To Yammer or not to yammer, that is the question
Some of us have spent a lot of time trying to convince management, that employees were engaging in social activities inside and outside of the firewall whether they liked it or not — and that it was something that needed to be embraced and planned for, not disregarded.
These days, whether an application is on premises (you control the servers locally) or hosted offsite (private cloud or public cloud) is almost inconsequential — these platforms and apps are maturing, and many of the concerns we had in the early days of social technology are just no longer valid. Some of the questions you’ll likely run into as you introduce Yammer to your organization, and some ideas on how to address them:
1. How secure is the platform?
First and foremost in any CISO’s mind is security of existing systems and applications. Will enabling Yammer create backdoors and open the company up to issues? What does this do to access controls and permissions management?
The first line of defense in the free version of Yammer is that only those with a corporate domain can join your network. However, you may also have a bunch of former employees still logging in to the system with their old email and password — and there’s not much you can do until you secure things with the paid version. Within a paid network, your network admins can manage who has access, and tie account provisioning to Active Directory. Beyond that fundamental layer of security, your other protections are through private groups, and, of course, security at the document-level.
2. How difficult will it be for us to monitor and protect our intellectual property?
While we’ve seen news of inconsiderate employees losing their jobs over loose talk on unmonitored social media sites, there just hasn’t been the wave of IP issues predicted in the early days of these tools. Part of this is because many companies closely monitor their brands and trade secrets, but the real reason is that the way we work has changed. People inherently understand what can and can’t be talked about in these forums. Having said that, you need to be aware of the capabilities (and limits) of Yammer. The partner ecosystem is starting to provide apps that can improve on the out-of-the-box keyword monitoring, but for the most part you’ll need to monitor and take appropriate actions based on what your employees are doing within the system.
3. How will we enforce compliance?
At the root of every compliance rule is a creative lawsuit claim. Somebody somewhere was sued for leaking the kind of data floating around in your internal social platform. The problem with many of the common platforms is that they are limited in their ability to capture and store historical data. Not a problem within Yammer. In addition to the aforementioned keyword monitoring, you can monitor, capture, and archive just about anything. Social compliance is not something that can be automated just yet, but I’m sure someone in the partner community is looking at ways to address this issue.
4. Is there any way to measure productivity?
Are you scanning your Friend lists, checking on the status of your college buddy to see if he was able to catch Avatar in 3D last weekend, or are you actually doing something “work-related?” To be honest, this is one of the most difficult issues to overcome with a CIO who insists that social media = unproductive employees.
It’s hard to sell effectiveness and efficiency, the intangible fruits of social computing. Senior managers who see everything as quantitative have a hard time understanding qualitative arguments. Yammer’s app model solves some of this by providing dashboard-like visibility into what is happening within your network, and by whom. To some extent, how to use Yammer effectively should be part of your ongoing employee training plan — but when standards are defined (create a usage policy, for example) the community does a fairly good job of enforcing it.
5. What will this do to our internal support queue?
What is the server footprint? What are the support options? What are the priority and severity levels? What is the mean time to resolution of any issue you might find? Are there SLAs? How much visibility do you have into the types of supports issues you can expect, or that other enterprise customers are experiencing? Many of these kinds of questions are reduced by the fact that Yammer is, and always will be, a cloud-based platform. Support is community-based, and issues are generally resolved very quickly due to Yammer’s agile release cycle. One best practice is to create separate Admin and End User groups with training material and FAQs.
6. How will we handle the lack of transparency in what people are doing?
Truth be told, this is just another flavor of the security, IP, and compliance concerns above. In my experience, this concern has more to do with control than anything else. But within Yammer, it is also a non-issue, since the entire premise of the platform is anti-hierarchy, giving everyone access to the content and conversations being generated within your organization. Of course, there are private groups and secure content — but even then, some admins will have the ability to access even these, providing the necessary transparency to ease this concern.
7. How will this impact our network bandwidth?
Honestly, every vendor under the sun has this question answered. Yammer is no more resource-intensive than any other internet network usage.
8. Isn’t social just a fad?
Microsoft doesn’t think social is just a fad. Prior to the Yammer acquisition, they were building robust social capabilities into SharePoint Server. They are all-in on social, integrating Yammer with their Dynamics CRM platform and making it a core aspect of their Office365 offering. Doesn’t sound like a fad to me.
If you’re already using Microsoft Teams and are asking yourself “Why use Microsoft Yammer when Microsoft Teams is already in use?”, we’ve answered this question here.
Hopefully you’ve found this list to be helpful, and it helps you better understand social computing.
Tags: Internet security, MS Yammer, Security
This post was written by Ravi Sankar