Several years ago, I did a double-take as I walked past the desk of one of my developers. He had three instant messaging windows open on his desktop. When I asked him why, he said he was asking other developers about how to solve a problem. One of my most productive developers was working with developers at other companies to get his job done. Until that time, I had thought of IM as a handy tool for quick internal questions, but I also thought it was probably a waste of time.
Now, I take it for granted that people inside the organization will collaborate across organizational boundaries. We live in a world where innovation is measured in hours or days. Within NewsGator, we have daily scrums (discussions about what the team is doing), and it's unusual if a developer reports the same research topic two days in a row.
Collaboration is ultimately about sharing information. I understand the power of information – especially when it comes to securing that information. In my Air Force days, I worked in places with retina scanners and armed guards. The information security on those bases was critical to keeping troops safe. In the commercial world, it's not about saving lives; it's about securing intellectual property and maintaining a competitive advantage.
In an ideal situation, companies should be able to let information flow freely and easily across organizational boundaries while still maintaining the appropriate security levels. But taking a quick look at the diagram below gives you a good idea why this workflow is pretty hard to accomplish.
For large organizations, adhering to the appropriate security and privacy policies within the company is pretty tricky. As information sharing gets extended further and further outward, through extranets and into external social computing networks, the challenge magnifies. This diagram also helps understand how this problem might be solved – both from the outside (Facebook Groups) or from the inside (SharePoint) the organization.
Facebook has the advantage of having a huge user base and a well-understood user interface with tons of great sharing capabilities. With the addition of groups, it's possible to collaborate in closed or secret areas. Both of these allow the content within the group to be restricted and visible to only members of the group. This is a big step forward, but glancing back at the diagram above, you can see that no connection really exists between this collaboration happening in the outer rim and what's going on in the inner circles. The consistency of security across these circles is really left to the judgment of individuals. And since any member of a Facebook Group can invite other members, the security of that group relies heavily on its individual members to make good decisions.
Now the scenario I'm laying out isn't really the design goal of Facebook Groups. So the key questions are whether the issue really matters and whether Facebook is likely to extend its design to cover these issues. For many small organizations, I think Facebook Groups is actually good enough. I think a small company could easily set up an external collaboration area and the potential security challenges would be a reasonable risk. For most businesses, especially ones that share business-critical information, Facebook Groups doesn't yet pass the test.
But could Facebook Groups become an external business collaboration solution someday? I think the decision for Facebook would come down to whether this aligns with their core goals. For a real business solution, you need clear and verifiable identities, granularity of security and guarantees from the platform provider. If a company were to use Facebook Groups, they would need to know that the person they are adding to a group is truly their counterpart at another company. Generally, this is not a problem. Suppose I get a friend request from someone who seems to be someone I know, and then that person asks for an invite to a group right after I accept their request. How much research will I do to verify their identity before I add them? Similarly, how complex will Facebook choose to make the security options on their groups? Facebook wins by being simple, but the reality is that many businesses have real complex scenarios in terms of what users can do and what controls need to exist around regulating and securing content. Finally, and probably most importantly, what is the incentive for Facebook to enter into agreements with organizations to provide guarantees around availability, reliability, and security? For most enterprises to use this tool to enable high-value interactions, those guarantees will be a necessity.
So let's take a look at this from the inside out by looking at SharePoint. SharePoint does security well. Users may criticize the complexity of some interfaces in SharePoint, but some of that complexity comes from the granularity of the system. The questions for SharePoint as a solution to cover all these scenarios are how to deploy the platform in a way that provides secure access and where its boundaries would truly extend to social computing networks. For many organizations, SharePoint exists as an internal platform. Allowing external access is often limited to a handful of external customers and partners, and, in many cases, this is actually a separate SharePoint instance. Could SharePoint really extend all the way out to cover the outer circle? It seems quite unlikely. But for most enterprise scenarios, this isn't really a requirement. It will be extremely helpful to use external networks as a way to bring people outside the company into external collaboration spaces, but it's unlikely that those networks will be the place for business interactions as long as an easy, yet secure solution is provided to access an enterprise-class platform like SharePoint.
And again, probably the most important question is whether Microsoft and its partners have a clear incentive to cover these use cases. Here the answer is very different from Facebook. Business collaboration is what SharePoint is all about, and these use cases represent a very natural extension of that core value proposition.
The future of enterprise social computing is collaboration across all the boundaries. That's a huge scope, and no platform can cover all of it. Facebook Groups will fill a few of those spaces. But in the long run, it seems clear that only enterprise platforms like SharePoint and enterprise suppliers have the clearest incentives and the best starting position to cover the key use cases. This is the fun part about working at a company like NewsGator – we get to see this innovation occurring on a daily basis and work hard to deliver value at that pace. And now when I see developers collaborating both internally and externally, I smile and think about where this is going and how quickly we are getting there.