I’ve written a few times here about Facebook — how it’s a potentially powerful tool for maintaining and supporting a network of weak ties, how it fits in with other E2.0 tools, and how at least one company is now using Facebook as its Intranet. Several commenters reacted to this final post with security concerns. Bill Benac’s critique was perhaps the most forceful:
"There’s a major security issue with using a public site such as Facebook as a company intranet in that most if its traffic (though not login) is trasmitted in cleartext over HTTP. It’s relatively easy to snoop that data. Companies usually require secure VPN for remote access to the intranet so this problem is avoided…
Facebook is not a viable solution for mainline companies. Let them retool their offering for the corporation if that’s what people are interested in (e.g. give companies their own url such as https://myco.facebook.com, let the corporate administrator manage who can log in, let the corporate admin manage who they can be friends with, what applications they can add, what types of information can get into their news feed, offer a SecureID feature, etc.). Until then, serious companies should stay away."
I’ve heard similar reactions from many line and IT executives when discussing social networking software (SNS) and the strength of weak ties. They realize the potential of SNS, they know that many people in their companies use and love Facebook, and they sense that they’d fall short if they tried to build their own social networking tool from scratch, but they can’t see a way to make the Internet’s current SNS OK for the enterprise. The risks identified by Benac are just too high.
When Facebook opened up its platform and data to outside developers early this year, I predicted that applications built specifically for enterprise would soon arrive. Yesterday, Worklight‘s David Lavenda stopped by my office to show me one (I have no financial interest of any kind in Worklight, and have had no commercial dealings with the company).
Worklight sells a server + software combination that sits behind the firewall, takes data from all manner of legacy enterprise applications (ERP, CRM, HR, etc.), and serves that data out "Web 2.0-style" to those who are authorized to see it (according to the company’s existing policies). Web 2.0-style here means via RSS, Ajax, widgets, mashups, IM, etc. And now Facebook.
In a quick demo, Lavenda opened up his standard public Facebook profile, then launched WorkBook (Worklight’s offering) just like he’d launch any other Facebook application. After he logged in, a separate section opened up within the profile. This section was devoted to the user’s employer — let’s call it Lavendaco. Inside this section were a number of standard Facebook features — friends, groups, Q&A, profiles, etc. — presented using the standard Facebook UI. But the data populating each of these were specific to Lavendaco, came from the Worklight server installed at Lavendaco, were encrypted as they travelled across the Internet, and did not pass through Facebook servers. A short description and screenshot of WorkBook in action are here.
I haven’t experimented with WorkBook myself and I haven’t talked yet with any of its corporate customers, so I can’t personally vouch for its features or robustness. But if it works as advertised it seems like a very smart approach to corporate SNS. I particularly like the approach of not reinventing the wheel by trying to build a tool that’s "just as good as Facebook." Instead, WorkBook is Facebook. It lets people continue to use this incredibly popular technology and leverages the investments Facebook has made in delivering a compelling interface and user experience. Lavenda said that Worklight considers Facebook just another "Web 2.0" style delivery vehicle for enterprise data. If OpenSocial or another SNS becomes popular in the future, Worklight will build tools for that platform as well.
I asked Lavenda how Worklight got its initial set of customers for WorkBook, and he replied that the impetus typically came straight from the top. He said that the CEOs of these companies were well aware that Facebook networks and groups existed for their company, and wanted to take advantage of them rather than attempt to squelch them.
This corresponds well with what I’ve observed. The line executives I’ve talked with have been eager to harness the power of social networks and technologies that let knowledge workers maintain and exploit weak ties. To date they’ve felt that security concerns prevent them from doing so, but this situation may be changing rapidly thanks to advances like WorkBook.
Leave a comment and tell us what you think. If WorkBook works as advertised, does it allay your security concerns related to enterprise SNS?