The dangers of social software

Quick question. If a conference runs simultaneous tracks on “Enterprise Search,” “Document Management,” and “Company XYZ’s project to replace the intranet with microwikiblogging,” which will have the largest audience?

I’d venture a guess that most people are drawn to the the experimental and innovative, rather than to the mundane reality of complicated enterprise tools. That’s only natural, certainly at a conference. You go there to be inspired, not to be reminded of that system designed to do essential, but relatively boring stuff; a system which, on top of that, is still exhaustingly difficult to get right. Call it content technology escapism, if you will.

All that social, collaboration, networking, and community software may appear as green fields where traditional impediments don’t apply, if only because of the perceived limited risk to essential business processes. You wouldn’t use your e-mail server or ERP software for something new without going through a formal testing procedure. But with blogging, wikis, collaboration, you could be more agile, and get around some of those stagnating requirements, right? Well, don’t be so sure.

About a year ago, I reviewed a community software product for our Enterprise Collaboration & Community Software Report and, within the first day of checking it out, found several technical issues. (I’m not going to name names here, since it seems the vendor has since then worked hard to fix the problems.) It was a SaaS solution, suffering from problematic architecture (things like a shared user directory that meant you had to have a separate email address for each community you wanted to sign up for) and potentially serious security holes (like an API key stored plain text in publicly accessible Javascript). I found it ironic when I saw a presentation by the CTO of one of their customers, lauding the SaaS nature of it, since “It means we didn’t need to have the technical resources in-house.” He was obviously blissfully unaware of the risks he was taking.

And I was reminded of this a couple of weeks ago, when I read a blog post by one of The Next Web’s founders. His personal blog was hacked, and he decided to interview the young Turkish hacker that did it. He also offered the 17-year old some advice. “Sounds like you could learn a lesson in marketing if you ask me. If I would hack 50,000 blogs a week I would make sure to have a multi-language message there, a link to my website and a cool design.”  Of course, this was a personal blog.  If you’re running a public corporate blog, you’ll want to make sure to find out how to prevent script kiddies from changing your cool design to a blank page with a Turkish flag. Reading up on vendor patches and updates is as important with blog software as it is with your document management system.

This is just anecdotal, and I’m not saying it to fault the SaaS vendor and the CTO, or to blame WordPress. But however much you’d like to avoid the mundane, boring, and technically complicated aspects, don’t forget social software is still software. And often, it’s some of the most publicly-exposed software you’ll have around. So take that foundation seriously — or you risk creating Fail 2.0 instead.

This post was previously published on the blog of my former employer, the Real Story Group, an industry analyst firm specializing in vendor neutral reviews and advice. 

photo by: zigazou76

Leave a Reply