I spent a couple of days this week at the ARMA conference, which is the organization representing records management professionals. You get a unique perspective when you hang out with the folks responsible for record keeping in the enterprise because they have a records- and governance-centric view of the enterprise that you don't see at most other conferences.

Not that governance itself is a bad idea. It's not of course. You absolutely must have a set of rules--whether the type of communication is a homing pigeon, a phone call, an instant message, an email, a tweet or a face-to-face meeting.

The problem isn't agreeing that there should be rules, it's getting the various parties inside an organization to come to some kind of consensus about what those rules should be, who should run point on this effort and what technology should be used to enforce the policies (if any).

The trouble comes into play because of typical enterprise turf wars. IT is looking at the problem from a pure technology-implementation perspective. Legal has a different set of priorities than the record keepers and they both don't get IT. It gets almost religious in some places, and that's a problem because when these groups get caught up in turf wars, they lose sight of the main organizational requirement for a set of clearly defined rules.

Not only are these interdepartmental-squabbles obviously counter productive, but they don't really matter. Now don't get me wrong, clearly every organization needs a broad set of polices and rules regardless of the content or the technology, but it all comes down to a common-sense understanding of what's acceptable and what's not.

The goal shouldn't be to control the vast amounts of information flowing in and out of a typical enterprise, because it's just not realistic. You can't do it. Forget about it. You could try to lock it down, but that's even more counter-productive in today's Internet-driven business world and it doesn't work--especially when the Internet is only as far away as the smart phone in your employee's pocket or purse. 

The first step is realizing that you can't monitor everything. Instead you need to set clear policies, and if you step over the line; depending on the severity of the violation, you get reprimanded or fired--plain and simple. If you email confidential information, it's not OK. If you tweet it? Still not. If you talk to a reporter about it? Still not. You sign a contract when you join the organization and that policy applies regardless of the technology you are using.

And let's face it, while the various interested parties inside an organization argue over who controls what information and who decides what the rules are, work is still getting done in the trenches. People are using social media and accessing cloud services.

Yes, Virginia, your employees are already using the applications enterprise control freaks are so worried about. They have been using them for a long time. The cloud is so easy to use, it doesn't require the buy in of enterprise powers that be (and that's probably a big reason why they are using them).

So instead of wasting a lot of time and effort trying to stick your finger in the dam of information, think about introducing a dose of good, old-fashioned common sense. Then step back and let the rules take care of the rest. If you have a set of clear, reasonable guidelines, most people will get it. And those who don't, well just show them the door. It's not that hard. It's really not. - Ron