Web based applications are all the rage these days. Social networking apps, Web based office suites, online Maps, chat clients like Meebo, etc, are winning eyebealls, hearts and minds left and right. It’s not surprising considering all the benefits. Users find it hard to turn down the portability and simplicity of this cloud style computing. Just add Internet and go. It’s good for everyone right?

Perhaps, but perhaps not. As a number of CIO’s are discovering, these web-based phenomena are accelerating a loss of control over what applications can and cannot be used on the corporate network. The result is that many organizations are exposing themselves to a whole myriad of undefined and uncontrolled security and continuity risks, while other organizations attempt to block out all web apps much to the chagrin of their employees, many of which are using them for legitimate purposes.

Palo Alto Networks published a white paper looking at the issues that non-approved applications, both web based and other, create for corporate networks. This paper placed much of the blame on software developers, lamenting how port 80 no longer carries only web-browsing traffic, but has become the default port for a wide variety of applications, making port based filtering all but impossible. As a result, it’s more difficult to monitor the flow of data and information from the corporate network to the outside world.

While considering the impact these applications could have, I came across a blog post about some companies banning facebook, silicon.com reported that the company 192.com had decided to ban facebook after finding that various apps from the site were clogging up 40 per cent of the company’s available bandwidth. There’s no doubt if something like facebook is gobbling up your network then it’s also eating away at your employees’ productivity. Facebook isn’t the only culprit though – streaming video from places like youtube, and to a lesser extent, audio from Internet radio also can impact bandwidth and productivity.

Many companies are responding like 192.com, with outright bans to sites like facebook, youtube, or gmail but unhappy employees aren’t going down with out a fight. Palo Alto found that many employees were using HTTP proxies, or anonymity software like TOR to get around IT’s restrictions. Many IT departments haven’t even be able to exorcise the red-headed step child of the IT world, P2P, despite the fact that it’s been on most companies’ blacklists for quite a while.

Some companies have taken the opposite approach, letting their employees have a app free for all make them responsible for the consequences. A Wall Street Journal blog post from last August discussed a policy like this in place at DOW chemicals. Though the company monitors what employees are using, they don’t step in until a technology has proven itself useful, and then they try to extend its adoption into other parts of the company. If an application does cause problems, blame is placed on the user that installed it, though the post doesn’t explain just exactly what that means.

The WSJ seems to praise DOW’s unorthdox approach, but is rather quiet on specific consequence, both good and bad, that have resulted from this policy. And it’s difficult to see how DOW’s strategy would help companies like 192.com who find unauthorized web apps creating serious bandwidth issues.

What seems to be a better approach is some sort of mixture between and out right bans and total freedom. With the working world increasingly making its way into employees personal lives, we should expect that personal life is going to bleed right back into the corporate world, meaning that outright bans are likely to fail under the weight of cultural resistance if nothing else. As a result, companies should be clear about what sorts of personal activities and applications are allowed and how much time employees can devote to their use. In a move to try to provide balance in the workplace, some companies are using designated kiosks, to be used on breaks for personal activities, creating a potential compromise by giving users access to the apps they want in an enviroment that discourages spending too much time or company resources on the sorts of personal activities those applications enable.

What then about unauthorized applications used for business purposes? Instant messaging (IM) or Enterprise meggaging (EM) is becoming more and more of a business tool as a well as a social tool, so how do companies deal with that? The best bet is to give your employees what they need to do work they way they find best, while making sure the tools keep them focused on business related activities. That may mean banning general IM tools like AIM and Meebo, while deploying your own Enterprise Messaging system to securely connect those within the corporate network. These EM solutions deliver increased efficiency in a secure, encrypted manner and can be deployed nearly immediately through hosted offerings (like that which Engage offers). This strategy can help solve some of the monitoring and security issues too, since your organization regulates and may monitor the system on which all that communication is happening, rather than the organization’s communications going out across the Internet without any visibility.

The same sort of thing may work for social networking sites, or collaborative document editing tools. The basic idea is take the functionality that your employees find useful and make it a corporate offering under your organization’s control, designed to work best with your business need. Don’t dam the river, cutting your employees from productivity enahcing tools. Instead divert it’s flow, tame it, so that it powers your business in a manner benefitting your organization and it’s goals.

No related posts.