How enterprises will deal with the growing web2.0 services available freely through port 80 and 443 on their firewalls? I perceive that enterprises will be hiding behind policy documents which state though shalt not, must not, do not, action will be taken.
Well if you are anything like me the security policy is still in that “to read never” pile and if you are lucky I’ve read some parts of some corporate emails on security. I wouldn’t class myself as a rule breaker so I guess I’m common amongst employees.
So what should I do when the day comes that a business partner wants me to collaborate and use a hosted web2.0 service? I think at that point I’ll have to take a common sense approach and ensure that I only post data up there that I’d be willing to email to the partner anyway. So how could corporate’s deal with web2.0?
Well the simplest way is if you want control put something in place that allows users to easily deliver web based teamspaces and IM federation (not too worried about email as we have that now already so I can’t see any scope in a web2.0 service that delivers email on top of my corporate email). Make the provisioning of the provisioning of the teamspaces simple, make the provisioning of user accounts and permissions simple (if it takes more than 2 minutes to configure a workspace and users then there is a problem for me). Finally IM federation – this is key. If I were the customer and could see presence information and IM my contacts within the partner organisations then I’d be very happy.
In the long run however I can’t think of any large organisation which will be without disrupters using the latest internet based tools for collaboration. Instead of factoring all this new technology out by policies and rules organisations could use the data they hold on their corporate firewalls to see what services their users are demanding and then consider how to integrate these services into their offerings (either internally, in DMZs or direct from a service provider on the internet).