By Oscar Berg, Future Office Evangelist
April 20, 2010 - 11:02 AM
During the last couple of years I have carried out ECM and Collaboration assessments for companies where I have observed a resistance towards social software - which to a large extent can be seen as a direct symptom of bad security practices. I have observed that these companies have the following in common:
-
They don't have a security classification system for their information assets. This usually means that they label everything, even trivial information or freely available information from external sources, as confidential. Such a practice obviously hinders the sharing of information with external parties such as partners. So what do business users do when they need to collaborate with external parties? Well, they share the information anyway.
-
Existing policies and directives are hard and costly to use. They require users to spend a lot of time and energy on administration and bureaucratic routines. So what do business users do when they need to share something? They don't follow them.
-
There are no easy-to-use solutions for sharing information, neither internally nor externally. Even if they have a platform such as SharePoint in place, they have implemented it in such a way that it prevents sharing across organizational borders, and even between different departments within the same company. So, what do they do? Well, they send attachments via email or share the information via USB sticks.
-
They all have a document management system for managing their most important documents. Since these systems are hard to work with and often difficult to access, users make copies and save them on their desktops, file shares, USB sticks, and so on.
-
They have a collaboration platform such as SharePoint. Users rather use that platform than the document management system to store documents because that is where they collaborate - even if there are directives which says they should store the documents in the document management system. And since the documents can't be easily share via SharePoint (how weird doesn't that sound?), the documents are shared as attachments via mail or via USB sticks.
I can understand that these companies need to deal with these problems, or at least come up with a strategy for dealing with them, before they allow and encourage employees to use social software such as blogs, wikis and social bookmarking. The thing is that they are not dealing with these problems since they have other things higher up on their priority lists, such as cutting costs and improving customer experience (sadly, they fail to see the connection here).
Instead, they point finger at social software, arguing it will create security problems. The reality is of course that they already have major security issues as unclassified information is being shared via email and USB sticks, without any control whatsoever.
Some people obviously got tired of sharing documents via email and USB sticks and downloaded and installed open source wikis, blogs, and other tools to make information sharing easier. The IT department is well aware of this since they have done these things themselves. Having administrator rights to their machines and access to servers here and there, it’s a piece of cake for them to set up Mediawiki or WordPress blog. However, the regular business user can't install anything and has no access to external tools such as DropBox, Basecamp and Google Docs that could help them solve their sharing problems - the IT department has blocked access to every external web site requiring authentication and allowing uploading and downloading of files.
If these companies would realize that they currently have little or no control over how their information assets are shared, and decided to deal with this situation, they would also likely come to discover that social software such as wikis, blogs, micro-blogging and social bookmarking can play important roles in an Information Management strategy. As these tools enable business users to create, update, share and access information in fast, easy, and secure ways, users will no longer need to find insecure (or unknown) workarounds when they need to share information.
Rate Post
You need to log in to rate blog posts.
Click here to login.
This post and comment(s) reflect the personal perspectives of community members, and not necessarily those of their employers or of AIIM International
