Being social in the enterprise is risky, but can we turn downside up?

I was very fortunate to have the opportunity to attend the final week of the Olympic Games in Vancouver earlier this year. I had an amazing time there with my wife and a friend of ours. We had a chance to ski, take in several great events, and interact with the the warm, friendly people of British Columbia.

We ended up learning a lesson or two about British Columbia weather, however. We did everything we could, given our knowledge of the area, in advance to prepare. We brought waterproof ski pants, waterproof shoes, and other gear. We planned to wear our waterproof clothing to each event during the week because we knew there would be a high chance of rain and snow. Expectations were met.

Our efforts were rewarded all week until the final event, men’s parallel giant slalom snowboarding. We arrived at the event in pouring rain. I don’t think I can describe the intensity of the rain in words. We also had to walk about one mile through a six-inch slush. Snow had accumulated on the ground, and all the footprints became mini reservoirs that held the rain fall in place.

We finally got to the grand stands and found a seat, but the rain kept coming. I mean, it felt like we were under a waterfall. We weren’t worried, though. We were wearing waterproof clothing. And it was waterproof, until it wasn’t.

After about an hour, we all felt the water coming in. The wind and low temperatures didn’t help. In no time, our shoes and pants were completely water logged.

It was an important reminder that no matter how much “man-made” ingenuity goes into keeping some things out, given enough persistence and natural force, some things just find their way in.

The same thing is happening with social media in the enterprise. No matter how locked down an enterprise is, given enough persistence, a force like social media will still find its way in–and also out. The natural initial reaction, I suppose, is to continue to socialproof the firewall, but firewalls only flank the cyber walls of a company’s infrastructure. They don’t stop employees from using mobile phones.

Networks no longer travel through wires attached to the building; they travel through the air we breath. And with the use of social media via mobile devices growing at triple digit rates, these ubiquitous networks are being used more and more to socialize.

Information security professionals are concerned. A recent ComputerWorld article highlights “the new risks of cyber-chattiness.”

Individuals are simply revealing too much about their professional lives online. It might be possible, for example, to cross reference a Facebook post about a “big project that isn’t looking good” with other posts and piece together sensitive corporate information. And while a LinkedIn request for a job recommendation reveals a job seeker, two or more seekers in the same division could reveal company upheaval.

Another example:

Consider the case of Robert Morgan. Earlier this year Robert, a researcher at Microsoft, updated his LinkedIn profile with details about his work on Windows 8 and its new 128-bit architecture. The problem was that Microsoft had never disclosed it was working on a 128-bit version of Windows (let alone working on Windows 8 or 9). This was a direct disclosure snafu made worse by the fact that anyone with an Internet connection could see it.

Another ComputerWorld article notes that

Businesses are still trying to figure out what to make of social networking. The knee-jerk impulse at some companies is to ban its use because it’s insecure and seen as unproductive, while at others it’s viewed as, in fact, the way a lot of people now get work done.

As one information security architect said: “We spent so many years locking things down.” So what will companies do now that the bolts that secured their operations so well for the last 20 years do nothing to stop an employee from sending a valuable trade secret into the cyber wild?

Information security isn’t the only risk that concerns companies. Many also seem to feel that social media is the enemy of productivity. However, an article from The Economist takes a different (slightly sarcastic) view noting that “an astonishing amount of time is being wasted on investigating the amount of time being wasted on social networks.”

As Andrew McAfee points out in his book Enterprise 2.0, the word “social” is unfortunate in that it connotes a sense of time-wasting to management who have either not used it themselves or who do not understand it. Indeed for many, the word social conjures up images of an employee yammering away on Facebook at work when they should be working. For those that have this image ingrained in their minds, social media is a productivity-killing force that must be quashed. After all, the workplace is for work, and “work” can only take place if employees are cut off from their personal networks, or so conventional wisdom would tell us.

We can all agree that social media brings risk. But risk is part of doing business. Risk is not always a bad thing because in the business world, risk implies not only downside, but upside too. The companies that decide to pause for a minute and look up while everyone else is looking down might like what they see.

And before we declare that we’re in choppy, new uncharted waters, let’s remember that we’ve already been here in some ways, as The Economist points out:

To veterans of the technology industry, the fuss over social networking sounds all too familiar. Whenever a new and disruptive technology appears, there is initially a backlash against it before it becomes broadly accepted. Even a seemingly innocent application such as Microsoft’s Excel spreadsheet was greeted with much scepticism because managers assumed workers would use it to make lists of their fantasy football teams or their weekend shopping—which is exactly what they did and still do. But along the way, Excel has also become an invaluable business tool.

In future posts, I plan to explore the upside to being more “social” in the enterprise. Please share your thoughts, concerns, and opinions on this subject in the comments.

Related posts:


, , ,

  1. #1 by Lisa Valentine on April 16, 2010 - 1:26 pm

    Here’s something that can help those IT depts being ruled by fear and possible misunderstanding of the risks of allowing social media apps on the enterprise network. It’s a whitepaper called “To Block or Not. Is that the question?”

    It has lots of insightful and useful information about identifying and controlling Enterprise 2.0 apps (Facebook, Twitter, Skype, SharePoint, etc.)

    IT departments are stuck between a rock and a hard place. They know that end-users and the business units will revolt if these apps are outright blocked. At the same time, they know these apps carry risks and can’t leave them unchecked. It requires a good balance between enablement and security.

%d bloggers like this: