classification and security in DRM.
The business issues that are driving the next wave of DRM deployment.
How BPM, workflow, and integration can add business value to DRM.
A range of best practices for DRM.
How to derive business benefit from a DRM implementation.
How to rescue a failing DRM implementation and bring it back on track.
Butler Group’s rankings of the capabilities of leading DRM vendors.
(0 items)
