As social media features are being added to ALM tools, should users be concerned about privacy and security?
Since the beginning of software development, everything has been developed on systems inside the corporate boundary. Then, with Y2K, we shipped off billions of lines of code to India for remediation, spawned a technology revolution there, and had our first taste of what it is like to loosen the controls on this most critical enterprise asset. Open source was the next wave of technology that eroded our control, and today it is a mainstream part of what we do. And with social media today, we have blurred completely the boundary between the personal and professional world.
The very essence of social media is that it is a self-regulating, self-organizing phenomenon. Most users, especially those under 30, know instinctively how to temper what they communicate and respond quickly when the “crowd” suggests they are outside the expected boundaries.
So, what’s to worry about? In most of the world, not much: in a highly litigious society, probably quite a lot. Corporate attorneys are adding more and more restrictions into the company handbook in order to preserve intellectual property, prevent misuse of company equipment and avoid lawsuits for inappropriate behavior. Guidelines on what should be on an employee’s Facebook page and what they Tweet about company activities are appearing everywhere. These are all good steps to help deal with abuse after the fact but are ineffective real-time controls. Employers insisting on access to employee’s social media accounts is on the rise, and the civil liberties issues are hotly debated.
But there are natural checks and balances. Most reasonable people will do reasonable things most of the time (we are the 99.9999% so to speak). Occasionally there will be misjudgments, and these can be rectified quickly with negligible impact. Egregious and malicious abuse of these systems (irrespective of your point of view of the its ultimate merits, Wikileaks was a betrayal of trust) inevitably end up in the courts.
So the individual has much to gain from exploiting social media to support what they do. It is easy to implement, designed for collaboration and the infrastructure is already there. They have much to lose too if they get it wrong: their job, their reputation and even their liberty.
The corporation has much to gain, too, such as happier employees -- collaborating more effectively than ever -- and the cost of the improvement is next to zero. The business risks losing the chance to patent an idea, revealing a business strategy to a competitor and affording an insight into how to access and intrude inside the company’s systems.
Both the employee and the employer have to weigh the risks. Michael Capellas, CEO of Arcadia LLC, once said, “We each make about 80 decisions a day. I make 80. You make 80. There are a thousand of you, and one of me. You make 80,000 decisions a day. Who has more impact on the business? Me or you?” His point is that training the team to understand the corporate direction and understand the risks is better legislating, controlling and restricting.
For a comprehensive resource on social media, see Social media: A guide to enhancing ALM with collaborative tools.
Dig Deeper on Internet Application Security
Related Q&A from Kevin Parker
Add controls to the business of delivering software, and teams will scream about delays. However, fast development is often the result. Continue Reading
Kevin Parker discusses the pros and cons of industry analyst reports and advises when it might be best to trust your own instincts. Continue Reading
Actually, application development veteran Kevin Parker says ALM is really a part of the APM process when you look at it from a distance. Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.