I attended an IXDA meetup yesterday discussing among else “Collaborating in the stream”. Pete Lacey from Podio showed us some of their ideas regarding different communication types in different activity streams or different applications. The catch though, everything runs on their server; in the cloud.
Now personally I use the cloud for several services, and I feel that such services may be very useful and probably secure enough for me as an individual. The problem is that there are several reasons for not thrusting your corporate or business data to an external service provider. The most obvious ones are based on regulation, in Norway government entities probably will not be able to put their data on servers located outside of Norway, or worse, outside of Europe. There might be risks regarding this even for private companies, foreign governments might insist on access to data stored on servers located within their countries, either for security or legal reasons. Another issue might be the security of the information itself, other companies might be able to break into the service and gain access to your corporate information. Several security officers at different companies are also very protective of their information and data, and would never accept that anything like this should be available externally. All reasons may be resolved as the solutions and regulations evolve, but as an IT-consultant doing business right now, I would like to have the following framework available when dealing with cloud based services.
- Intra-social: I need to be able to implement a copy of a cloud based social service or product internally in an organisation. Using all the normal protections and security that the different corporations demand I follow. Examples might be protected sub-groups, protecting content, firewalls, single-sign-on and so on.
- Extra-social: I need to be able have a “demilitarized” version of this product available for partners and other external participants that make it possible for them to collaborate securely and share information trough the same services that the companies are using internally. These users should probably only be able to access a subset of the information available internally. I would like to be able to enforce encryption of the communication and use strong log-in features. Of course it should be possible to protect content and have access-groups here as well.
- Inter-social: Now the big differentiator is the connection to open services on top of this. By using semantic technologies and other modern integration techniques I would like to intelligently be able to integrate these internal and external parts of my social software with the corresponding public service. Sharing information and collaborating on open issues should still be possible, and this would make it possible for the users to use the same tool for collaboration both internally, externally and on the open internet.
Do you have any comments? Please tell me your feelings on this below.
Posted from Oslo, Oslo, Norway.