Monthly Archives: September 2011

Securing Against Today’s Threats

Whether you’re working in the public or private sector, you can’t get too deep into a discussion about IT without eventually asking, “What about security?”

Organizations often use firewalls and network security techniques to ensure that people who have no affiliation with your organization aren’t able to penetrate your network and poke around in the IT infrastructure. However a most recent Wall Street Journal article indicates that it’s no longer enough to secure your infrastructure.  The idea of using a firewall to perform border control is no longer enough to protect your network.  Instead of hackers attacking the network they are launching sophisticated attacks at your employees.  Some of these attacks are geared towards using information gained from social networking applications that your employees may be using to effectively collaborate.

Ideally, companies want their employees to be able to collaborate freely without worrying about security issues. Therefore, every organization has to strike the right balance between being able to work together effectively to solve problems and being able to ensure that information doesn’t fall into the wrong hands, whether those hands belong to someone external to the company or someone within the company. Collaboration technology can greatly enhance the process of exchanging information across organizations. This exchanging of information often causes concern about breaches in security, but when implemented properly, collaboration environments can foster enterprise-wide collaboration without compromising security.

Instead of looking toward external applications to provide these rich collaborative environments, organizations should provide these rich social networking applications under their control.  This allows the organization to fully control the security of the collaborative capabilities while promoting collaboration within the workforce.

Organizations should integrate the collaborative environment to the corporate authentication and authorization services.  By connecting the collaborative environment to the corporate authentication service users gain a level of confidence that they are conversing with another person identified by the system. This helps to build a level of trust, which is a necessary component for a collaborative environment to go viral in your organization.

Next, the collaborative environment needs to be integrated with the corporate policy server. When completed, the same corporate group policy implementation also applies to the virtual environment –thus eliminating mistakes of not properly replicating policy permissions. This in itself goes a long way to building trust that the information within the virtual environment is being properly controlled. In the virtual environment, authorization determines who has access to virtual spaces and to the various features of the collaborative environment.

Protecting information internally is as serious a matter as protecting it externally. Establishing a familiar authorization scheme helps ensure trust among users as well as between user and server, thus spurring collaboration. Although this means that you have a greater ability to compartmentalize information, don’t forget that the very purpose of collaboration technology is to foster the sharing of information as freely but securely as possible. With security an even greater concern today, the balance between encouraging people to collaborate and ensuring that information can travel safely is increasingly important.

Integrating Collaborative Services

We have seen organizations begin to look at collaboration as a series of services instead of a stand-alone capability.  What do these organizations need to do to deliver collaboration to the users? It is actually as simple as figuring out which web-based applications you want to add collaboration to and what collaboration services to add. The trick is to choose the applications and arrange the services to allow for the critical mass necessary to have the collaborative environment go viral. Here are some basic steps that work well:

  • Eliminate the barrier to entry for the user community by tightly integrating with your corporate identity management solution.
  • Take an inventory of the web applications most widely used by your organization.
  • Decide which collaborative capabilities should be integrated into the most used applications.  Choosing the most used applications will get you the critical mass necessary to have the collaborative environment go viral quickly.
  • Work with your super-users to incorporate collaboration at a deeper level to improve the user experience.
  • Work with individual users to determine how the collaborative capabilities they need can best fit into their specific web applications.
  • Achieve advanced integration using available APIs.

It might sound like this step-by-step approach will take more time than standing up a single vertical solution, but in actuality, collaborative services should be able to be stood up and running in a relatively short period of time. You already know that your existing web applications function well for you and meet users’ needs. With collaborative services, you’re merely enhancing the functionality and since you can pace yourself and prioritize applications, you can more or less get started overnight. Because you’re starting with what you already have and with what already works, the process is actually far simpler than starting from scratch.

Workplace Communications Favoring Real-Time Tools

In a recent article on Information Today, a survey developed by Robert Half Technology found that more than half (54%) of chief information officers (CIOs) interviewed recently said real-time workplace communication tools will surpass traditional email in popularity within the next 5 years.  According to Robert Half Technologies, this shift will benefit the workforce through speed, convenience and social networking. What should CIOs consider when looking for real-time workplace communication tools to ensure that their use goes “viral”?

If your organization is like most, you have access to collaborative technologies but technology isn’t used to it’s potential.  The most common reason that collaboration technology rarely seems to get much use in most organizations is because most business and government leaders think of collaboration technology as a product instead of a service. Collaboration technology doesn’t have the same characteristics as a specialized application, such as an accounting application. It’s something else entirely. What would happen if we thought of collaboration technology as fitting into an organization horizontally rather than vertically.

For example, organizations use an authentication service such as Microsoft Active Directory to manage entities and relationships within a network and provide information security for user access to network-based resources. Other applications on your system can connect to the authentication service using Lightweight Directory Access Protocol (LDAP), and the service does the authentication and provides authorization information for the entire application or various features of the application. It provides one location for managing user information for authentication and authorization. The IT department manages user information in one location and the end user experiences a single user name and password to access network resources. With a single service, chaos is replaced by ease of use.

The Active Directory service works horizontally across the entire organization. Whether a user is launching a human resource application, an accounting application, a sales application, an engineering application, or anything else, the authentication service is integrated so that the user’s unique log-in works across all applications.

If you buy a new accounting program, it solves a very specific problem for the Accounting department alone. It fits vertically into the architecture of your organization so that it affects only that one specific problem without influencing other parts of the organization. It doesn’t interact horizontally with the HR software or the sales software—or anything else, for that matter. And that’s probably a good thing in that context. It doesn’t need to interact with other pieces of the puzzle; it just needs to do its singular job well by serving the needs of the CFO and the accounting staff. Conversely, the singular job of collaboration software is to interact well. So why have we gotten accustomed to accepting it as a vertical puzzle piece that plugs into the architecture without touching anything else? When you think it over, that doesn’t actually make much sense.

Imagine collaboration as a horizontal software application, connecting all those independent applications. Imagine collaboration performing the same way authentication services function. The same service is embedded in your HR application, in your accounting application, in your sales application, and so on. Now these applications can function in conjunction with one another. More importantly, employees using these separate applications can interact with one another.