For some companies, the only thing more worrisome than having sensitive information get out is allowing it to get in. Each successive generation of Internet applications seems to bring with it something for corporate gatekeepers (generally, but not always, IT) to be afraid of.
A report last year by Internet security company Barracuda Networks indicated that just over 50% of its customers used the company’s products to block employee access to MySpace, Facebook, or both. What’s unfortunate is that companies are turning to security vendors to solve what is most likely a productivity issue, or may be no issue at all.
The latest social network to spill over the corporate firewall is Yammer, winner of the best of show award at this year’s TechCrunch50 event. Yammer describes itself as “a tool for making companies and organizations more productive through the exchange of short frequent answers to one simple question: ‘What are you working on?’” It is similar in function to Twitter or Facebook status updates. According to TechCrunch, “There is such a huge demand for this type of service that 10,000 people and 2,000 organizations signed up for the service the first day it launched.”
According to a report earlier this year by Comscore, "The number of worldwide visitors to social networking sites has grown 34 percent in the past year to 530 million." In some regions, such as the UK, social networking sites account for more than 75% of all web traffic. Clearly, the social networking phenomenon is here to stay. It is how people like to communicate online. So why expect that to change when employees start their work day?
With the possible exception of pornography and documented security risks, employee access to external Internet sites, or any kind of information, should be controlled with policy and education, not technology. Employees know when they are being blocked, and they can’t help but feel that the company doesn’t trust them. Most companies have very clear policies on what content employees can and cannot view on company time, and, download, store, share or access on their company-owned computers. In many cases they have granted the company the right to monitor their Internet traffic to assure compliance, and the company can enforce these policies with verbal and written warnings, disciplinary actions and termination if it so chooses.
IBM, for example, has a very well thought out Social Computing Policy that, instead of banning access to social networks, informs employees, suppliers and others as to what the company views as appropriate use. Is it surprising that a “traditional” company, established in 1896, has such a progressive outlook on social media? Or maybe that gives us a clue as to how the company has adapted and survived for over 100 years.
Attempts to shield employees from “harmful” information are nothing new. One Fortune 500 company discouraged employees from viewing the company’s quarterly earnings web cast because, according to one communications VP, “the executives might say something that would upset the employees.” (This policy was also no doubt intended to improve productivity, and to limit bandwidth headaches when the company’s sizeable workforce all attempted to watch the web cast simultaneously.)
In another situation, a large IT company decided to provide streaming video coverage of a product launch, which could not be viewed inside the company, because its IT organization routinely blocked all streaming video, regardless of its source.
The net result of all of this can be a knee-jerk IT response that keeps people from communicating with others in the ways they find most useful and engaging. All of the fun, and with it most of the incentive, has been sucked out of internal communications in many companies. Yes, of course, there are productivity issues and people do indeed often spend far too much of their time on social networks like Facebook, MySpace, and Twitter. And some people are truly addicted to them.
Some companies are responding by saying “we’re not here to have fun -- if it was fun they wouldn’t call it work.” Other more forward-looking, and more pragmatic companies have come to recognize that human nature is what it is, and companies need to create communications tools that engage, and stimulate employee adoption and usage, not because it is mandated, but because it is useful and enjoyable.
Recognizing this, many companies are introducing internal “clones” of popular social networks, like Pfizer Pharmaceutical’s Pfacebook, and IBM’s Twitter clone, BlueTwit. Still other companies have found even more creative ways to make communications something employees like to do, by using streaming video, internal blogs, and even communications tools with simple video gaming capability built in as a “hook” to engage employees.
So which strategy is most effective? If you block all external social network access with technology, it will feel like the problem has been dealt with, and from an administrative standpoint, maybe it has. But there may be fallout, such as employee discontent, and in time, there will be hacks and new applications to get around corporate IT blocks. Ultimately, it comes down to policy, education, and how you choose to empower (or not) a trusted, adult workforce.
It’s still too early to say that companies that don’t embrace social media “don’t get it,” but it is clear that allowing access to social networks within a framework of trust and appropriate use will free valuable resources for better use, and will improve employee morale and productivity.