Information leaks on social networks : that’s not the problem

January 27, 2012 By Leave a Comment

Summary : businesses see social networks as possible channels for information leaks caused by negligence. What is right. But their retort, that is mainly technological, does not solve anything because social networks are only one of the many channels that can make risks become true, not the cause of the risk. As a matter of fact the largest social network in the world is the street. If a global approach through awareness and accountability will help to deal with the whole risk, solutions that are being currently implemented are only window-dressing regarding to the many channels information can use to leak. Human issues can’t be solved by technology only and firewalls will never replace trust.

It’s obvious that information leaks is a sensitive point for businesses and the risk of employees being negligent on social networks has to be taken seriously. Hence the need for limiting this risk. Most of time the response relies on technology. That solves a part of the problem but is far from being enough.

As a matter of fact, prohibiting any connection to these sites or filtering outgoing information may limit the risk. But such an approach has weaknesses. It only works on corporate devices. At the moment people use their mobile or connect from home the risk is here gain. Making employees aware of the risks caused by their own behaviors is more useful because, in some ways, tools are only the vehicle behaviors use to make information flow. Adopting this approach helps dealing with some of the consequences but none of the causes.

The largest social network is not Facebook or Twitter but…the world, life, the street. And no technology will prevent anyone to do anything there except accountability. The good side of this approach is that, when it’s successful, it works with any device, anytime, anywhere.

We all have examples to tell. This group of coworkers of Bank xxxxxx having a drink and talking about their employer’s solvency, not being conscious everyone was listening to them. These two executives discussing their secret new corporate strategy at lunch. Everyone around appreciated. This group of employees of YYYYY vacationing together and discussing, around the pool, of lay-off program they were secretly working on. The problem that, even if they were on the middle of the Indian Ocean there were lots of french people in the hotel. One more thing. I would like to thank the sales rep of ZZZZ that were discussing their plan to sign with a customer in the plane….since I was meeting the same client a couple of years later my colleagues and I make the best possible use of it. I also think about all the people that can’t prevent from working in trains or planes, making it easy for anyone to see what’s on their beautiful HD screen.

Of course such things never happen. I’m even sure that in the above mentioned companies, social networks are filtered or blocked. Human issues won’t be solved by technology and firewalls will never replace trust.

 

 

Filed Under: Software & Tools, Web & Usages Tagged With: , , , , , ,

Managing information and people is not the same thing

November 22, 2011 By Leave a Comment

Summary : “accept as friend”, “add to your network”, “follow” are concepts that are more and more present in our personal and business lives. That does not come without human issues. One may be interested in the messages, information, signals shared by another person without having a good relationship with this person. Sometimes there’s even no relationship at all. The problem occurs more and for frequently in both the consumer web and enterprise tools where things are even more sensitive. Binding how one manages the information flows he receives and how he manages his relationships with others causes complex and complicated situations that are humanly uncomfortable for people. The solution is simple : splitting both. The good news is that it’s a very actual trend.

I recently wrote on the difference between signals and conversations. It’s not only about words : it’s about the whole approach for people, for the system as long as we admit that conversations is only one way among others to share and transmit information. It gets even more important if we consider that a given person may be more or less comfortable with one or the other and that one or the other will work better in a given context.

A similar issue applies to relationships, contacts, friends etc. Managing what I’ll call relationships is about to become a pain on the consumer web and raises many questions on enterprise internal tools tools.

I won’t mention the wording that can kill the system by itself. It’s the somehow political context of work there’s a big difference between adding someone as a friend or as a contact. Accepting or requesting such a request from one’s manager or staff member is a kind of political and diplomatic decision. It comes even more critical when one has to make such a request, to state a relationship,  to see what someone shares or interact with this person. Add to that the sensed attitude of users saying they don’t have the time (and often not the know-how) to manage as many relationships  even if they need to shortly interact with one or the other to get things done.

It all comes from the confusion between managing one’s information flows and managing one’s contacts. By mixing up diplomacy and efficiency, many social platforms, internal or consumer facing, did not help their users and made themselves touchy to use.

 

[Read more...]

Filed Under: Knowledge & Information management, Management & HR Tagged With: , , , , , ,

Making the most of key resources in collaboration

September 22, 2011 By 1 Comment

Summary : tomorrow’s organization will be connected and communicative. This is the only way to success in the knowledge economy. But communication and exchange, which are essential foundations for collaboration, need a sender and a receiver who mobilize their attention. But attention, more than time, is the scarce productive ressource which use has to be optimized. In the end, if everyone makes the most of the system in one’s own interest, the whole organization may become paralyzed. Solutions exist and suppose more accessible business tools, information filtering based on context and better education and training.

Whatever the organizational structure is, top-down, networked, push, pull etc… there’s always a constant concern : optimizing the use of resources. Said in other words : “get the maximum by spending the minimum”, “prevent productive potential wasting”.

In this productivity driven view, people see time as being the limiting factor. That’s, right…at least in a system based on repetitive tasks and involving few knowledge if any. But this assumption becomes wrong in a knowledge economy where time is not a relevant productivity indicator at all because individual production is not linear or constant anymore. And not individual either by the way. In this context, the limiting factor is attention, which could be defined as qualified time, a subdivision of time. That’s the time dedicated to do/deal with/process something, being focused on it (by the way it would be interesting to start a discussion on what attention at work is….to find a less shoddy definition than this one).

So attention is the scarce resource which use has to be optimized.

But we know than nobody can be focused, attentive, 8 hours a day. A least not 8 hours in a row. That’s, in fact, a reason why the barrier between personal and professional time is blurring.

One of the best way to avoid productive time wasting is not to make sure everyone is checking in the office at the right time but to make work tools available when and where attention is maximal. Note that attention is not always the result of a voluntary action. Who did never have a brilliant idea about a business concerns at night, on vacation or during a week end…and lost it because he was not empowered to work or share it at the very moment when it came ? Moment when one’s mind shifted to a business focus unpurposely on a non dedicated time ?

Another way is to avoid disruptive elements that come and interrupt employees in an “attention phase”. These elements are well known : untimely email reception as well as any incoming signal that grab attention and force to refocus after : instant messaging, phone calls or social media. There’s an easy solution being used by many people : disconnecting from everything. But disconnection has risks : not being able to communicate with people who can help, not receiving the information that would help to solve a problem. The notion of context that helps filtering the available information and, most of all, the information being pushed at a given moment is essential and will play a key role in tomorrow’s business applications.

Then after, there’s the need to master the human factor. As a matter of fact, these signals don’t fall from the sky : they’re sent by people. That’s the paradox of the new coming forms of organizations. If each person makes the most of his ability to share, alert and mobilize others, the situation will look like a tragedy of the commons applied to attention. If each person makes the most of other’s attention in his own interest, the collective result will be horrendous because no one will have enough attention left to do his own work. This issue is fare from being the easier to solve.

Of course, specific education and training will be needed to make people aware of the attention paradigm and what a wise use of people’s attention means (using any communication channel is using others’ attention by the way). But is this a risk for weak signals and serendipity which are essential in agile, networked and “pull” organization ?

The result will surely be a mix of all these solutions…but is still unclear…and far.

Anyway, if organizations need to become (over ?) connected and communicative, they’ll need mechanisms that will prevent these skills from backfiring and avoid the paradoxical trap according to which when everyone makes the most of the system, the organization as a whole will suffer from it.

 

 

Filed Under: Economy & New Models, Enterprise 2.0 & Social Business, Knowledge & Information management, Management & HR, Software & Tools, Web & Usages Tagged With: , , , , , , , , , , , , , , , ,

Toward smarter information systems

March 4, 2011 By Leave a Comment

Summary : When we talk about working on information, we usually distinguish the work that’s been progressively dedicated to machines (mass processing of data according to pre-determined plans) and what remains the field for humans, a sharper and more qualitative approach to scattered and unstructured data. This second point lead organizations to organize accordingly, distinguishing between those who search, prepare and use these data. A dichotomy that has many chances to be questioned in a near futur as machines are getting able not only to explore unstructured data but also to understand questions and give answers.

When we have a look a the main components of any information system, we can see two poles coexisting :

• the “mechanical” one. It’s made of applications that replaced humans over time because they’re more efficient and reliable for some tasks, providing a substantial advantage both in termes of speed and quality, what means in terms of costs. They allow the mechanization of repetitive mass processing that need more calculations and processing power than intelligence and ability to react in front of unpredictable things.

• the “intelligence and knowledge” one. It’s made of applications that don’t replace humans but are supposed to multiply their intrinsic abilities that a machine does not have. Its about communication and collaboration technologies.

If we focus on the second point, it’s obvious that no machine can understand and treat unstructured data with the needed fineness. Should the need be about searching, using and make a decision relying on a huge mass of unstructured information without the existence of an history demonstrating what “a good decision is”.

On this part, the superiority of human versus the machines is about decision making. As for what’s about information search, it’s rather a burden but a necessary burden because even if the machine is powerful enough it’s unable to process a qualitative and contextual search on information.

But how long will that last ? [Read more...]

Filed Under: Knowledge & Information management, Management & HR, Software & Tools Tagged With: , , , , , , , , , , , , , , ,

Are curators the missing thing in enterprise 2.0 approaches ?

January 11, 2011 By 6 Comments

Summary :in a few weeks, a new concept burst into the web : the curator. It can be defined as filter and broadcaster for qualified and targeted information. Is it a new fad or a key element of a successful approach. With hindsight it seems that it’s the perfect complement to community managers when the latter makes no sense, one targeting actual communities, the other those who want informations without interactions as well as those who need to be stimulated to interact. The curator may be the person who feeds “social skeptics” as well as community discussions or community managers themselves when they need expert contents to do their job.

Sometimes, there are themes that emerge from who knows where and find themselves at the heart of the discussions. That’s how what what supposed to be an insignificant on twitter with Anthony Poncier and Benoit Faverial ended in a real debate that lasted long at night with Xavier Bartholome, Vincent Berthelot and Mark Tamis. In this post I’ll try to sum up what was said.

Why talking about curators here ?

Because, in my opinion, it’s one of the most important levers to successfully achieve 2.0, social (use the words you prefer) projects within the organization.

What is a curator ?

As for any emerging concept we need to be very cautious when trying to define what anything is. We can say that curators are people who process, rate, contextualize, enrich and broadcast information.

Here’s the diagram shared by Anthony.

There’s something I like a lot with the concept of curator and what it refers to. Like curators in museums, they do not transform the primary matter but understand it, explain it, expose it in a context that increases its value. We can consider that their contribution is rather about meta-data and meta-information.

What’s the difference with KM ?

At first sight I can see three major differences with KM : feeds, maturity and the exclusive nature of the role.

• Curators are not processing information to tidy it up but to broadcast it. KMer ended in a container filling role while curators are rather broadcasters. So, curators are more “filters and pumps” than meticulous archivists.

• KMers don’t address the same level of information as curators. KMers deal with mature, validated and consolidated information while curators are more focused on emergence and weak signals.

• Kmers were, in some ways, knowledge depositories, a mandatory agent any knowledge related thing had to go through. Curators act rather by subsidiarity : anyone can do one’s own sourcing and filtering job without dealing with curators. But, for those who don’t want, don’t know how to, can’t, the curator is here to make things easier.

That’s a watch work isn’t it ?

Yes, there are lots of similarities. The difference is that curators are not necessarily “institutionalized” and depends on a less structured, managed and constrained approach. On the other hand, curators may work at a narrower level and be in a more instantaneous logic when watch often needs time to finally reach employees.

To be also taken into account :

• Brokerage. Curators directly transmit information to employees while watchers make it through a complex and  nebulous intermediary called enterprise or organization which has its rules and constraints that make the system less reactive.

• Scope : watchers watch what’s happening out of the enterprise while curators are also dealing with internal information. So they’re the possible missing link between internal social and community activities and conversations that only interest those who participate and those who need the information that can be found here but don’t have the time or will to find it…or are even convinced that these activities are useless and don’t believe in social approaches.

Curators can even be seen as those who facilitate a P2P watch system in complement to an heavier and institutionalized one. [Read more...]

Filed Under: Knowledge & Information management, Management & HR Tagged With: , , , , , , , , ,

Information security is too serious to be entrusted to IT people

September 24, 2010 By Leave a Comment

Summary : I recently read a survey about the dangerosity of social networks regarding to information leak, relying on the observation of a representative group of people. That’s a hasity concusion : it only proves that information security is not only a matter of technology but of usages, behaviors, a dimension that IT departements still barely master because they consider the issue from a technological standpoint. As an evidence, it seems that IT people are those who are the most likely to have dangerous behaviors, maybe because they only consider the technological side of the problem and overlook the behavioral one.

Recently I found a study about the dangerosity of some tools considering information leak. It says that email is the first cause of leaks (but is it a surprise) and that social networks are becoming a growing cause of such issues, what is not surprising because as they’re becoming more and more popular the risk is growing proportionally.

When I’m asked my opinion, my answer is always the same : no tool is dangerous by itself. It’s usage can be. Said differently : an irresponsible person is dangerous with any communication tool, even a homing pigeon. And the best way to fight irresponsibily is education, not interdiction. As a matter of fact when people are prohibited doing something without being educated, they send their time cheating with the system what may cause even more problems.

This study won’t make me change my mind. The way it was conducted is quite interesting :

The study sample group included 2,000 users from all over the world registered on one of the most popular social networks. These users were randomly chosen in order to cover different aspects: sex (1,000 females, 1,000 males), age (the sample ranged from 17 to 65 years with a mean age of 27.3 years), professional affiliation, interests etc. In the first step, the users were only requested to add the unknown test profile as their friend, while in the second step several conversations with randomly selected users aimed to determine what kind of details they would disclose.

The study showed:

  • More than 86 percent of the users who accepted the test-profile’s friend request work in the IT industry, of which 31 percent work in IT Security
  • The most frequent reason for accepting the test profile’s friend request was her “lovely face” (53 percent)
  • After a half an hour conversation, 10 percent disclosed personal sensitive information, such as: address, phone number, mother’s and father’s name, etc – information usually requested as answers to password recovery questions
  • Two hours later, 73 percent siphoned what appears to be confidential information from their workplace, such as future strategies, plans, as well as unreleased technologies/software

Some points to notice.

- some people accept a friend reques from an unknown person. It confirms my assumption. The problem is about people and the way their awareness about this kind of issue has been raised. There are two options. Either they would do exactly the same if they bumped into this nice looking girl in a bar and a full education program has to be implemented across the orgation or the fact they are online makes them lose their common sense and they have to be taught than the web is like real life : don’t follow a stranger.

Let me add that we already have more dangerous tools than social networks : familiy lunches, parties with friends and colleagues have been perfect situations for information leak for ages. I don’t even mention discussions in trains, people you can read their laptop screen when seated next to them etc…

- IT people are even more dangerous than others. Of course because they only see things through a technological point of view and only consider technological responses. A secured tool can be real strainer if people don’t use it well. Non IT people perceive the risk through a behavioral point of view, they analyze the nature of the context and of the relationship and may be more mistrustful.

Conclusion : anything that has to do with information security is not only a matter of technology and IT people may not be the best to handle the whole problem. Security is about technology and behaviors, this second point needing a specific program to be approached.

A last example. What’s better ? An employee who’s aware of dangers and uses Facebook or a non aware employee that can’t use facebook at work but uses it on mobile and at home ? The second is made harmless while he’s in the office but will be dangerous when he’s outside unless he’s educated.

Of course, pushing the “off” buttion is easier than implementing an awareness program. But it doesn’t solve everything.

Filed Under: Management & HR, Software & Tools Tagged With: , , , , , ,

What social Media Lack ? Intelligence

September 10, 2010 By Leave a Comment

Summary : the increasing quantity of information generated by social media and the need for dealing with all this information regardless to its source is a barrier to an effective use that relies on users ability to priorize, classify and organize things into a hierarchy. Because of that, only a little minority is not scared by the flows that flow on their screens. To make future information systems usable we need to embed a kind of intelligence in the product rather than relying on the ability of a few people to use the tools in order to channel the flows and  highlight what matters to each user, the ultimate step being to build conversing tools. After having tried to use the 2.0 logic to improve BI, now it’s time to use BI to improve 2.0 tools.

One of the main barriers to the use of social media in the workplace and to the transformation of work is that users feel lost. Two points are hidden behind this vague concept :

- lack of context. I won’t elaborate this point because Sameer Patel wrote an excellent post about this issue. Originally about Google Wave it can, in fact, apply to a wide range of things.

- fear of the mass of information that’s generated, of not being able to deal with it and manage it.

I think most people agree on the first point (now just wait to see how it will be turned into actual features), so let’s talk about the second.

If you are familiar with these tools, would it be at home or at work, you know that quantity is not a problem and is rather an opportunity once you know how to filter and prioritize. It can be done technically with the right functiunalities or tools, humanly by relying on the social filter made of your network. Information is like water, what matters is not to have less but to regulate the flow.

Now try to imagine the average user (what means 90% of users), facing any kind of stream (twitter, friendfeed or Facebool) and how his face’s going pale. Of course, these users can be trained, of ourse as time goes by more and more users will be comfortable with information flows. But what matters is today, and today it’s rather complicated. Missing the latest hilarious video shared by one’s uncle is not prejudial but things are not the same in the workplace. Add to that the the fear of admitting in front of colleagues that one didn’t see such or such important information, and you understand why there is a real problem.

The value of social media in the workplace relies on intelligence on two aspects :

- the intelligence people share with the tools

- the intelligence they use to survive in the flow and separate the wheat from the chaff.

Today the more active users on enterprise social platforms are those who meet the second criteria, sometimes because they already do it in their personal use of the web, sometimes because they learn quickly. That poses two problems :

[Read more...]

Filed Under: Knowledge & Information management, Management & HR, Software & Tools, Web & Usages Tagged With: , , , , , , , , , , , , ,

A world in 140 characters ? Really ?

August 20, 2010 By Leave a Comment

Summary : Are we linving in a 140 characters world ? Not at all. 140 characters is only the signal that points at something bigger and without which no signal would exist.

Sometimes we need symbol to show how our world is changing, to what extent a tool is leaving its mark on an era even if this era is only a few months long. Today’s trendy tool being Twitter, it’s a commonly used reference to describe the world of instantaneousness, of spontaneity, of mobility we’re living in. As a consequence we’re asked to rethink our life, our work, how we communicate in order not to be outdated in a 140 characters world.

A word in 140 characters ? Why not. Time is speeding up, messages and thoughts are divided up. “Now” is more important than what lasts, reaction and context than content and capitalizing. When everything’s fast, the only way to understand the future is to have one’s two feet in the moving present, and information above 140 characters is useless since it will be outdated before having been used.

Sorry, but I don’t buy it.

If we take some time to look at twitter and how people use it, if we try to understand what we really find valuable, it appears that we’re facing :

- the expression in 140 characters of an information relying on a larger amount of previously acquired knowledge put into context.

- a summary of a larger content with a link to it.

When talking about information or knowledge, we must understand there’s a difference between substance and signal. We’ve been struggling to indentifying and mobilizing the right substance because of a lack of signal for decades but, now we have efficient tools to deliver signals, we must not focus on it and forget the sunstance and the fact we still need to create and improve it.

We communicate, stimulate, react in 140 characters but to do so we still need to think in more than 140 characters.

Our world is not and won’t be a 140 characters world and neither will enterprises. On the other hand these 140 characters will wake all our knowledge more easy to harness to decide, act and adapt faster. Forgetting that the signal needs something to feed it, something to point at may have detrimental consequences.

Filed Under: Web & Usages Tagged With: , , , ,

Is information sharing a visceral need or a lucky good practice ?

July 29, 2010 By Leave a Comment

This is the rest of my Milanese conversation with Mark Masterson. By dint of digressing on Yers we came to tacke the so-called sociability of employees. The idea was to go beyond the idealistic common place according to which “everyone wants to share, to open, to connect and those who refuse to go this way are naughty people” and try to have a more objective standpoint in an enterprise context.

First easy answer : “it depends”. Of course, between those who overshare and those who withdraw into themselves there is a wide range of behaviors due to a tangle of complex factors.

Then : “it’s (as usual) a matter of culture”. Everybody nows agree that in some countries people want a clear separation between their professional and private life and what to belongs to one has not to be known in the other.

Then again : “what makes us say that people share information on the web after all ?”. They share statuses, emotions. They answer their contact, give them some help. Does it mean being “social”, obliging and is it enough to make us deduce that people want to be connected and bring something to their fellow contacts ? No.

If we look at what’s happening on the web, the act of sharing information is rather about “I am” than “I give”. “I am at such place (and you aren’t)”, “I want to talk about my experience”, “I have something to say (most of all I want to be heard”. At the end, sharing looks much more like self-promotion that a will to help and share that seem to be only means to a personal strategy. It’s a little bit like people (some politicians for instance) that are very active on the field for 10 minutes and stop at the minute the TV cameras leave. Should we regret it ? In my opion no, if egos contribute to a common good then Adam Smith was right. But we have to admit this is rather show-off than deliberate sharing.

Quoting a good friend I’d say : that’s ego-altruism.

What does it mean in the workplace ?

[Read more...]

Filed Under: Management & HR, Web & Usages Tagged With: , , , , ,

Are employees content producers ? No !

June 29, 2010 By Leave a Comment

How many times did we hear the famous “content is king”, pushed as the pillar of a new world where social media is predominant. Consequence : the future belongs to those (people and businesses) who’ll produce the more content. A contrario, who won’t produce content won’t exist in this world. After all, why not…

By definition, a contents is defined regarding to a container so it’s logical to assume that the container is the raison d’etre of the whole what, in fact, makes no sense once you understand that content should be interoperable and volatile to be reused, shared, far beyond the orignal container.

But content is not self-generating so it’s important to have it generated by people. What sometimes troubles me is that this looks very much like “there are new containers, so let’s fill them”. In this approach, the value, the interest of any content is that it fills one or many containers and has few to do with its intrinsic value. I’m not even saying that it may favor noise and quantity agains quality.

Things become more complicated when it comes to the workplace. I have to admit that I nearly fall off my chair whenever I hear recommandations like “you must encourage your employees to produce contents”, “to stimulate your social network’s activity, don’t forget to generate contents”. This is often understood like “there are new spaces…now your job is to fill them” or “on top of the amount of work and responsability you already have as a manager, don’t forget to find things to say every day”. Hearing such words makes manager run away to avoid what they understand as a nonsense, a new improductive and useless burden they have to deal with.

Communication is a part of any management word. Besides that, we should be cautious when the world of communication invites itself (or is imported) in the workplace without paying any attention to the goals of the people it should apply to : produce and deliver results.

Employees are not paid to publish things on online media (social or not) unless they have a marketing or communication position. They are paid to produce and, to achieve this, have to exchange and share information. To be successful, they may need more relevant practices and the right tool to support it. Saying that, the approach to “content” dramatically changes.

People emit and share information out of necessity, not because they have a container to fill (what also makes them fear the “blank page”). They must say to themselves “I have such need so I need to communicate in such way” and not “what will I find to publish to please them today, get rid of this burden, and go back to my real work”.

Be caution of not applying to employees the same punishment as Sisyphus and turn the intranet into a Danaide’s barrel.

Employees are not and should not be content producers. They are people with a job to do and, even if communication is a part of everybody’s job, it should happen because of a given context and the added value of communicating, not because there are spaces to fill.

PS : to explain the business process approach to enterprise 2.0 during the last enterprise 2.0 conference, many people relied on the content/context articulation. A sign ?

Filed Under: Enterprise 2.0 & Social Business, Web & Usages Tagged With: , , , ,
« Older Posts