Intranet Benchmarking Forum

The debate continues as to whether Enterprise 2.0 is little more than hype or represents a key cultural as well as technological shift in our organisations; whether we should talk about it at all; and if we should talk about it, then whether it isn’t just knowledge management in a new disguise... phew!

In the meantime, organisations need to deal with the practical issues around introducing more participative, open tools, both inside and outside the firewall (whether we call them 2.0 or some other equally cool sounding name). One of these practical issues is addressing the concerns these tools cause in some quarters around company reputation and legal risks. Paul Miller touched on this in his post about Intranet Governance 2.0 back in January and it will be the subject of an (eagerly anticipated) research report in the very near future! :)

If you take the new wave of employee directories I blogged about in my last post as an example, the question of data protection and privacy comes up as more employee data is exposed on the intranet. And for global organisations, this may have different implications across their operating countries. Additionally, with more freedom of expression, both on the intranet “inside” and “outside” concerns arise around content liability.

But these issues should not become show stoppers within the organisation for letting Enterprise 2.0 tools in and letting employees out to participate in Web 2.0 sites. Rather, they should be handled through ensuring that intranet governance keeps pace with the changing intranet landscape. The nature of this landscape means that hard and fast rules suited to more traditional structures, are not really suitable. Rather we get a framework of guidelines around behaviour and content that is acceptable and (as at BT) ensure that employees are held accountable for their actions.

Andrew McAfee on his Harvard Business School blog puts the argument around the risks into perspective: “Imagine two competitors, one of which has the guiding principle "keep security risks and discoverability to a minimum," the other of which is guided by the rule "make it as easy as possible for people to collaborate and access each others' expertise." Both put in technology infrastructures appropriate for their guiding principles. Take all IT, legal, and leak-related costs into account. Which of these two comes out ahead over time? I know which one I'm betting on.” In his recent debate with Tom Davenport (and that's another story!) he makes the point that if people wanted to make defamatory statements or expose company secrets then they have already had plenty of tools and opportunity to do this. He goes on to comment that in all of his research into companies use of 2.0 he has come across no examples of such cases.

The key here is around the guidelines the company provides (this is providing a clear lead, whilst not being over prescriptive), holding employees accountable for their actions (we never get new freedoms without new responsibilities) and being prepared to follow through on any breaches (walking the talk).