Software updates may be compromising your IG.

• Author: Phillips, John
• Position: TECH TRENDS - Information governance

[ILLUSTRATION OMITTED]

Information governance (IG) cannot be thoroughly implemented in an organization that is operating uncontrolled technology systems and data repositories. Even when employees, contractors, and business partners work diligently toward consistent IG practices, external forces --namely, updates to cloud-based or resident software on laptops, cell-phones, and other digital business devices--can modify internal IT operational activities in ways that violate compliance with IG expectations.

This happens, in part, because vendors encourage technology users to enable background, automated downloading of updates to software to ensure that virus protection, hardware drivers, and bug patches are implemented. Unfortunately, because software updates are so frequent and often seem minor, most non-technical users just trust that Microsoft, Apple, Google, and other vendors will not release anything that will negatively affect their systems.

Another issue is that even though downloading the latest innovations in software releases and updates typically requires users to click through a software license "acceptance," they are rarely read or understood.

Organizations that allow end users to download software and software updates in this manner may face grave consequences with respect to software operations, privacy, security, and compliance with IG mandates.

Using Windows 10 as an Example

A good example of the ubiquitous nature of software updates is Microsoft's Windows 10 operating system. Users of Windows 7 and 8 have been offered an opportunity (through July 29) to upgrade their current systems to Windows 10 for free. This update, though, comes with intrusive data-gathering demands, and it should generate concerns about reliability and compatibility with a user's current software configurations.

Spontaneous Downloading

An additional concern is that the Windows 10 operating system appears to already have been downloaded to some computers spontaneously without users initiating a request for it! As first announced on the INQUIRER website in September 2015, some computer users who enabled automatic downloads of Microsoft updates may have downloaded update KB3035583, which automatically adds to the computer a hidden directory with up to 6 GB of files comprising the components necessary for Windows 10.

Allegedly done to speed up the eventual installation process, according to media reports, the premature downloads were exposed when it caused some users to momentarily exceed their data volume allocation with their communications networks. Although there is a way to delete these files, it is not for the technologically faint of heart.

Effects Not Transparent

Of more concern, Microsoft at the time provided little information on how Windows 10 affected privacy and security, simply stating, "This update includes improvements to enhance the functionality of Windows 10." A user's only reliable...