Professional Documents
Culture Documents
governance
Transforming your
governance strategy
Table of
contents
03 You need governance that scales
that scales
their information
sprawl was due
to unstructured
content.¹
Digital transformation efforts have resulted in
critical content being spread across different
systems, making it harder to govern.
Only 42% of people believe they’re on track to meet their governance
objectives, according to a Gartner survey. Moreover, lacking a modern
approach, 80% of organizations seeking to digitally scale will fail by 2025.
Only 42% of people
believe they’re on
Today’s digital-first companies use Box to centrally manage their track to meet their
unstructured content across best-of-breed applications. With Box governance objectives.2
Governance, you can create content management policies to properly
retain, dispose, and preserve your content.
Lacking a modern
approach, 80% of
organizations seeking
to digitally scale will
fail by 2025.3
¹ AIIM, Accessible and Secure – Best Practices for Automating Information Governance
2,3
Gartner, Choose Adaptive Data Governance Over One-Size-Fits-All for Greater Flexibility
5 steps to good governance 4
stakeholders how you will make their lives easier so they are motivated to minimize costs and reduce legal exposure from subpoenas or
participate in the process. data spoliation.
HR and finance
Ensure proper retention and disposition of employee and
financial records.
IT and security
Confirm classification levels and other requirements for
protecting sensitive documents.
End users
Preserve the ability to get work done without friction from
security, governance, and compliance requirements.
“We are a FINRA-regulated company, so
compliance and security are always a key
foundation for any solution. We chose Box
because it met our security and compliance
requirements and for its ease of use.”
Kathyrn Dundas, Vice President Technology, LPL Financial
5 steps to good governance 8
Step 3: Proactively set guardrails Here’s a handy checklist for how to get started:
for document lifecycle management
Retention policies
Protect sensitive or regulated data by applying intelligent policies
Determine time periods for which you will retain content, and
that automatically follow your content. When you set guardrails for
set disposition actions for when the retention period ends.
your users — from classification levels and retention and disposition
schedules timeframes, to rules for external sharing — you make adhering
to governance requirements much easier on your teams. Legal hold export
Export documents on legal hold for legal review and select custom
filters to narrow scope and improve relevancy of exported content.
Compliance support
Configure policies to comply with regulations like FLSA, OSHA, and
SOX as well as industry-specific regulations like FINRA for financial
services or HIPAA for healthcare.
Deletion control
Decide who can permanently delete items from the trash. Create an
automatic email archive of user activities.
Data protection
Protect high-value data from accidental or malicious deletion by
setting protective policies.
Version control
Maintain an unlimited number of versions for all files, enabling the
ability to preserve and restore all previous versions. Keep as many
versions of files as you need for retention and identify potentially
relevant content for discovery requests.
“When we rolled out Box in our litigation
practice, we were able to then collaborate
and share content with courts much more
easily and effectively, and clients were
able to share data with us on a digital
basis much more securely.”
Shawn Curran, Head of Legal Technology, Travers Smith
Self-governing documents
Make retention simple for users and administrators so they don’t
have to interact with files in a separate, siloed repository or go
through cumbersome, manual processes. Instead, use lifecycle
management policies that follow documents where people engage
with them across all their workplace applications.
Classification cues
Remind employees what category a document falls into (contract,
employee record, etc.) and if it contains sensitive data with
visual cues. If a file meets a specific confidentiality or regulatory
threshold, proactively set the right lifecycle management and
security guardrails. This takes the burden off the user.
Defensible preservation
Preserve content for subpoenas or legal action without impacting
user productivity or requiring significant time and effort from
your legal or IT teams.
5 steps to good governance 11