It seems that Bring Your Own Technology may not be restricted to iPads and Android Phones alone. There is increasing evidence that employees are bringing their own social networks in for both external and internal collaboration.
Debra Donston-Miller writing in InformationWeek, summarizes the current state: “Like wireless networks and smartphones before them, social networks are coming in through the back door at many companies. That is, end users are taking it upon themselves to deploy social systems like Yammer or Jive, or are turning on social features in platforms such as Salesforce.com, without explicit permission or the support of the IT department.”
This trend may be wide spread, and the risks associated with it may be larger than organizations appreciate. The same article notes that Doug Landoll, director of risk management for IT security firm Accuvant, believes that most organizations are exposed. More significantly, Landoll feels that an unauthorized implementation “poses a risk that is not well understood by many organizations.” The risks include data security and undocumented access points for individuals with malicious intent.
What is driving this? The InformationWeek article states: “Experts agree that these networks are being set up not out of any malicious intent, but mostly by employees who see the potential of social networking within their organizations and are frustrated by not being able to tap into it.”
Interestingly, a recent survey by IBM of 4,000 IT professionals in 93 countries found that current authorized implementations of social networking by organizations are more internally focused that externally focused:
Many companies are implementing intranet-based solutions to begin testing the waters, and respondents expect these implementations to grow. The survey showed employee collaboration, efficiency in locating people and resources, and idea generation and sharing as the top three motivators for internal deployment.
If that’s true, why are unauthorized implementations proliferating? Simply put, employees like their technologies better. The informationWeek article quotes Joel Lundgren, senior advisor for community management strategies with IFS AB, a provider of ERP software: “They are frustrated because they cannot do their job efficiently. Your current communication and collaboration infrastructure is out of date and doesn’t compare with the experience of communicating with friends and family online.”
Of course, policies and procedures are necessary to protect security and maintain standards. We have noted that industry associations, such as the Independent Insurance Agents and Brokers of America were developing Best Practice guidelines including sample employee use policies. But some organizations are recognizing the limitations of control and are seeking accommodation.
Lundgren notes these organizations are beginning by identifying and meeting with people who brought in the unauthorized networks in order to “Find out firsthand what benefits they see from using the unsanctioned tool and how it improves the business.” The ultimate goal, according to Lundgren, might be to “make the unsanctioned sanctioned.”