Social Glass

I recently had the chance to talk with Yonni Harif, Marketing Manager, and David Lavenda, VP of Product Strategy and Marketing for WorkLight on the topic of security and Enterprise 2.0. WorkLight fundamentally believes that consumer Web 2.0 applications will play a vital role in Enterprise 2.0. Knowledge workers will use iGoogle, Netvibes and Facebook to help them with their jobs whether their employer likes it or not. David noted that an estimated 86% of employees use Internet-based tools for productivity purposes. Smart companies will embrace consumer tools and make them even more beneficial for their workers.

WorkLight is a two year old business that set out to consumerize IT. They’ve been quoted in Computer Weekly and ITWire and have recently formed Secure Enterprise 2.0 forum.  The forum “is comprised of top executives at Global Fortune 500 companies that are ready to address the security challenges posed by Web 2.0 technologies, such as wikis, blogs, RSS, widgets and gadgets, personalized homepages, social networks and social bookmarking, which are becoming increasingly popular in the enterprise.”

They have a server (also called WorkLight) that connects with line of business applications on the corporate intranet. It then dishes out information from them securely in a variety of formats including RSS and Google Gadgets. This means that an employee can use iGoogle to interface to his company’s SAP system, for example.

How is this secure?

Companies are naturally hesitant to expose data from core systems, especially if that data is going to be used on Internet-based applications. But WorkLight’s offering is unique. Users are asked to authenticate before using a WorkLight service or widget. Data is encrypted using SSL and/or is transported over a VPN connection to the corporate intranet. Moreover, the WorkLight server integrates to a company’s directory service (LDAP, Active Directory) and uses already-established security protocols to determine who has access to what.

WorkLight also believes that Facebook can be used in creative ways when it comes to corporate intranet. Yonni Harif observed that companies that embrace Facebook for business purposes have instant leverage on their employee’s Social Graphs. WorkLight creates a Facebook application called Workbook which is designed to integrate corporate information systems into Facebook, securely. Andrew McAfee saw a demo of this in action and wrote about it here.

I asked David how they approach a typical engagement given that some systems integration would be required to connect line of business applications to WorkLight. David said they have some out of the box adapters for systems like SAP, but that if they have to build a custom adapter they do so using the “read mostly” approach. The premise behind “read mostly” is that it’s easier to pull data (read) from line of business applications than it is to push it (create, update). As such Worklight tries to minimize the amount of data that goes back into these systems through their widgets and services, and this reduces the costs their clients incur when hooking their systems into WorkLight.

Once a widget or service is created on the WorkLight server, users can rate or write comments about them. Rating and download count then influence the visibility of the widget or service on the server where those that are highly rated and downloaded often appear on the front page.

Security and Risk Management are a Big Deal

Lets face it, a lot of the guys we’re selling Enterprise 2.0 to have been in business for a while. This means we need to appeal to their natural tendency to stop initiatives they don’t understand because they’re deemed too risky. Companies like Techrigy and WorkLight are building solutions designed to make Enterprise 2.0 more secure and less risky (disclosure: I’m working with Aaron Newman, President of Techrigy, on a side project). As the market matures we’ll see security play more of a vital role in any Enteprise 2.0 solution stack.