Businesses seeking to exploit the benefits of social networks without exposing themselves to excessive security risks often contemplating rolling their own internal solutions, but such strategies come with problems of their own.
The security challenges of mass-market social networking platforms like Twitter and Facebook are obvious: staff can inadvertently or deliberately leak valuable information, and they can provide access to applications with dubious or non-existent security policies. For those reasons (and their basic capacity to waste time), they're often dismissed or banned within larger enterprises.
The simplest solution to that issue is to block access to such services entirely, but that's not a straightforward choice either. For starters, it is questionably effective given the widespread use of Internet-enabled mobile phones. More importantly, it also means that businesses can't take advantage of the positive features offered by such platforms, either for internal knowledge development or as a means of reaching out to new markets.
One emerging possibility in that case is to construct your own company-internal social networking platform. Just as the broader Internet can be usefully supplemented by a company intranet which keeps information well-contained within the corporate firewall, the logic goes, so a business can gain some of the benefits of social networking while minimising the risk if it builds its own solution.
CA Chief Executive Officer John Swainson is a firm believer in the advent of what he describes as "social networking inside the organisation", and argues that it will eventually become as common as email.
"This is not Facebook sitting up in the cloud somewhere; this is providing tools to allow your teams to interact more effectively," he said at the recent CA World event in Melbourne. "You will be forced to do this if you haven't done this already."
From a security point of view, that approach has obvious benefits: a company-constructed and managed site can be brought into line with existing Internet security policies, and membership and contributions can be managed using existing directories and related solutions. It also allows members to contribute freely without being concerned about the potential corporate benefits.
But despite such potential benefits and enthusiastic spruikers like Swainson, it may be a while before the corporate social network is as common as the corporate intranet. Longhaus analyst Sam Higgins notes that while the concept is often discussed, relatively few businesses in Australia or elsewhere had actually got to the stage of creating an effective internal social network. "It's still very early days," he told SearchSecurity ANZ.
A common fault amongst companies that have attempted it is to simply roll out a basic tool from a vendor without doing advance research into the kinds of networks that already exist within organisations, and without defining the benefits that are expected from the project.
"Lots of them do it without doing any planning or measurement beforehand," Higgins said. "So it just becomes an internal social exercise, and then you might as well let them use Facebook really. You need to have an idea of what networks exist and build to those instead."
The success of any such project might also depend on technologies that were in place long before the term "social network" was widely deployed. Higgins noted that in research conducted by Longhaus, those companies which had experienced the most success with new collaborative platforms were those which had already had other successful collaboration initiatives. In particular, businesses which were utilising IBM's Lotus Notes platform as their email system had a much greater chance of success than those using Microsoft's Exchange. Spruiking the notion of Notes as the core of your new corporate Twitter clone might seem an odd choice, but if you're determined to improve casual collaboration, it might be a fruitful avenue to explore.