Fear of Web 2.0
Enterprises continue to adopt web technologies and 'web 2.0' trends, but there are two common threads to this adoption. One is that web technologies are step-by-step being adopted by enterprises, but they aren't yet ready to usurp many desktop software apps. The Google Apps vs Microsoft Office debate currently raging is proof of that. The second thread is that enterprises have a fear of web 2.0 tools being mis-used by their employees. I was recently in a TV news segment in my home country, answering the question: should Facebook be banned in the workplace? (for the record, my answer was no!).
Forrester Research has just released two reports that address this 'fear of Web 2.0' (my term, not theirs). The first report is entitled 'Web 2.0 Social Computing Dresses Up For Business'. The executive summary first neatly defines the value of Web 2.0 in the enterprise:
"It’s the ability to more efficiently generate, self-publish, and find information, plus share expertise in a way that’s so much easier and cheaper than earlier knowledge management attempts."
However the report goes on to caution that web 2.0 risks (and opportunities) must be assessed in regards to reliability, security, governance, compliance, and privacy - all common concerns in the enterprise. Forrester gets to the nub of the issue a little later in the paper:
"Web 2.0 tools have almost certainly already entered your organization under the radar through unsanctioned employee usage. This raises the stakes and criticality of taking action sooner rather than later."
The terms "unsanctioned", "raises the stakes", and "criticality" all point to a fear that enterprises will be somehow undermined, threatened or taken advantage of by the humble employee. Or perhaps it's just the garden variety 'fear of the unknown'.
Embrace Web 2.0 - But On Our Terms
The solution, says Forrester, is to embrace web 2.0 - but "on your terms". They recommend that companies create "Web 2.0 policies and usage guidelines". Also companies should bring secure and compliant Web 2.0 tools in-house. This is all sound advice, as long as it's not taken to extremes - e.g. banning web apps (unless there is a true security or compliance risk - but Facebook for example wouldn't qualify there), preventing employees from experimenting with new forms of web technologies, or dismissing web 2.0 as having no business value.
Thankfully, it looks like businesses are seeing value in web 2.0 tools and technologies, judging by the following Forrester graph:
Adopting Web 2.0
The second Forrester report sent to Read/WriteWeb was entitled 'Passionate Employees: The Gateway To Enterprise Web 2.0 Sales'. It addresses how to get corporate employees to adopt and use Web 2.0 tools - such as blogs, podcasts, wikis, RSS, and social networking - in their daily work lives. While there are always early adopters in any company who will willingly use new Web tools and technologies (I used to be one of them!), there are many more who don't. Forrester puts the current figure of people using Web 2.0 tools in the enterprise at 15% - and usage is higher at smaller companies.
There could be a lot of reasons why employees don't use web 2.0 tools. What I found surprising in Forrester's report was that IT decision-makers appear to be quite happy that only 15% of employees in their company use web 2.0 tools. Consider this passage from the report:
"Seventy-eight percent of the IT decision-makers we spoke with said that their departments were concerned with employees bringing Web 2.0 tools into the enterprise on their own (see Figure 1-2). And why not? Unsanctioned employee use opens up a Pandora’s box of computer security risks, intellectual property risks, eDiscovery noncompliance, and even potential breach of contract in cases where customer data leaked outside the firewall. With readily available consumer services — think Google Docs and Spreadsheets and LiveJournal — and low entry cost SaaS (software-as-aservice) solutions — think Socialtext wikis and Teqlo mashups — there is a lot for IT to fear."
(emphasis mine)
Conclusion
It's clear that enterprises, or to be more exact IT decision-makers, still fear web 2.0. Yet they also see the value in it. So their natural inclination is to control the situation - only allow sanctioned web software in and enforce policies that limit use of web 2.0 technologies. That way, IT decision-makers reason, the company still gets the benefits of web 2.0 - but without the risks.
Yet web 2.0 is all about open-ness and collaboration. The latter is particularly important in enterprises. The real reason why IT fears web 2.0, as John Martellaro pointed out recently, is that it upsets the historical need for control and power in IT departments. The above graphs and data points from Forrester show that the reason web 2.0 is finding it difficult to penetrate the enterprise is not that IT can't see the value in it, but that they fear it may erode their control and power.
The answer may in part be ensuring that web 2.0 tools are secure and compliant, but equally it's going to take a change in mindset from IT to allow employees to collaborate and experiment. What do you think of the current state of web 2.0 in the enterprise? Have you seen signs that IT is opening up, losing its fear a little?
Share3 TrackBacks
TrackBack URL for this entry: http://www.readwriteweb.com/cgi-bin/mt/mt-tb.cgi/1618
Comments
Subscribe to comments for this post OR Subscribe to comments for all ReadWriteWeb posts
I think the mistrust of Web 2.0 applications may be grounded in a fear of the unknown, but the skepticism is certainly valid. Trying to compare Microsoft Office and Google Apps is ludicrous — one is a established and useful tool, the other is a web application painfully lacking some vital features. Not until the RIA landscape is far more developed (most likely with Google Gears at the forefront) will widespread trust and adoption of these tools take place.
Another thing that scares people is the empowerment of so far silent people to communicate and spread opinions and ideas through Web 2.0 social media tools.
I think as Web 2.0 evolves and we begin to see useful apps that can adequately take the place of offline traditional office apps, we will see a lot of power shifted to smaller, private, early adopting businesses that have nothing to fear and don't have to analyze and assess everything to bits in the name of shareholder primacy. That's what is so interesting about this day and age. The speed of change is so quick in today's economy, but the giant monolithic multinationals with huge market share at the moment are eventually going to be chipped away at by smaller companies who are malleable enough to adopt new tech with the required speed for the marketplace. This fear of change on the part of larger companies is one that will have to be overcome for success in the future business world.
Enterprises will always want to have a balance between how they 'used' to do things, and 'new' technologies. They definitely wont be the firsts adopters of web 2.0 tools.
this fear is v bullish web2.0
I think the fear is more around having company data hosted on websites not controlled by the company.
Love the post, Richard!
There's a lot that companies can do around Web 2.0, and shying away from the opportunity all together through paranoia is the worst answer. See my blog for more:
http://smoothspan.wordpress.com/2007/09/17/whos-afraid-of-web-20-what-to-do-about-it/
Another thought. If companies are indeed worried about company data being in others hand with 2.0 tech, the first place to experiment would be internally. Kind of like companies adopting intranets and then branching out.
This has little to d with empowerment or irrational fear and more to do with the nature of enterprise IT.
IT is usually responsible for information security. So what happens if they signoff on Google Apps... and someone places confidential information and some bright spark figures out a way to hack GA and get that info? Yes, a low percentage issue... but it's the kind of thing IT is paid to think about and the fact is that they DON'T control the GA (or Zoho, etc) environment. From a business manager's perspective, you look at GA and think - "whoa what if someone click Publish instead of Share?"
Also larger business are subject to a fari amount of compliance regulation - for example, can a health care company use a web office application and be in compliance with HIPAA (a US health privacy law)? Do these apps allow compliance with other, relevant laws? You can bring certain of these technologies inhouse (wikis, blogs) but others are remotely hosted SaaS applications only, so they can't be launched as internal initiatives first and expanded later.
The biggest problem is how readily accessible personal information is that people give out on social networks. It's now coming back to bite them and in some cases , they have no control over it since they either lost access to the info they need to login and change it, or it wasn't written by them.
rick, you raise some excellent points. Bob Warfield's recent posts address some of those concerns. I'd only add that it's true that security and compliance are crucial for enterprises and this is something the likes of Google Apps, Zimbra, Zoho et al need to put double time and effort into. But there's nothing to suggest the likes of Google Apps can't provide a SLA that covers security and compliance. Right now the following T&C doesn't seem quite there yet -- but I'm no lawyer, so if anyone has more details on this...
http://www.google.com/a/help/intl/en/admins/premier_terms.html
The enterprise is DYING for web 2.0 features not necessarily all of web 2.0, and are getting them to some degree. Social bookmarking (scuttle), blogging (drupal, et al), wiki (, and others have all found their way into the enterprise and will continue to do so. Furthermore, ent 2.0 will evolve to the extent that mashups can be created behind the firewall. As for GA, I think its unlikely that there will be too many enterprise takers regardless of who Google partners with http://www.capgemini.com/google. As for SAAS providers like Salesforce, they have great track record for info security, data portability, and well established release cycles. GA fails the test on privacy, data portability, and release schedule. Don't get me wrong, I think that the long-term tech outlook for the enterprise adoption of Web 2.0 is rosy. Collaborative apps are being used more and more as the enterprise begins to understand the efficiencies it can create; but liability, data security, intellectual property rights, uptime, and compliance will all remain valid concerns.
I work with a large number of independent software vendors who provide software to 'Enterprise' organizations. Many of these companies have customers clamoring to take advantage of Web 2.0 features (IM, Wikis, Blogs, RSS, etc) as tools to better server and communicate with their partners. The current popularity and demand for SharePoint and other technologies that enable such features is further evidence of the appetite for these Web 2.0 technologies.
I would content the Enterprises do not have problems in the main with adopting and utilizing these technologies on their own terms. The fear comes from unplanned and unregulated use of tools that are not sanctioned and beyond the companies control.
I have heard of several instances where 'internal' material from one enterprise or another was posted to blogs and forums. This creates corporate anxiety and potential legal issues.
Having said all this, these technologies are largely like a force of nature. They are not going away, and most organizations will have a hard time precluding their use over the long run.
As always Enterprises will adapt.
I would content the Enterprises do not have problems in the main with adopting and utilizing these technologies on their own terms. The fear comes from unplanned and unregulated use of tools that are not sanctioned and beyond the companies control.
I have heard of several instances where 'internal' material from one enterprise or another was posted to blogs and forums. This creates corperate anxiety and potential legal issues.
Having said all this, these technologies are largely like a force of nature. They are not going away, and most organizations will have a hard time precluding their use over the long run.
As always Enterprises will adapt.
yes , the firms are adapted what webmasters want. :(
and web 2.0 is not search engine friendly...
As always Web 2.0 will challenge the existing power structures within corporations. Few existing officers of formal power in the corporation (read CIO or CEO), have any idea of the brains that can be harnessed withing their strata of employees, and certainly wiki power will only serve to undermine their centralized control. How can you supplant central executive control with employee creativity and anarchy?
Well, everyone has their opinions. As for banning social networking sites in the workplace, my answer is no. The fear about the facilities that web 2.0 brings comes up from the fear about new technologies. here in India, Many small companies are trying and maintaining an online presence, and that makes a good PR also.
The banning of social networking sites in the enterprise is often a restriction on people spending time on sites that are not of benefit to the organisation. Hours can be lost in trawling content and organisations need to control what employees are spending their time doing while at work.
"The Google Apps vs Microsoft Office debate currently raging"... last time I checked this wasn't a raging affair. Microsoft still wins hands down. Maybe in a few years this would be more accurate.
The focus on the enterprise is premature IMO. There is adoption going on in the enterprise but only in the most experimental and pilot-program sort of way. The enterprise doesn't need to rush into adoption of 2.0 – in fact they don't rush into much of anything – it's antithetical to good corporate governance and fiduciary responsibility to shareholders.
There's too much eagerness to cast Web 2.0 vs. Microsoft as a here-and-now battle for supremacy. Any student of technology history knows that this is rarely how things play out. The defections from the dominant standard (MS) take time and happen in subtle increments that only become lear with 20-20 hindsight.
Zoho know this – that's why they were so pointed in stating that Zoho Business is not an enterprise offering. Google's feints and dodges are as much about building brand visibility and keeping Microsoft guessing and off-balance as they are about building any kind of substantial revenue model in the short term. Other significant 2.0 players are partnering or being sucked up in M&A (witness yesterday's purchase of Zimbra by Yahoo!) actions.
No – the more immediate battle will be in the early adopter, small business, and education markets. That's where we should all be focusing to see the emerging trends. Not in the enterprise.
Last night I was at a CEO dinner thing and the FBI was there telling us about all the foreign government backed companies (read China) that are conducting economic espionage in the U.S. I guess the FBI has to have something to focus on as we lose the drug war and run out of U.S. based terrorists to screw with. Anyway while I think the concern at a national level is overblown, it is reasonable as a leader of a company to be cognizant of how you might minimize (reasonably) the risk of trade secret loss to other entities (wherever they are). Web2.0 technologies - any new communication technologies - exacerbate the problem. They just do. That doesn't mean they're bad per se, or that you should ditch the baby with the bathwater, but IT's job is security and you shouldn't bitchslap them for doing their job.
Curt,
You bring up an interesting point in managing sensitive information when using Web 2.0. We've spoken with many different companies that are worried about having confidential information or intellectual property hitting the public realm, particularly when using wikis and blogs. The financial services sector is really worried about this, especially with regulation like SOX, GLBA and the SEC. We've put together some white papers about these concerns and how companies can address them - http://techrigy.com/White_Papers.php. Hopefully in the next twelve months Web 2.0 will be able to hit mainstream within the enterprise.
Web 2.0 brings the world a human-to-human (H2H) network. It fixes a traditional disconnection between web readers and web writers.
On the other hand, Web 2.0 does not provide any trust layer to protect information leak. As we know, however, such a trust layer is very difficult, if any possible, to be built in a human network. Since Web 2.0 basically connects people who use the World Wide Web, it is almost hopeless to set up information-flow barrier while at the same time maintaining the advantage of Web 2.0.
But we may gradually solve this problem with the evolution of the Web. One resolution is to allow virtual human representatives (machine agents) to share information other than directly letting humans share information. Comparing to real humans, we can much easier control information sharing between machines. This is thus basically the dream of Semantic Web.
-- Yihong
I'm a programmer but I recently changed careers and moved into the online marketing space. It was amazing to witness how the IT department there was scared+skeptical of Web 2.0. It was definitely the loss of power/control that they feared, but it was coated in words such as reliability, security, compliance, privacy etc.
I completely agree with the need for the above in enterprises; these are essential considerations. But I believe many IT depts. are terrified of the impending loss of power, and this is not something they want to admit.
I encourage a lot of regular folks and businesses to collaborate using web 2.0 tools. I actually just linked to your article in a Google Docs tip on collaboration for the "slower to adopt" set for my syndicated column/blog. Not a single person who I introduced to collaboration has mentioned to me "what about this legacy application?" I think that is the most interesting trend.
http://www.dkworldwide.com/techlife/archives/2007/09/19/google-docs-how-to-share-your-work-announce-changes-to-your-google-docs/trackback/
All this talk about corporate deployment of Web 2 is interesting...and I am sure it will win more converets. However it important to remember, that even in Singapore...considered a farily IT savvy nation, many business still limit email access and web access to selected individuala and not across the board.
It will be interesting to look at the adoption rates over a whole the whole pyramid of activities
ISNT IT THE NEXT STEP FORWARD, LIKE SO MANY OTHER THINGS YOU EITHER EMBRACE IT OR GET LEFT BEHIND, THE BUSINESS I HAVE GOT INVOVLVED IN IS WEB2.0,
IF OUR ANCESTORS DIDN'T EMBRACE THE WHEEL WHERE WOULD WE HAVE BEEN AS AN EXAMPLE.
I DON'T LIKE CHANGE BUT IT IS A FACT THAT WHETHER IT IS GOOD OR BAD IT ALWAYS HAPPENS YOU CAN'T STOP CHANGE.
Anyone here old enough to remember the "outsourcing" dilemma of the late '80's, early '90's? The whole of the IT side of organisations was outsourced to Prime Contractor organisations. There was a lot of fear then, that EDS and IBM and DEC wouldn't understand compliance etc.
email also created a storm in the mid'90s. What if people emailed around sensitive documents?
For me, it's more interesting to focus on companies who use web 2.0 behind the firewall - replacing email, knowledge management and documentation systems with wikis for example. As large non-tech companies (such as mining area of Thiess) go public with their acceptance of web 2.0 internally, the scaredycats will surely follow? so yeah, there's one example for you. :)