10 Steps to Building a Solid Data Management Plan

By Brent Whitfield, CEO of DCG Technical Solutions Inc.

If you’re preparing to draw up an RFP for managing your migration to a hybrid or cloud IT environment, you are going to need to get a handle on all of your data. The bigger the organization, the more data will be coming into and out of your existing network, and every bit and byte of that traffic needs to be accounted for.

A data management plan (DMP) fulfils that need, but there are almost as many DMP protocols as there are businesses writing RFPs. How can you ensure your DMP will be comprehensive enough for the job?

We can learn a lot from the world of academic and scientific research. How? Because this field is already used to manipulating and securely storing sensitive data so that it can be used to advance the research cycle.

The following ten step guide is distilled from a more academic version aimed at research scientists. The original was published by PLOS, a San Francisco-based open access publisher.

Step 1. Communicate your specific needs

There will be many IT consulting companies vying for your business and they will all claim that they can best handle your migration project. If you are unsure about what your needs as a business are, these firms will drive the conversation.

By drawing up a detailed DMP you will know exactly what types of data you process, what your storage needs are, any restrictions that need to be in place and what security measures are required.

Only those companies that can give you specific answers to your many questions should be shortlisted for the contract.

Step 2. Carry out a full data audit

And  that means full. We are in the age of ransomware, botnets and the GDPR. Any unmonitored data flow provides a blind spot which can be used to breach your defences. Who would have thought lapses at a humble air conditioning firm could have led to the Target hack?

To make the audit more manageable, break down data both by type, such as emails, financial details, statistics, and images, and by source, like internet server, private data center, customer credit cards, third-party applications, and private networks. Create a flowchart to show the paths that data takes into and out of your business. Leave no stone unturned.

Step 3. Specify data organization requirements

If you come from a research or academic background you will already have very clear and detailed specifications for identifying data and database requirements. In other fields and industries, this process could be more ad-hoc.

This is a great time to assess your current way of working and discuss whether there could be a better way. The cloud offers substantial scalability. Is your data at risk of being lost in cyberspace, or can your organizational systems scale up accordingly?

Step 4. Identify what documentation is needed

What documentation is connected to your overall data organization processes? Would someone new to your organization be able to work within the same framework or would they need extra training?

If you are still using paper-based documentation, now is the time to investigate the possibility of document virtualization. Consider how you might use metadata and ‘readme.txt’ files to make organizing data more intuitive and scalable.

Step 5. Highlight how data is checked for quality

Do you have a process for checking the quality of data and adding to or amending it as necessary? Is this process transferable to a cloud or hybrid environment? Are there tools that can automate the process and save on employee resources?

The best IT management services will be able to suggest appropriate tools and may have agreements with vendors for special rates.

Step 6. Set out a data preservation and storage strategy

Figuring out how your data will be stored is a very important part of the process because it impacts everything from cost to security to compliance.

In terms of location, it is common now for businesses to keep three copies of their critical data across two geographically distributed areas. Decisions will need to be made about how much (if any) data will be backed up in a relatively physical form like hard drives, and how much will be stored only in the cloud.

Companies will also have to decide how long data will be stored for, balancing access needs with cost and adherence to data protection laws.

Step 7. Define your data policies

Next, run through all of your existing data policies with a fine-tooth comb, ensuring everything discussed in the previous steps of the plan is covered within them. You should also set out any licensing and sharing agreements in place together with any media embargo policies and legal or ethical restrictions.

You will probably have to amend or completely rewrite your data policies in light of the information discovered and the upcoming changes.

Step 8. Describe how data is to be disseminated

Organizations in certain industries are expected to disseminate data in the form of reports, white papers, research findings and other media. Now is a good time to go through your dissemination processes to find out if there are ways to utilize the power of the cloud to improve efficiency.

Step 9. Create roles and responsibilities

By now you will have a clearer idea of the personnel needed to carry out all of the data-related tasks required, both during the migration and on an ongoing basis. Assign roles and responsibilities for everyone involved in data collection, data entry, quality control, metadata creation, backups, data preparation and archive submission.

It is also wise to revisit your plan on a quarterly basis to assess performance and update it with new policies and procedures. Put a team in charge of this revision process.

Step 10. Set a budget for your migration project and ongoing IT services

In order to provide an appropriate migration solution for your business, an IT consultant will need to know what your budget is. You will need to think about what hardware and software you need, which licenses and fees will be payable and any personnel costs, both during the move itself and for ongoing support.

You should now have all the information you need to write a formal plan which can be included in your RFP. You will also be in a position to ask detailed and pertinent questions when it comes to meeting with the IT service providers pitching for your project.

 

About the Author: 

Brent Whitfield is the CEO of DCG Technical Solutions Inc. located in Los Angeles, CA since 1993. DCG provides specialist advice and IT services Los Angeles area businesses need to remain competitive and productive while being sensitive to limited IT budgets. Brent writes & blogs frequently and has been featured in Fast Company, CNBC, Network Computing, Reuters, and Yahoo Business. https://www.dcgla.com was recognized among the Top 10 Fastest Growing MSPs in North America by MSP Mentor. He also leads SMBTN – Los Angeles, an MSP peer group that focuses on continuing education for MSP’s and IT professionals. Twitter: @DCGCloud.