In-Depth

Making IT Social

The flood of social-networking technologies rushing into the enterprise is forcing IT to become still more flexible.

• By Peter Varhol
• 06/01/2008

On top of that, more than half of the staff who are under 30 have an iPod. They want to be allowed to install iTunes on their office PCs, and they're indignant that they even have to ask. Blackberries and iPhones are sneaking in the back door, despite your steadfast refusal to route e-mail to them. You look the other way as a torrent of YouTube videos make their way into the office and cringe at the wasted bandwidth.

You may be sanguine about these lapses in IT policy. It's only a passing fad, you may say: Users will have their fun, get it out of their systems and return to their work. Unfortunately, that's not going to happen. These technologies represent a sea change in the use of IT resources, perhaps more significant than the shift from client-server to distributed Web applications in the mid-1990s.

"It's a wave bearing down on IT," says Michael Dortch, senior analyst with the Aberdeen Group Inc. "You can surf it, or you can drown."

Think of this trend as the "consumerization" of the enterprise. There used to be a strong line of demarcation between what people did with computers and electronics at home and what they did in the office. Today that line is blurred as workers find new and productive uses for consumer apps and electronics in their professional roles. It's increasingly up to IT to let them do so. Consequently, this has raised conflicts in how IT has traditionally managed computer resources.

For example, it may be clear to you that you have to ban the use of YouTube and similar streaming video sites. From a traditional IT perspective, streaming video services are a bad thing. They eat up bandwidth and cause loss of productivity by workers who spend their time viewing them. These are factors that IT has traditionally monitored in the enterprise.

Keep Your Enemies Close
Just down the hall, the marketing department is testing concepts to reach different audiences through YouTube videos, your salespeople are using YouTube to distribute product demo videos and public relations is taking customer videos of success stories and publicizing them online.

You and the rest of the IT department can still shut it down, of course. You may have the authority and political clout to make that decision stick, but you'll do yourself and your enterprise no favors.

First, you close off a direct connection to customers that's increasingly essential to doing business. Second, you prohibit your company from leveraging technology in ways that most of its competitors are already doing, in effect putting your business at a competitive disadvantage. Last, you discourage the brightest and most innovative workers from doing what they do best: working together, trying new things and trying to make those ideas pay off. They leave and take that business advantage with them.

It's not just the young and mobile professionals who are changing the scope of IT. Seasoned professionals also mix their work and personal lives to a surprising degree, making similar demands on IT.

"I have Quicken on my [business] laptop," explains Steve Morton, vice president of product management and strategy for Symantec Corp.'s Security and Endpoint Management Group. "It's not IT approved, but when I travel, I have to take care of such matters at night."

The World Has Changed
This didn't happen overnight. Part of it comes from a generational shift, as those who were the first generation to grow up with sophisticated consumer electronics and computers enter the workforce. The chances are good that today's new college graduates don't remember a time without cell phones and computers. Gadgets have become an integrated part of their lives.

"My [teenagers] communicate with text messages even if they're sitting across the table from one another," says Linda Musthaler, principal analyst at Essential Solutions Corp.

Another aspect comes from the steady blurring of people's professional and personal lives. Because today's professionals communicate with colleagues across the globe, work tends to span both evening and early morning hours, to say nothing of the weekend. If you're sitting at the kitchen table for a 5 a.m. teleconference with India, then you expect to be able to take a break to update your LinkedIn connections at noon in the office.

Yet another reason is that consumer technologies have made greater strides in power and utility than many traditional enterprise systems have. Smartphones, MP3 players, digital voice recorders and other gadgets serve specific needs for both professional and operational employees.

What does this have to do with IT? First, IT bears a significant responsibility in recruiting and retaining workers through deploying innovative technology. It's likely no one has ever told you IT can be a recruiting tool, but it's true. Young professionals will work for the organization that is most compatible with their lifestyles. Second, you have to help your workers produce a greater quantity of higher-quality work than your competitors. That means you have to direct your technology efforts to enabling ready communication and feedback.

"What are your objectives?" asks Aberdeen's Dortch, referring to the needs of business. "One: growth; two: cost containment. It's about the business people gaining the keys to the kingdom regarding how IT is selected, managed and deployed. That's the real reason why everyone should care about consumer technologies in the enterprise."

Security remains an issue. Many IT groups often see system and network security compromised as the business reaches out to its customers more directly. Threats can come from two different areas. Enterprise end users might install unapproved applications and data on a company's system. In doing so, they open those systems to unauthorized access or malware. Also, collaboration and feedback mechanisms in the company or product Web sites might provide a means for a malicious user to gain access to network resources.

Both concerns are valid, but aren't substantially different from the issues IT has faced over the last decade. Unless IT takes all control out of the hands of users both problems remain -- at least to some degree. On the other hand, a completely centralized approach is likely to cost many enterprises their best and most creative employees. It may also put the enterprise at a disadvantage relative to its competitors.

Strategies for Adapting
Enterprises are working on a number of strategies to bridge the gap between rigid IT policies and today's social networking realities. Aberdeen's Dortch describes one company that provides funds for its employees to buy their own work computers, giving users more control over their system configurations.

"The company publishes a set of minimum specifications, and gives each employee an allowance," he explains. "They can buy the minimum system and pocket what's left, or get as high-end a system as possible."

This approach brings up questions regarding help desk and technical support issues. It also seems to negate any bulk purchasing of PCs. However, most companies simply have ongoing purchase agreements with a preferred vendor, and buy only a few systems at a time.

Application virtualization and streaming technologies -- such as those from Symantec and Microsoft -- can also help with support by limiting the impact of non-standard applications on system configurations. By installing a virtualized iTunes, for example, users can get access to the Apple Inc. music store from within the firewall without causing changes to their system configuration.

Others are working closely with their lines of business to make sure technology supports new ways of working. Ringside Networks Inc., for example, is offering server software that integrates social-networking features into the enterprise that enable the business to connect more directly with its customers.

Another vendor, inCampus Inc., is attempting to provide a service the founder and CEO Saqib Rasool calls "social commerce." inCampus is attempting to establish connections among college students and between those students and businesses so that commerce of different types may develop. Applications like inCampus may make it possible for an IT organization to do business at this level without sacrificing the direction of their infrastructure.

With its Community Server, Telligent Systems is attempting to bridge the gap by employing technologies that are familiar to IT shops. "We use the Microsoft stack, including ASP.NET, C# and SQL Server," says CEO Rob Howard, himself a former Microsoft manager. "We talk to IT sooner or later among our customers, and the majority are already Microsoft shops. We explain that they're already using these technologies in their operations."

LiquidPlanner Inc. is building a project-management platform that may be more in tune with the increasingly collaborative nature of work today. LiquidPlanner lets all project participants use the software as the focal point for the project. Besides hosting a schedule, the project site acts as a wiki for project-related goals, opinions, ideas and informal history. The team can use it to make announcements, send messages among team members and in general float ideas and strategies.

To some extent, new types of software and approaches to working require users who are comfortable with the technology and understand how to use and take care of it. Users have to take on a greater responsibility for the integrity of their own systems and, by extension, the integrity of the servers and networks.

If you believe they're not capable of doing so, you might be surprised. Young professionals have spent years with computers and are well aware of the dangers and pitfalls of opening systems to untrusted data and apps. In fact, the bigger issue may be with older, non-technical professionals and operations staff who may not have had the need or opportunity to develop comfortable relationships with technology.

However, it's also likely that the latter will have less interest in personalizing their desktop systems, making the more adventurous users also the most knowledgeable and capable.

Plan for the Inevitable
At the end of the day, what is IT's responsibility in regard to social-networking policy? The IT group gets the brunt of criticism when the IT infrastructure is too inflexible or locked down, yet it also gets the blame when there's a network breach and data loss.

Here's a general prescription:

1. Get over it. The criticism and blame come with the territory. Decide what you want IT to stand for in your organization, and then direct your efforts toward fulfilling that vision. There are compromises every step of the way, but don't take the easy way out by just prohibiting what you don't understand or haven't done in the past.
   
   
2. Take the lead. If you don't understand the IT needs of your organization until the workers come to you, then you're an obstacle, not an enabler. IT should be among the first in the company to try new technologies. That doesn't mean you need your own Facebook page, but it does mean that you have to research what others are doing. If you haven't done that by now, you're simply not doing your job.
   
   
3. Communicate and collaborate. This is what the Gen-Y and millennial professionals are doing. IT has to get into the act. You must maintain a steady conversation with your young professionals, and make an honest effort to know them. Most importantly, you need to observe how they work. You might be shocked at first, but that's the kind of workplace you have to support now.
   
   
4. Protect, but also serve. It's a difficult balance to achieve, but you really do have to provide your enterprise with a competitive advantage. At the same time, you have to make sure you don't enable network compromise and data theft. To do so, you have to examine the social-networking and collaborative technologies as they emerge, and develop contingency plans to deal with their weaknesses. Don't assume that prohibiting their use is a strategy that will make you look good to your corporate masters.

In a larger sense, this "consumerization" of IT has just begun. Social trends, new technologies and a workforce that hasn't known anything else are coming together to put pressure on IT to make consumer technologies work in the enterprise and make them safe to use.

IT may look dubiously at iPhones, online communities, file sharing and similar technologies that had origins in the consumer space, but it's no longer possible to ignore or prohibit them. You need a plan of adoption, focusing on business requirements and the needs of individuals in meeting those requirements. It almost certainly won't be a perfect plan, but you knew that all along, didn't you?