Executive Summary
Information governance deals with data management, retrieval strategy, checking, archiving, and retrieving data recorded from all organization facets. It offers a mechanism for enforcement and administration to ensure global continuity in strategic management of information across the organization. Herein in, a detailed discussion of information governance is provided. Massachusetts Mutual Life Insurance Company has hired me as the Chief Information Governance Officer and directed I implement an information governance program. Information regarding data that matters to the top management has been discussed. Challenges that face the success of information governance has been discussed. Major strategies include contracting cloud computing services to guarantee security, privacy, and availability of information. The use of social media to increase market presence has been highlighted along with the help and protection of email accounts. To a large extent, the paper has considered information governance as a requirement towards the success of Massachusetts Mutual Life Insurance Company.
Program and technology recommendations
Metrics
As the Chief Information Governance Officer (CIGO) of Massachusetts Mutual Life Insurance Company (MMLIC), I will enhance a metric-driven information governance program. This will include assessing the behavior of users through search analytics. These are vital data sources to input how information can be arranged and organized to optimize consumer value (Smallwood, 2019). Examples of search metrics include the range of search results, several searches without results, products in which users do not click some but perform a different search, the coverage of search words in one taxonomy, and various types of specific metrics. The careful use of computational technologies will have substantial benefits and high returns (Smallwood, 2019). Search analytics include the performance of site content and design constructs for additional databases for governance teams. Data helps to overcome gaps in how knowledge is regulated, overrides views that are not warranted.
Since MMLIC is a big organization that generates vast data, it’s essential to align metrics with information governance goals. This will ensure improved regulatory compliance and increased productivity (Hanson et al., 2019). Beside, confidential and sensitive information will be secured while IT storage and administrative cost will be reduced.
Data that matters to the executives
At the top of the organizational hierarchy, MMLIC is led by the Chairman, who serves as the president and the chief executive officer (Massmutual.com, 2020). He is also the executive chairperson of the board. Other top managerial officers include the chief financial officer, managing director of human resources.
An insurance firm like MMLIC generates a lot of data daily, and the executives should focus on evaluating this data. It includes; accident reports, personal records of the policyholder, and third-party databases that allow individuals to be divided into distinct types of risk, fraud-prevented failure, and cost optimization (Gimpel, 2020). Besides, the transition into the digital world by MMLIC opens up new sources of data to establish a complicated pattern of actions for each client and precisely define the danger class of their clients.
In such an organization, the CEO is in charge of making critical business decisions on behalf of the company. With digital data in place, it will guide the CEO and other executives in making important decisions and reject making decisions based on instincts and experience (Abels & Martelli, 2013). Though the CEO can delegate duties to the junior staff, he remains responsible for the overall lead. He leads the development of both short-term and long-term strategies measurable and describable within MMLIC. Besides, he communicates on behalf of the organization with the government, shareholders, and the public (Abels & Martelli, 2013). Also, he asses the company’s risk and ensures that countermeasure is deployed to minimize risk impacts.
To get the data into the CEO’s hand, I will create the CEO dashboard. According to Bilicki & Roeder (2016), A CEO dashboard is a corporate leadership platform used to calculate, map, interpret and visualize data for CEOs, using immersive, high-quality sales, marketing, financial, and other prominent business fields, to make data-driven decisions.
Regulatory, security, and privacy compliance expectations for MMLIC
MMLIC prides itself on enhancing integrity and trust throughout its operations. To maintain a comprehensive program that ensures privacy, confidentiality, security, and integrity of clients’ information, I will improve the MMLIC strategies through the following recommendations and plans.
The first website needs to be secured. Since most of the operations will be conducted in an online platform, there is a need to secure the web and the online portals before and after going live. The monitoring between launches guarantees that no new bugs are found and ensuring that portal is secured from external attacks (Herold, 2010). Before I developed a strong program, I would recommend using firewalls to virtually patch the portal.
Management of privileges accounts. Using the least privilege principle, I would secure databases and all devices and ensure that they are accessed by persons requiring detailed data for their operations. This will reduce cases of the data breach and eliminate redundancy among employees. Similarly, it will enhance the information life cycle (Maple, 2017). The life cycle of information is shown in figure 2 in the appendices page.
I will ensure security training for all internal users. Since they are the weakest link in the security chain, exercise will reduce accidental deletions, phishing, and data breach (Herold, 2010). Security education could cover password complexity creation, how phishing attempts are detected, and social engineering initiatives. The insurance industry is in a very precarious position if the internal customer base is not trained.
Lastly, I would recommend that MMLIC must keep assessing their information systems structures to recognize systems that are compromised or vulnerable to attack and establish a process-oriented action strategy to minimize the recovery time through the company of all impacted properties (Maple, 2017). Recommended security plans are iterative, process-orientated, and agile for a complex danger scenario where emerging attack vectors and tactics enable insurance firms to be always alert.
Email and social media strategy
For email, I will recommend the use of password managers. Password theft continues to be a significant impediment to successful information security. According to Nyssanbayeva et al. (2019), standard errors like using the same password for multiple sites have increased password theft by 60% between 2018 and 2019. I would train all users on using a sophisticated password and have a master password to assist in case of forgotten passwords.
Besides, I will educate employees on how hackers generate malicious emails that look normal using various social engineering, phishing, and URL spoofing tactics. The compromised attachments and connections that these malicious emails offer will lead to the worst security compromising when downloaded or opened (LeMay & Tan, 2010). This will ensure that they don’t open emails from unknown sources or without clarifying from CIGO. Also, I will recommend using secured work-related emails with end-to-end encryption to protect from the data breach.
Modern marketing strategies require organizations to consider social media as the best marketing tool. I will create social media platforms that will operate under strict management to maintain and increase brand presence (Jacobson et al., 2020). Social media lets you recognize your brand and what you deliver to an interested audience. Besides, it establishes a relationship with customers, and you can communicate openly and rapidly with your teams, company, and consumers.
I will design a clear social media policy to minimize redundancy and ensure they use these sights safely. The system should ensure that employees use a disclaimer saying that their views and opinions don’t reflect those of MMLIC.
Cloud Computing Strategy
Based on the velocity and volume of the data generated by MMLIC, I would advocate for a cloud computing plan. This program will involve sourcing a reliable vendor to store, protect, and maintain our data (Happ et al., 2016). The biggest motivator is cost, risk avoidance, and risk transference.
Yet, MMLIC will benefit from another great asset to the flexibility of cloud services. Not only does the investment in servers and other computer equipment have a high sticker cost, but it also locks the company’s potential for growth into its existing infrastructure’s capacity. Cloud services will store and provide access to on-demand information (Happ et al., 2016). This will improve the competitive edge of MMLIC but also keep it head of the competitors due to customer satisfaction.
Conclusion
Information governance is gaining popularity as more business organizations invest in information infrastructure. The adoption is to increase the competitive edge in the dynamic industry influence by IT innovations. Information governance (IG) is on-demand industries benefit from the enormous data they generated in their daily operations. As discussed in the paper, MMLIC will help and increase its competitive advantages in the insurance industry. An array of research has been conducted to ascertain IG’s effectiveness and its implementation to help businesses. Despite the advantages, there exist some challenges that impede the success of IT and IG. As the CIGO, I have discussed countermeasures to many threats. Threats such as hackers’ attacks can be mitigated by securing the website and training all information users on safe online consumption.