Joanna Belbey
Joanna specializes in helping regulated firms use social media effectively while complying with rules and regulations. She is an enthusiastic...
Read Full Bio >>

Joanna Belbey | February 19, 2016 |


Enterprise Collaboration: Turn the Conversation from 'No' to 'How'

Enterprise Collaboration: Turn the Conversation from 'No' to 'How' Firms face significant risks when deploying enterprise collaboration tools, but these risks can be mitigated to reap the benefits.

Firms face significant risks when deploying enterprise collaboration tools, but these risks can be mitigated to reap the benefits.

Today's communications landscape is growing increasingly complex. That old standby, email, is now just one option of how employees communicate. Employees may be using unified communications, public instant messaging, industry-specific networks, external social media applications, and enterprise-wide collaboration tools. And the pace and number of options is only accelerating. Firms that are able to leverage these new forms of communications increase engagement with employees, partners, and customers, resulting in improved productivity, stronger relationships, and increased revenues.

However, like anything new, there are risks to consider before jumping in head first. In order to take advantage of all these new forms of communication, you must secure the corporate network, comply with corporate governance and regulatory requirements, and help your distributed teams and internal users engage with their clients, prospects, partners, and other internal groups.

Data Security

Before deploying any new tool, IT needs to secure the corporate network to make sure that confidential information doesn't leak out or across the organization, either inadvertently or maliciously. In contrast to the spirit of collaboration, certain departments working with sensitive data, such as Human Resources or New Product Development, may need to be walled off. And departments with conflicts of interest, such as traders and analysts, need to stay separated through ethical walls.

IT also needs to protect the organization from incoming threats. Cybercriminals use information gleaned from social networks to target employees to gain access to corporate systems with carefully crafted phishing emails. Employees regularly click on links that appear to be from their friends and colleagues and download malware into the corporate network.


Another risk is being out of compliance. Your compliance department is tasked with making sure the company stays out of the regulatory and legal crosshairs. There are more than 10,000 rules and regulations that impact electronic communications in the U.S. alone. However, regardless of industry or country, the regulators are clear on one thing: Certain business records need to be controlled, captured, reviewed (or supervised), archived, and made e-discoverable for long periods of time, regardless of channel. And if you get it wrong, fines and sanctions are common in regulated industries. Your compliance department is also responsible for providing proof of compliance when regulators conduct their onsite exams. And, finally, if your company is sued, you will be mired in electronic discovery, and it can take days and weeks to piece together conversations.

So what are regulators looking for? To my knowledge, to date there hasn't been any specific guidance from regulators regarding enterprise collaboration tools or "social business" platforms. I've actually asked various regulators about it -- their organizations tend not to use these tools, so they weren't too sure what I was asking about. For now.

However, if social media is any indication, regulators will view these tools as just another form of electronic communications. The content, not the channel, is determinative. If it's deemed a business record, existing recordkeeping and supervision rules will apply.


In general, there are a number of legal risks posed by any form of electronic communications. Firms need to work through employee privacy issues, content ownership, and terms of use. Additionally, unauthorized activities such as harassment, discrimination, misuse of proprietary company information, misrepresenting the view of the company, unsanctioned conduct, intellectual property infringement, defamation, and non-compliance with regulations are just some of the new areas of risk that organizations that use new forms of electronic communications need to address. If left unchecked, these issues can be damaging to a firm, with consequences ranging from litigation, costly settlements, and negative publicity.


Create Employee Use Polices

In spite of the risks, the benefits of enterprise collaboration are too big to ignore. But how can firms protect themselves?

A proven best practice is to create a working group to collaboratively create employee use policies. Gather together representatives from across the enterprise: marketing, sales, lines of business, legal, compliance, risk, human resources, data security, IT, and most important, representatives from the C-Suite. Think about having your first meeting in person so that everyone can introduce himself or herself. After all, they may never have met before. Be patient and let everyone's voice be heard.

You need to uncover every concern, every perceived risk and get them out on the table. Set up a series of weekly conference calls. Identify and then mitigate each risk in turn. And remember, acknowledge the focus on risk and the discussions about worst case scenarios, but don't get stuck there. Continue to turn the conversation from "no" to how." Document everything, including why and who made certain decisions. Craft your employee polices as you hold your meetings. You can also use these policies as a road map when working with your vendors so that you may reinforce these policies with technology as you deploy.

There are a couple of benefits of using this process of a working group. First, although it may initially take longer, by getting everyone on the same page, your launch will go more smoothly. No last minute scrambles to appease naysayers.

Secondly, for regulated firms like financial services, this is a grey area with little regulatory guidance. If regulators do have an issue or a question during an exam of your firm, they will appreciate your thoughtful, pragmatic approach to developing policy. So once you have your collaboration policies written and in place, what's next?

Think About the Users First

If you want a successful program, think about the users' experience right from the beginning. With enterprise collaboration tools, you are giving people a completely new way of working. They need to know what's in it for them. In addition to telling employees what NOT to do on these platforms, map out what you want your employees to be able to do and how you can help them to do that. That means you need to figure out how to attract users to the platform.

Like any new technology, when you introduce a new way of working, training is required. The type of training that you select will be based on the training profile of your firm and the employees you want to use the platform. Some employees will log on, poke around, and get started right away. Others will need some coaching. Still others may require over-the-shoulder training. Design your training programs to meet the needs of your unique employees. Don't assume that it's so easy that anyone can do it. And finally, remember the 30 rule. Only 30% of your population will adopt a new technology at the beginning. Be sure to have your training recorded and available later for those folks who see their colleagues' success and want to join in later months.


Firms face significant risks when deploying enterprise collaboration tools. However, by acknowledging and mitigating each risk in turn, they may turn the conversation from "no" to "how," and toward a successful program.

Want to learn more? Join us at Enterprise Connect at "Regulatory Compliance, eDiscovery, and Data Loss Prevention: Best Practices" on Monday, March 7 at 9 a.m.

And learn more about UC&C at Enterprise Connect 2016, March 7 to 10, in Orlando, Fla. View the Unified Communications and Collaboration track sessions; register now using the code NJPOST to receive $200 off the current conference price.


May 11, 2016
Companies are increasingly migrating from premises-based telephony to cloud-based, whether to achieve greater scale, boost flexibility, or cut costs. Even those businesses that are choosing to stay wi...
April 27, 2016
Today's business conditions are forcing organizations to find dynamic and flexible communications solutions that can unify co-workers and deliver actionable metrics to solve the issues that matter mos...
April 13, 2016
Skype for Business promises simplicity and ROI for your UC deployment. However, success requires much more than just a great product. It requires careful consideration of your existing environment, lo...