man looking at phone while sitting at workplace computer
PHOTO: rawpixel

Governance can be a dirty word to some people, while others have built their careers around it. Depending on the context, it can have many meanings, even within the boundaries of a specific scope such as information governance. So, in the context of enterprise-wide collaboration within a digital workplace ecosystem, where might we have to apply governance?

The Governance Basics

A governance model for collaboration could include a very simple set of guidelines explaining what collaboration actually consists of, what people should or should not be openly collaborating on, and which tools tools or platforms to use to accomplish these goals. You may think this is unnecessary, but it depends on the size and shape of your organization and your corporate culture. 

For example, you may be OK with someone setting up a Workplace group to discuss this year's financial reports, but in my regulated industry, with all it’s compliance baggage, such communication goes through a strict workflow before it is released, and it might have comments turned off to discourage open discourse. Aerospace, defense, pharma, nuclear power ... I can think of many industries where we want to stop and think about what is openly being collaborated on via our various platforms, and how we can then apply access controls, records management, data loss prevention policies and more.

Clearly for many organizations (read almost all), collaboration is not as simple as buying a Slack subscription and letting people dive in.

Related Article: Managing Digital Workplace Communication: So Many Tools, So Much Confusion

Platform Governance: Dealing With Application Proliferation

Once you've established the goals for collaboration, the basic rules around how to collaborate, and have considered security and compliance concerns related to this activity, these guidelines become an influencing factor in what platforms you enable as part of your overall digital workplace ecosystem.

Years ago, at a JBoye intranet and digital workplace conference in Denmark, I heard a case study from a big global Danish brand that had found approximately 700 different collaboration tools in use within its organization! This sounds crazy at first, but they had gone down to the level of what non-sanctioned tools employees were using to get work done on their mobile phones in China. 

I suspect the average global enterprise isn't quite so bad, and for small- to medium-sized businesses, the numbers should be even lower. However, that does not mean there isn't a problem. Application proliferation and the deployment of “shadow IT” happens for many reasons. Maybe employees take their user experience into their own hands, influenced by consumer IT. Or the IT function is not nimble enough to keep up with demands. Or perhaps you have applied governance in one area, and now your employees are deploying a workaround in response.

The amount of time, money and effort you put into chasing down such workarounds and eliminating shadow IT platforms should be based on a risk-based approach. For example, if your employees have set up a WhatsApp group on their personal mobile phones, is this a risk to your business?

If you decide it’s not, you may just want to let your employees get on with collaborating to get the job done, or maybe consider formalizing use of the tools and providing guidelines. However if you decide there is possible risk, then depending where the risk profile lands on the high to low continuum, you may have to take different action.

IT can block desktop apps at the perimeter firewalls or apply policies on corporate laptops and desktops that prevent them from being downloaded or run. You will need to write policy and procedure and educate employees as to why use of this platform is a risk to the business, and why your blocking it.

Mobile apps are a different type of issue. Unless you’re a highly secure workplace where employees have to leave their personal mobile devices in a locker before entering and your building is a faraday cage, or you have 3G jammers, your options to stop people using WhatsApp on their own phones (to return to our previous example) appear limited. 

Mobile apps make the education element key and require leveraging HR policy and procedures. Remind everyone that use of non-sanctioned technologies is against the terms and conditions of employment, with all the resultant effects should they get caught using them. However, with this stick, you can also dangle a carrot. To remain with the WhatsApp example, perhaps you could deploy Microsoft Teams as an alternative. This gives your employees a secure mobile persistent chat capability which they can download to their own mobile devices, supplants the need for the non-sanctioned tool. In the process, advertise the benefits of the enterprise back end and the integrations with other tools, so employees don’t feel as if they are bullied onto the corporate platform. 

Sell the advantages. Even when the corporate policy is your back up, you don’t really want to let people go over this, do you?

Related Article: Governance Still Matters in a Digital Workplace

Governance Influences Tool or Platform Choice

Your governance needs will influence your choice of platform, as noted above, but so will many other factors. What is your overall IT strategy, your view of cloud versus on premises implementations, your business needs e.g. document-centric versus conversation-centric collaboration, or synchronous versus asynchronous?

Going back to the example of the global enterprise with 700 collaboration tools in use: You may find yourself in a similar situation if you work in a large global enterprise, and yet a similar issue can strike on a smaller scale in a 50-person consultancy. Based on the risk-based approach mentioned above, it might not be a real business problem if only one group is primarily using one tool set, and a different group is using another. Study the context. For example, if you have software developers using Atlassian software like JIRA, Confluence and Hipchat, does it make sense to pull their documentation process out of the well-integrated Confluence wiki just to make them do it in SharePoint because other business teams are using it?

Every context calls for us to study and understand the balance between the view of the “right tool for the right job” and the high level enterprise architecture view of “standards.” While letting a 10-person development team use Confluence to document their software development might be absolutely the right thing to do, it may also be correct to shut down all requests from other business groups to use it due to the cost/benefit profile: cost of licenses, cost of support, ease of use, level of training required, all balanced against the potential benefits of deploying the solution to more users.

As ever, in our complex organizations, there is rarely a one size fits all solution. At the same time we have to take the 80/20 rule into account, and remember perfect is often the enemy of good enough. Apply some basic governance principles to help prevent proliferation of collaboration tools and to make the most of the ones you have.

Related Article: Why the Golden Circle Is Relevant to the Digital Workplace