Monthly Archives: May 2014

My Consumerization Culture eats your Enterprise Security Strategy

When the company I work for, Bluefin, started out, we were pretty lo-fi. I started working with them when we were in a tiny managed office, with laptops ordered from At the time, we used a small hosting company for email and we used MSN Messenger for Instant Messaging.

We had migrated to Microsoft Exchange for email, Sharepoint for collaboration and were looking at OCS for Voice, Meetings – replacing a bunch of ad-hoc and non-Enterprisey services. We had a Single Sign-On project and all company resources were linked into a single login without username and password.

Messenger used to be a pretty nice tool and it wasn’t until maybe 2007, when we moved to Microsoft’s Office Communications Server and we were around 100 people, that we got rid of it. I was running Bluefin’s IT strategy at that time and I was convinced that Unified Communications was the future.

We planned to use OCS, then Lync, to replace the whole company’s global phone system – using internet to talk, headsets, and cutting our communications costs whilst improving collaboration. Collaboration and social was the future, and we would put Microsoft at the center of this.

What’s happened in the 7 years since then is mystifying to me. I’ve written about this before, but I hate Microsoft Lync. Microsoft frittered away its intellectual property and Lync does nothing well. We still have the office phone system we bought in 2006 (I expected we would do away with this in 2008) and Lync is a very unreliable instant messaging platform that doesn’t work well unless you have a PC with a good connection.

In the meantime, what has happened is fascinating – people have their own devices and they have created ad-hoc processes. In a recent customer go-live, we used WhatsApp as the primary update mechanism to pass control around the world. I was talking to CLP CIO Andre Bumberg about this on Twitter, and this is the point:

In addition to this, we recently implemented Jive, which I happen not to be a fan of. Jive was designed to replace our aging phpBB implementation and SharePoint, but I can’t get to grips with it. With Jive, Document Management is a joke – it’s just a big pile of documents in a community. Analyst Alan Lepofsky commented that Office integration helps this, but I use Jive’s Office integration most days and it is reminiscent of using an Amstrad Word Processor – files are all stored in a big pile with zero structure.

And this causes an unpleasant side-effect. People don’t like Sharepoint, Jive, Lync or any of the main corporate tools available, and when you combine this with the incredible availability of consumer tools and devices, you get a cascading problem. People use whatever they feel like.

I have had communications this week from customers using Google Docs, Dropbox, WhatsApp, Viber, Twitter, Skype and iMessages. I’ve shared screens using WebEx, and several other providers. Just last week I was participating in an analytics project for a customer, who is concerned about using Cloud technologies for Analytics for a top-secret product. There was concern that their competitors, especially in China, would hack into it.

I did a simple Google search for their product “codename” and found that one of their Sales VPs had uploaded their commercially sensitive internal presentation on it to SlideShare. This was probably because their SharePoint sucked, or Outlook email size limit meant they couldn’t share the document.

Constellation Group Analyst Alan seems to thing that customers are mostly focussed on security, audit and access control – but I’m not so sure this is the right focus.

Instead in 2014, I think that Enterprises need to be concerned about providing user experience even at the expense of internal governance – because if they don’t, then people will use whatever is convenient to them. My cutover chats on WhatsApp aren’t a commercial risk to Bluefin or our customers – but the SlideShare with company secrets was.

In the meantime, we really need something better from the likes of Microsoft. Microsoft had MSN Messenger, which was awesome (but is now dead), and Skype, which was great (but is since a little old-school). There’s no excuse for that IP not being in their new products, and Microsoft is dead unless they can compete with WhatsApp and Viber on user experience. Why is it so hard?