Web 2.0 collaboration tools are irresistible to end users: They're easy to set up and use and can be accessed from anywhere. Employees can upload or create documents, spreadsheets, wikis, and blogs, then invite co-workers and partners to access, edit, and download content. These apps often include productivity enhancers such as search and tagging. And not surprisingly, vendors are encouraging the trend--Microsoft and IBM have added wikis and blogging capabilities to enterprise apps including SharePoint and Lotus Quickr, while Google and upstarts like Socialtext, PBwiki, and Jive Software are luring corporate users with freebie accounts and dead-simple deployment. Departments and business units can provision users in minutes, pay with discretionary funds--and never make a single call to IT.
Sadly, all IT gets out of the deal is a big fur ball as it struggles to organize corporate content run amok. The potential for exposure of sensitive information or theft of intellectual property runs high, as do concerns about noncompliance with corporate or third-party requirements as end users scatter sensitive information around the Internet. If the company gets tangled in litigation, data relevant to discovery requests may be lurking unknown on third-party servers, exposing the organization to financial or legal sanctions.
We have to get a grip on this problem, but how?
You can ignore Web 2.0 tools, or try to shoo users away. If you take one of these approaches, let us know how it works out for you. A better approach is to embrace new collaboration methods, whether through an in-house deployment, a software-as-a-service option, or both. In "SaaS: Red Light, Green Light", we discuss the new batch of decision metrics companies need to use when evaluating delivery of any business app in a service model. Fortunately for IT, many collaboration apps include authentication, access controls, change logs, and methods for exporting data into corporate storage, all of which help manage risk.