You should have by now completed your assessments and know your organisations like the back of your hand. You have used this information to decide on the most appropriate type of RMS infrastructure to deploy; be it on-premises, cloud or hybrid.
It is now time to draw up the deployment plan. In this section we will look at best practices for beginning an RMS deployment.
Do you prefer a ‘big bang’ approach?
Do you prefer to take it slowly in stages?
Do you first need a proof of concept to present to the board of directors?
Let's review and see what we can find out.
Classify ease of deployment
We’re employing the same strategy here as we have in previous posts when discussing sensitivity classification.
Rate your departments, if you have not already, based on how easily they adapt and what impact this might have to the business should they not be able to adapt or if it takes a long time for them to adapt.
You want to, as with any deployment, start with the lowest impact areas before working your way up.
This type of review will enable you to quickly see where the ease of implementation vs sensitivity lays. This will allow you to make an informed decision as to where to start your deployment.
Big Bang vs. Staged
If you prefer a big bang approach it is better to roll this into a larger change within your organisation.
This is generally suitable for smaller companies. The caveat with this type of deployment however is that it can be hard to control so you might have missed the opportunity to thoroughly test RMS with pilot users in each of your departments.
If you discover, once RMS has been deployed, that it prevents a department or users from accessing documents it will likely have a large impact on your business. This could force you to roll back and possibly manually decrypt documents that have been encrypted.
As such, for larger companies, we recommend taking the staged approach.
If you prefer a big bang approach it is better to roll this into a larger change within your organisation. A staged approach allows you to begin your deployment in a department that will have the least impact to your business should something not go as planned. It will be easier to control, easier to revert and after each deployment we recommend having a meeting where you discuss what you have learned through the deployment before moving on to the next stage.
Projects or Changes
Does your organisation have any projects being started that will change the way staff works?
This can be anything from implementation of new security standards, processes or a new LoB application etc. This is a golden opportunity to roll in your deployment into seamless operation, by making RMS a part of that project.
Proof of Concept
A proof of concept IRM deployment is an opportunity to demonstrate the capabilities of the RMS technology on a small segment of the organisation in a highly controlled manner.
This is an excellent risk-mitigation strategy that also provides the added benefit of determining whether the solution is appropriate for use by your company.
A proof of concept also gives a guideline on what challenges you might face during the full deployment and provides you the opportunity to produce appropriate training material if needed before deployment takes place.
Working with IRM does necessitate some changes to work behaviour, although the technology is seamlessly integrated, and if careful planning is neglected you may end up locking users out of critical documents resulting in damage to your business.
This is why, especially for larger organisations, we highly recommend a department-by-department rollout as it is so much easier to control and your staff have a chance to catch up to the new ways of working, giving the IT department an easier time learning to support the software in carefully managed and controlled stages.
Keep in mind that that not all of an organisations data needs IRM protection. All organisations have lots of information that is not intellectual property, trade secrets or client data. If your organisations sensitive data amounts to only 5% of what you have, only focus on protecting that 5%.
We’d like to deeply thank you for joining us through this assessment and deployment strategy. We sincerely hope the information you’ve found here will be of great use to you and your organisation!
Contact DPRMS if your organisations needs assistance to protect your data!