Todays networking and collaboration tools present IT with the same challenges as the personal computer did in the 80s. And predictably, IT is reacting in the same ways.
I had a fascinating conversation with a CIO the other day. He was complaining about how users at his company were running roughshod over corporate systems and networks.
The most recent problems came to light when a network failure cut off e-mail and Web access throughout the companys far-flung operations.
Instead of simply calling it a day, creative employees quickly implemented workarounds. One group installed a quick and dirty Wiki to enable team communications.
Another took advantage of America Online Inc.s Instant Messenger application to route files and messages between geographically remote employees. Others used Web e-mail and wireless networking to keep the companys business flowing.
The CIOs response was predictable: He moved quickly to lock down corporate desktops and laptops to prohibit users from installing unapproved software or accessing unsupported Web services.
Its not the first time Ive seen such a dramatic, knee-jerk response to user-supplied productivity tools. In fact, the rise (and attempted squashing) of new collaboration tools, social networks and wireless connectivity today has eerie parallels to early PC adoption. And despite the best intentions of corporate IT, the results will be the same.
Back in the mid-1980s, when I worked at Chase Manhattan Bank, PCs were coming in the back door. Many divisions found that an IBM PC running Visicalc or 1-2-3 provided better information—and better decision-making support—than the approved, mainframe-based infrastructure.
The IT priesthood was not amused. Corporate systems auditors went on an anti-PC jihad, releasing a 20-page book of rules that these newfangled devices had to adhere to. Had we complied in full, those PCs would have been no more useful than a doorstop.
We all laughed, ignored the rules and kept working to improve Chases bottom line. Today, theres a PC on almost every desk at the financial powerhouse, and I suspect that those auditors and anti-PC leaders are all now happily retired.
Fast-forward to today. The PC has become an indispensable tool, but yet again, users are running rings around IT. These new products and services will transform business, just as the PC did in the 80s.
But just as predictably, many IT groups will resist—wrapping themselves in up in Sarbanes-Oxley compliance, application and network security and preserving the integrity of critical systems.
Wondering what those key applications are that will change corporate systems? Heres a quick list for IT—so they know what to forbid—and, for users, to help them hide. Ive also added my own recommendations, to bridge the gap between the two.
Securing Wireless Networks
Wireless networking lets users compute from any office or conference room in your building, as well as from home, Starbucks, etc. Most new notebooks have wireless networking built in, as will tomorrows PDAs and cell phones.
IT: To catch a thief, think like a thief. Outfit a notebook with the latest version of Netstumbler, and leave it running around the clock. Do a daily walk-around with the system to try to pick up any rogue access points. Confiscate and destroy immediately.
Users: Turn off SSID broadcasting to hide your access point from ITs prying eyes. Make sure you use some sort of security, so that when you do get caught, you can at least plead intelligence.
Install Groove Networks nifty synchronization software, Laplink Software Inc.s Laplink Remote or Citrix Systems Inc.s GoToMyPC to let you sneak inside the firewall while at your local coffee shop.
Middle ground: Lets face it, wireless is here to stay. Its an incredible productivity boost, and your users are demanding it. Set up a secure wireless network at the office and install VPN software to let users easily and securely connect while on the road, down the street or at home.
“Why do we need IM?” Ive heard some IT managers complain. “Weve got e-mail.” Well, its the difference between a letter and a phone call. IMs instant and provides an easy way to share info and keep track of far-flung employees.
Plus, it offers a quick and dirty replacement should your corporate e-mail system go on the fritz. Advanced versions allow for quick file-sharing and will even set up free Internet voice and video calls.
IT: Use policies to prohibit installation of any unapproved application. Block IM ports on your firewall. Instruct your staff to keep a listen out for the telltale “boop-beep” that signals in incoming IM. Quickly delete and warn offenders.
Users: Web versions of AIM and other popular IM clients make discovery unlikely. Use Trillian or another cross-IM client in case IT shuts access to one or the other.
Middle ground: Its not just for the pimpled and tattooed crowd anymore. My advice: Try it. For quick communications and figuring out if someones reachable, theres nothing like IM.
If your corporate policies or the law require tracking and retaining instant messages, then consider a secure solution. Yahoos got a decent one, as does Groove.
Essentially an online diary, blogs make it easy to post text to the Web from anywhere. A new form, the “moblog,” uses camera-enabled cell phones to post pictures from anywhere, too.
IT: If your companys bigger than about 1,000 people, youve probably got a blogger in your midst. And since these public journalists spend most of their days at work, theyll probably end up exposing your company secrets online.
Make it someones job to assiduously search blog engines—such as Technorati and Feedster—for any mention of your company. When you find a blogger, shut em down under threat of termination!
Users: Blogs are a great way to share information among workgroups, as well as a wonderful exercise in narcissism. If you want to talk about your company, though, better use a pseudonym.
Middle ground: Internal blogs, inside the firewall, can be great for sharing project information or communicating from management to employees. Theyre even free.
Microsoft shops should consider the open-source, dot-net based Dot Text (what we use for our blogs here at Ziff Davis Media), while Googles Blogger and Movable Type will set you up with secure blogs as well.
And take a cue from famously secretive Microsoft. A public blog, written by a well-informed and coached employee, can be a great thing for your corporate perception.
The Scobleizer is a great read, and a good thing for everyone as well. Set up guidelines for what can and cannot be posted, and make sure your users agree to them.
Groupware from the ground up. An inverted form of Notes, these Web sites allow anyone with a user name and password to change or add pages at will. Sort of a multiuser blog, but so much more.
IT: Locking down Wikis will be tough. Set your routers and firewalls to support only outbound traffic to certain key, trusted domains.
Users: Since they behave just like any other Web page, just dont tell anyone youre using it, and youll be fine.
Middle ground: Lotus Notes shops will be amazed by how much more useful and productive effectively managed and supported Wikis can be. I recommend that users and IT meet in the middle here.
Create a Wiki server that fits within your permission and access hierarchy and sits inside the firewall. Take a look at Ross Mayfields SocialText for a Wiki thats at least trying to be corporate-friendly.
Peer to Peer
Peer to Peer
Popularized by Napster, P2P software lets users exchange music, files, movies—pretty much anything—without a server sitting in between.
IT: This means war! Anything that uses Napster-like technology must be bad. Again, here, lock down your PCs and notebooks. Create severe penalties for transgressors.
Ruthlessly root out any programs exhibiting peer to peer-like behavior. Set your layer 4-7 switches (aka gateways) to inspect for peer-to-peer-like behavior.
Users: If youre illegally downloading music and movies on the company dime, Ive got little sympathy for you. But there are some decent P2P applications that can help replicate key file folders and create shared workspaces. You can always plead ignorance if you get caught.
Middle ground: There are some excellent and secure peer-to-peer systems out there that enable workflows that just arent possible otherwise.
Groove, developed by Notes creator Ray Ozzie, has been successfully and securely used to aid the Iraqi redevelopment. Dont throw out the baby with the bath water.
The corporate version of online dating, these sites automate the concept of “six degrees of separation.” Users upload their contacts and create a Web of connections—allowing them to reach through their contacts to other potentially useful professionals.
At best, they can help maintain and grow a network of colleagues. At worst, they become little more than online versions of the high-school cliques.
IT: To protect against your users putting their company contacts up on outside Web sites, lock down access to the following domains: LinkedIN.com, Orkut.com, Friendster.com, Plaxo.com and Tribes.com. Or simply let users access only a handful of approved Web sites.
User: These sites can be useful—although Im hesitant about sharing my contacts with a third party. To hide your social networking, print out your contacts and connect up at home. Ive found LinkedIn Ltd. best for business.
Middle ground: Plaxo and LinkedIn can be very useful to help your employees stay connected and up to date. But before allowing your employees full rein, find out just how secure these systems really are.
The last thing you want is for the equivalent of your corporate phone book and sales-contact list to be exposed on the Internet for anyone to snag. But learn from these sites.
Perhaps you can set up some sort of social network for your customers or suppliers. Thats what we did, in fact, in our new version of our 1Up.com gaming site.
If you want to explore how a social network can bind your customers even closer to you, head over to our prototype.