Bill Greeves: December 2008 Archives

So what is the big deal about Second Life anyway?  Well, we are all still trying to figure that one out!  But, without question, there is tremendous potential value for us to use the virtual space to improve or create new lines of service delivery at the local level.

For those of us who spend time in-world, we have seen the value that such a rich and detailed interface could offer us.  We've spent time exploring the world and seeing how governments are capitalizing on the potential that the virtual world has to offer for things such as marketing, public information, recruitment, teleconferencing and teleworking, etc.

But how do we get the powers that be to look beyond the video gamesque interface and see that potential?  The MuniGov2.0 group meets weekly within SL to discuss all things Web2.0 and that is exactly the question we recently asked ourselves.  How do we show the value?  The answer - We need to create a concrete (well virtually concrete anyway) example of how we can use SL on the local level.  We are going to put our heads together and collaboratively design and virtually build a facility, simulator or similar project that can be used by all member localities as both a dog and pony show for peers and administrators AND could also be used as a practical tool for citizen interaction. We need to be thinking in terms of the things we all have in common: public safety, taxes, recruiting, public information, etc. and draw some ideas from there. The trick is, we want to create something that we all could use to as an example for our administration and that we could actually ultimately offer to our citizens.

I'd love to hear your opinions on this topic.  You don't have to be a member of MuniGov2.0 (although I strongly encourage it), you don't have to be exploring SL (although I strongly encourage it) and you don't even have to be a government employee (although I strongly encourage it).  I'd love to hear any opinions or suggestions you may have on the subject - just add a comment to the blog below.  Once the group has reviewed the suggestions and picked a collaboration project, I'll keep you posted on the progress!

Virtually Yours,
Greever

I had planned this week to get back to my suggestions regarding the make-up of your internal Web2.0 group, but a few colleagues brought something to my attention that I thought might be more timely.  Most of the articles I have been following over the last few months have been on the potential value and the practice of using Web2.0 as a business tool.  Most of these articles vaguely reference the "security concerns" brought about by Web2.0 technologies, but they fail to provide guidance or cite any specific dangers.  So, the vague threat of potential malware embedded in Web2.0 apps doesn't hold much water with me.  Everything we do in IT has this potential.  That's exactly why you have an Information Security program. However, this week I read an article from Sarah Perez, Your Web 2.0 App is a Security Threat,  that subtly raises the other IT fear regarding Web 2.0 technologies - namely that misuse of Web2.0 technologies can endanger the confidentiality of your corporate data and information as well as pose a threat to legal compliance. The article itself is a broad review of a new product called ACE, which is designed to make it easier for IT to shut down rogue Web2.0 applications.  The point Sarah raises regarding the potential dangers of rogue web apps is dead-on in its concern.  Under-the-radar apps can pose a serious threat to your infrastructure and they must be monitored and controlled. 

However, although I appreciate the value of a tool like ACE, I think it is futile to consider such a tool to be the solution as to how we as IT managers can "control" Web2.0.  Due to its very nature, you cannot shut down Web2.0.  Trying to isolate and filter "Web 2.0 technologies" is like trying to nail Jello to a tree.  Sure, you'll be able to pinpoint whatever the hot technologies of today are, but tomorrow three more will spring up to replace it.  As Chesterfield County CIO Barry Condrey pointed out in his feedback to the article, you will be forever chasing your tail in a futile "whack-a-mole" syndrome.  You will be much more successful in your security efforts if you engage your user population in a give-and-take dialog to help you find a middle ground that everyone can live with and then implement the technologies that support the mutually-agreeable approach.

NOTE TO THE READER: Feel free to skip the next paragraph of introspective and perhaps self-indulgent  "How I Got Here" detail.  Although germane, it isn't required in order to get to the point of this post.

It wasn't until I got to the executive level of technology management that I truly began to appreciate the necessity, value and process of maintaining balanced technology service delivery.  Most of us who are focused in one area of technology service get very, very good at it.  You thrive on technical challenges and you typically work in a world of black and white answers.  When I was in that stage of my career, I frequently had run-ins with customers who liked to toss their "flies" into my technology miracle cure-all ointment, or at least that's how I saw it.  Although I was (almost) always patient and I tried to remain customer-service oriented with them, I was frequently vexed.  I felt that they were just being difficult (and wrong) because they didn't have enough to do or because they were just uninformed.  So I got frustrated with them because I couldn't focus on the "right" solution immediately and they got frustrated with me because I was trying to categorize or jump to conclusions about their needs. (As an aside, here's a big "I'm Sorry" shout-out to all of you former customer co-workers who might come across this in your net travels.) Over time and with experience, and moving up through the ranks, my technology and business knowledge became much wider and more shallow.  Multiple discipline multi-tasking and business management skills became the order of the day. It became much easier for me to truly appreciate and honestly value the business user needs.  No longer was I focused on the technical solution...now it was more about focusing on just the solution.  (Is that a collective "duh" I hear from those you who have been at the exec level for a long time?)

For those of us who are in the IT field, we must be constantly vigilant lest we fall into the rut of getting wrapped up in the technology for the sake of technology.  Advocating, marketing and even proselytizing for technology as an enabler should be a big part of our job focus.  But don't let the tail wag the dog.  We need to be one of those funky chameleons with one eye towards our users (business needs) and one eye towards our infrastructure (technology capability and requirements).  I often think of my role as that of a sales engineer - I need to know my tech stuff, I need to know what my customers need and I need to know how to put those things together. 

As I have said in previous posts, Web2.0 at its core is not about technology.  Technology is merely the method used to redefine the way an organization communicates and collaborates with its customers.  Likewise, technologies such as ACE are also enablers in terms of focusing that Web2.0 adoption into secure and reliable channels.  But they are not the sole savior, nor should they be. The answer is to rely first on well-crafted policy that balances the need for security of information and systems with the business needs of your users.  I spoke to Sarah offline and although we may take different paths to get there, we share the goal of having an organization that runs technology in a safe and controlled manner to the benefit of all internal and external customers.  Here in Roanoke County, we use a product similar to ACE to filter web applications because I don't want any covert apps popping up in the departments either, whether they are business legit or not.  But before we install a technology solution, we need to get a strong, flexible and reasonable policy and practice in place to govern the use of Web2.0 in the enterprise.  This policy cannot be solely a product of the IT department.  We've got to have the conversation with all the stakeholders at the table in order for something of this magnitude to be effective.  Everyone involved needs to approach the issue with an open mind and stay focused on the ultimate goal of improving the organization.  IT folks must be willing to refrain from assumptions and be flexible on some of the traditionally locked-down areas and practices. Business users must be willing to adhere to the tenants of the policy and abide by the security and technology that must remain intact in order to preserve the security of an organization's resources. 

Once you have the global policy in place and the details have been communicated to the organization, then you can fire up an application like ACE, provided it can be modified and customized to meet the current and evolving needs of your organization.  By then, everyone should be on board with the technologies adopted and not finding ways around the policy.  Violators should be disciplined accordingly because of the potential danger to technology resource integrity and the privacy and security of your corporate information.  I'd also recommend periodic reviews of the policy to ensure that it remains in line with the changing needs of the organization and the new Web2.0 technologies that spring up on a regular basis.  This follow-up will provide business users with a conduit to raise issues regarding the policy and security technologies and it will hopefully curtail attempts at circumventing policy direction.

Don't get me wrong - I know this not going to be a simple process.  You may experience wailing and a great gnashing of teeth, but the end result will pay off in dividends for all involved.  As a former boss told me early on in our working together - "the best solution is not often the easiest".

Virtually Yours,
Greever

I suppose I could have titled this one "Achieving the Buy-In" or the "The 2.0 Value Proposition" but I decided this topic needs to be straightforward and hopefully as such, you'll be able to use it as you see fit to aid in the education process in your organization.  So in no particular order, here are my top reasons why you should be using Web 2.0 now:

Innovation Without Funding
I don't care if you want to call it a spending slump, an economic downturn or a recession, the bottom line is, our bottom lines are getting lower and lower these days.  I don't know about you, but everyone I talk to has a budget that is bleeding worse than a wounded pig hopped up on anticoagulants.  Revenues are down, which likely translates to reductions in the current year and reduced targets for at least the next year or so.  So, here's your chance to be the one who steps up and offers to do something new and innovative without any funding!  How often do we get to say that around here?  In most sectors we'll be tightening belts and going into a maintenance mode, but with Web2.0 you can certainly do some innovative work at the same time! 

Fair warning though - the top will be a lonely place at the beginning.  Remember that know-it-all in school who always had to raise his or her hand every time the teacher asked a question?  Yep, that'll be you.  (No offense intended to those of you who happened to be that particularly sagacious one).  But truth be told, after the initial bruising wears off and the brown -nosing insults abate, chances are your peers may jump on the 2.0 bandwagon which means good things for all!

Little-to-No Infrastructure Requirements
As an IT Director, I have to weigh each application on its business value AND the impact it will have on our infrastructure - our hardware, our people and our network.  Does it gel with our design standards?  Will it require additional training?  Will it require new software licensing?  And so on and so on.  Happily, with the improvements in security we've enjoyed in recent years, cloud computing and hosted software solutions have become a much more appealing proposition for an understaffed and undersupplied IT shop.  Nearly all Web2.0 tools are browser-based services, hosted and maintained externally and they require little no interaction at the PC level.  And yes I know all about security, web filtering and the dreaded "opening of ports". Typically the sound Information Security practice is to lock everything down first and then open things up on a justifiable case-by-case basis.  To be clear, I am advocate of this practice, but I have had difficulty in finding evidence of how Web2.0 tools in general are potential security risks to desktop machines or the network, provided you are running effective malware protection. I encourage you to check out the Security section of the MuniGov2.0 Web site for more information regarding our research focused on the myths and facts related to security and 2.0.  I also welcome any and all feedback with an opposing view on the security topic - but please don't flame me just for the sport of it - give us some factual and topical meat to chew on to further the discussion.

Easy Entry & Easy Exit
Web2.0 can be your own little petri dish.  Thanks to the easy implementation and zero cost model, 2.0 is ripe for experimentation and mash-up to see what works best for your organization.  Let loose your inner Frankenstein! Grab a few of those juicy buzzwords out of the toolbox, cobble them together, wind up and toss them on the wall and see what sticks.  Give things a fighting chance, but if they don't work out, pull them out of the game and try something else.  You'll have very little money invested and chances are the experience you gain from these initial forays will help you advance further with the next set of tools.  Remember that 2.0 tools are like Batman's Utility Belt - a tool for every purpose and a purpose for every tool.  Chances are everything you need to meet your business needs is already out there is some form or another.  So jump in, mash it up - tweak and experiment, improve and share the love and experience (and the products) with the rest of us!

Resistance is Futile
Perhaps the strongest argument for Web2.0, in this humble correspondent's opinion anyway, is that adopting Web2.0 is not a question of "if" but rather "when."  These days, Web 2.0 is clearly assimilating into mainstream at light speed.  Check out the recent article from the Miami Herald, OMG, my MOM's on Facebook!, if you doubt me on this one. And, Web2.0 is no longer just about having fun and staying connected. 

A few years ago, 2.0 was the narrow corner of web space occupied by a symbiotic (albeit polarized) pairing.  On one end of the spectrum we had the blogging technovisionaries sharing cerebral concepts of information sharing.  On the opposite end we had the college kids MySpacing their "Dude-I-Was-Soooo-Wasted" war stories and pictures for the glory and good of all.  (Perhaps some of us were members of one or both of these groups!) Like the two arms of a slingshot, these groups used Web2.0 like a rubber band to hurl their payload (i.e. the rest of us) from the static world into the fluid vision of today's internet life.   The rest of us have caught up with the visionaries and this stuff is in common practice.  And here's a real kicker - many of those inebriated educatees have architected this current course and are charting our future today. 

Universities across the globe have begun integrating 2.0 into the core curriculum of the classroom.  2.0 is required learning and an essential tool of scholastic success today.  And those digital native students that are so adept at it today will be our constituents tomorrow.  So, do you want to be in a spot where you've got to implement things because you are being "forced" to or would you rather do things on your own timeline and on your terms?

So there you have it - my $.02 on why you should get into this game now rather than later. Sure these benefits will evolve and perhaps change with time, right alongside 2.0 in general.  But for now, I think we've got a pretty compelling set of arguments to get things moving forward!  When it comes to the state of web affairs,  I tend to agree with some lines from the esteemed Mr. Buffet (Jimmy that is, not Warren) and his lovely writing partner Princess Leia herself.  (Come on now, you knew I had to work a Star Wars reference in here somewhere!)

I love the now (all the faces and places)
I love the now (all the rats and the races)
It's the only place I've ever been
It's the only way that I know how

Don't talk about your superstitions
Don't talk about your cats meow
But don't talk about tomorrow tonight
I love the now

Virtually Yours,

Greever