Last week I was actually participating in a customer related event where we were having some really good discussions around the topic of social computing within the enterprise and, in particular, with one of the most prominent inhibitors that comes along, time and time again, when talking about adoption of these social networking tools behind the firewall: security. Yes, indeed, that one! How many times has it come out in your day to day conversations as a social software evangelist? I bet far too many! And yet, the answer seems to be relatively easy, don’t you think? Security hasn’t got much to do with the tools (Even though they seriously help out!); it’s a human trait. Security starts within the individual first and foremost. Mostly, because in the vast majority of cases related to security concerns technology is not even there!
Remember the blog post that I put together over here, a couple of months back, under the title New Technology – The Threat to Our Corporate Information, where I was referencing a wonderfully hilarious and witty slide deck put together by Norman Lamont on the silliness of security and that perhaps highlighted quite nicely how far we have taken the subject to even verge on the ridiculous? Well, today I have got something better to share with you folks…
Something I wish I had last week, when I was interacting, along with a few other colleagues, with that particular customer answering that question on the security concerns / issues behind social networking tools. I think we did pretty good though. At least, the conversations seemed to have hinted folks were comfortable addressing those concerns around security in a reasonable manner, highlighting how in most cases the security risks, or, better said, the perceived risks, are there because perhaps we don’t seem to trust all of these social tools that much, when in reality it’s the other way around. It’s about how much a business trusts their knowledge workforce to make a responsible use of all of these social tools. Something that happens most of the times, but which, despite that fact, people keep questioning it over and over again.
Well, what would happen if it weren’t down to the tools we use, but the attitude we have about them and the world around us? What if we, knowledge workers, can’t care less whether to share that rather sensitive information across with other parties, or not, because we think we just know better? What if it is just ourselves the ones being irresponsible with the usage of the technology around us and how we interact with it? Don’t you think that this wouldn’t have anything to do with those perceived risks when making extensive use of social networking tools?
I think so! Specially, after reading one of the most recent blog posts from one of my all time favourite KM, sense making and social computing bloggers: Dave Snowden. If you have got a moment, because that’s exactly what is going to take you, take a look and read “One wonders …“; it’s one of those rather short blog posts that Dave puts together every now and then, but whose very few lines are so thought-provoking and mind-blowing that one really wonders … how can *that* happen?
For the sake of breaking it through and share a tease or two with you, check out the first few lines from Dave’s post to see what I mean. It’s just priceless! It’s just one of those arguments that you will be capable of bringing up time and time again when rebutting the security question in a social networking context. It won’t fail. Believe me. More than anything else because it will highlight, pretty much, how, once again, it’s not down to the tools we use, but more the behaviours and working styles we exhibit ourselves that are the ones that can surely get us in trouble, not just knowledge workers, but businesses altogether!
Have a look into those first few lines I mentioned above, to see what I mean:
“So I am sitting in the lounge at Toronto airport waiting for a flight to Washington. Behind me a fellow passenger is phoning around her credit card companies to tell them she is going to the US and will use her credit cards. In each case she is listed her full number, data of birth and all the normal identification material. Were I so inclined this could be very useful information. To my right an Executive from a major consultancy firm is writing in plain view a proposal which includes layoff plans for a US corporation. I’ve also in the last hour overheard conversations relating to promotions, sales, deals etc. etc. […]“
Goodness!! I could not believe it myself when I was reading through the blog post (Do read the rest of it, because it’s just as entertaining!). If you read it carefully, you will see how there isn’t a SINGLE mention on the usage of social software tools as potential threat or security risk by promoting a specific set of activities and behaviours (i.e. Openness, transparency and publicness, to name a few! ). Low and behold it’s just highlighting how plenty of our daily routines (Phone calls, discussions, conversations, drafting documents, etc. etc.) do surely put us at risk, perceived or not!, because we just feel there is no-one else around us and therefore we can do everything we want. Well, that may well not be the case anymore!
Quite the opposite! If social networking is going to do something really useful for us all, it’s going to be one single key element: to highlight, and to constantly remind us, that we are not alone. That there are plenty of people out there who are actively watching, listening and taking notice of what we do; over and over again! And as such we do have to start building further on that sense of co-responsibility with our company to do the right thing! Which, I know, most folks would probably say it is all down to common sense, right? Well, Dave’s article seems to worryingly indicate quite the opposite!
I am not sure what you folks would think, but it’s blog posts like that one that are a clear reminder to us all of how much work there is still ahead for all of us, not just the social software evangelists out there, but every single knowledge worker out there who needs to keep educating their peers how security is a personal thing, a personal trait that everyone needs to nurture and treasure accordingly. That everyone needs to constantly work on realising how, after all, we are not that alone out there. Realising how, before we all notice, there is always going to be someone out there who, willingly or unwillingly, is going to be listening to our conversations and perhaps they shouldn’t in the first place. Perhaps they should remain what they were always supposed to be: private and secured!
And, for once, social networking didn’t have anything to do with it. Oh, did it? Well, perhaps it has got plenty to do with it!; after all, don’t social software tools encourage us all to listen to what’s happening out there? Maybe they will also help us understand how we can mitigate those perceived risks by having each and everyone of us walking the talk, i.e. behaving responsively with the information and knowledge that we are exposed to, and share across accordingly, day in day out, for that matter… You wouldn’t want a total stranger to know, coming out right out of your mouth!, your full credit card number, your date of birth and any other kind of identification material, right?
Neither would I! It seems it’s all about common sense eventually, is it? You decide. It’s your choice.
Technorati Tags: Collaboration, Communities, Conversations, Education, Enterprise 2.0, IBM, Innovation, KM, Knowledge Management, Knowledge Sharing, Learning, Personal Knowledge Management, PKM, Productivity, Social Computing, Social Media, Social Networking, Social Networks, Social Software, Security, Dave Snowden, Perceived Risks, Risk Management, Trust, Knowledge Workers, Common Sense
9 thoughts on “Enterprise 2.0 Perceived Risks: Myth or Reality?”
This reminds me of the many times I was sitting on a plane, able to see everything on my neighbor’s laptop screen, hearing a group of sales people refining the strategy for their customer meeting, discussing their quarterly numbers and their new secret strategy to “save the company”….
What if I have been a client or a competitor ?
I’m sure their IT dept was very aware of security issues but, in fact, the risk is not a matter of technology but a matter of people, whether they use technology or not.
Hi Bertrand! Thanks a lot for the kind comments and for the feedback! Yes, as Dennis nicely put it below, it’s situations like the ones that you describe that are indicative of the kind of challenge we face in helping knowledge workers understand what they know and how their surroundings affect how they share information across. Your examples are perfect regarding the state of things and happy to acknowledge as well the challenge is not really with the technology, but with the people themselves, making use of that technology.
Hopefully, like I said below, we can help educate those folks that they’s also a bit of responsibility coming along on what to do best with that piece of information or knowledge they will be sharing across …
Thanks again for the feedback! 🙂
So the perceived risks are really real. It’s like Pogo used to say, “we have the met the enemy and he is us”.
Or as the guns rights activists say “guns don’t kill people, people kill people” (people with guns kill people more efficiently than people with rocks).
People with efficient tools who will leak sensitive information can do it more efficiently than those armed with paper and pencil.
Hi Dennis! Thanks for the dropping by and for the lovely comments! Greatly appreciated! 🙂 Spot on!
Those are great quotes and happy you ended it up with one I would like to chime in myself as well: “People with efficient tools AND with the right education and facilitation in place will be rather efficient at protecting that secured information. Any time, any place, any where!”
Yes, indeed, we still have got A LOT of work ahead of us! 🙂
The other key point that often gets missed is there’s quite a difference between what one might do in public Twitter vs. a microblog behind the corporate firewalls.
Emails are easy to get beyond the controls, but internal blogs take more work, so good platforms make it easier to prevent accidental leaks and harder to make intentional ones.
Indeed! You are bringing in a very good point! Specially from that perspective of boosting knowledge sharing and collaboration internally in a secure environment, which is the initial stage, for sure!, in getting folks comfortable with the social tools and the social dynamics of interacting amongst groups, networks and communities, before diving into the outer world available called the Internet and explore the opportunity to improve the relationships with customers and stakeholders, amongst other groups.
It’s all in small steps, small, but rather solid and moving forward, that’s all in the mix!