Experience has shown me that the IT security element within my organisation is extremely risk averse (i work within the Nuclear Industry) and that any attempt to introduce social networking, knowledge sharing platforms etc will be met with a resounding NO.
Does anybody have any pragmatic ideas/arguments that I can use to persuade them? I missed Mark Oelherts session on this at #lt10uk, so if anybody has seen any posts anywhere on this session, links would be greatly sopreciated.
Depending on whether they have a sense of humour, this might help your argument a little.
My company is in the same situation - all forms of webmail, Facebook etc barred. I can't even update my Google Calendar. Result: a lot of 'unofficial' Facebook groups of employees.
The point Mark makes about 'the network needs to come to where they are' is both true and depressing from my pov; not only do vast numbers of our people have no email address, but some groups may be about to have email taken away as 'unnecessary to their roles;. While there is a corporate Sharepoint system, there is, as far as I know, no policy on using it for networking. I'm going to start this week by asking every level of IT and Comms I can find whether there are policies on social networking, information sharing and internal use of social media. I expect there won't be. We in Learning have the luxury of an externally hosted site which we control so we can introduce some things by the back door. But it will have to be something people go to, as we won't be able to take it to them.
A recurring point at LT2010 was about corporate culture and its readiness for social learning. One speaker outlined the well known Theories X and Y, which brought me down even more as he said a heavy bias towards Theory X would be a killer for social learning: Theory X feels like home!
I can see the reasoning behind removing "unnecessary" access to email. But Patrick Dunn says it very succinctly in his post today:
"Equipped with all sorts of expressive tools and technologies, normal everyday people are going to construct and share their own learning whether their employers like it or not. They’ll just change things, messily, insecurely, haphazardly. If organisations don’t accommodate this in their cultures, structures and processes, people won’t learn what the organisations need them to. Organisations will be bypassed, first in terms of learning, then in terms of expertise, then commercially."
Thanks for your advice. I have contacted Mark who has provided some very timely information and advice, once added to the remaining evidence I have/am collating, it should prove to be an interesting 'pitch'!
So yes, I do have some experience with this working inside the Dept. of Defense. The CIA is hip-deep in the 2.0 stuff but maybe even more impressive is that the National Security Agency (NSA) is too. See the story here (http://tinyurl.com/cvk5ce) .
We also had tons of 'security' concerns come back when we were working up the draft on the DOD Social Media Policy. Turns out though that the fears were not really IT fears. The technology here in 2.0 is not exotic, its not really new - the concerns that we got really were training concerns - that is human issues. So many of these problems can be mitigated if the social network in question is secure, eg A-Space, also make sure that all posts, comments, etc are attributed. "Anonymous" really has no place on a corporate social network.
If the network is going to be open or if employees will be allowed to access those networks (the irony being that if they can't get to them from work, they can still get to them from home and they'll do it without the benefit of any training) from work, then part of the issue is that just like with email, people need to be trained in what to say in public, largely with the understanding that it might not be their individual comments that can be dangerous but rather, the comments of all employees taken in the aggregate that could pose a security risk. Again - not an issue for the IT dept though right?