More important than any given technology in the data center are the perspectives guiding data center operations. Technical capabilities and functional requirements alone do not determine the architecture or operations of the data center. Instead, the organizational perceptions of what IT is and of the importance of the data moving through IT’s domains set the overall tone for what is required of systems architecture, deployment and operation.

Information stewardship is one key perspective Nemertes highlights. Information stewardship calls for holistic data management in the enterprise: defining and enforcing policy to guide the acquisition, management, and storage lifecycle of data, and the protection of data from theft, leak, or disaster. Our research shows that enterprises that manage these intertwined issues as a set are more successful dealing with them than those that treat them as disjoint.

The IT executives we are speaking with in our current research on security and information protection frequently cite the rising importance of a second key perspective: risk management.

In the past, we mainly heard about risk management in two specific contexts: disaster planning and security. In disaster planning, risk assessment (where risk equals the cost to the business of major IT outages times the likelihood of the natural or manmade disasters that would lead to those outages) dictates how much the enterprise should spend on back-up IT infrastructure and services. In security, IT would often focus on specific threats and specific defensive technologies, and use risk assessment mainly to help decide where to spend money on security tools, or how to dedicate IT security staff time.

Now many of the people we speak with tell us they use risk as a lens through which they view all their systems, processes, and staffing. Risk is not subordinate, as a component in the calculations of security and business continuity planners; instead, security and business continuance have become facets of risk management.

It is straightforward to re-frame the major components of information stewardship - data quality management, information lifecycle management, business continuance, information protection, and compliance - as risk-management activities. After all, the clear underlying reason for something like business continuance planning is to mitigate the risk of an IT service outage hampering business operations; for compliance, the risk of adverse consequences from failing to obey the law; for information protection, risk of data being stolen or leaked.