The Social Enterprise has progressed from being a toy for kids to being a real enterprise software tool. From its beginnings as individual communication tools to “Facebook for the enterprise” and now as a social process engine, the Social Enterprise has grown up. As a quickly maturing technology, Social Enterprise software can no longer hide behind the moniker of “new” or “immature” and expect IT to spend large amounts of money on it. Vendors cannot proclaim the value of this new software and not address how to protect it.
This is a typical problem of course. New technology drives changes in the overall IT ecosystem. For awhile there are glaring holes in the ecosystem which represent significant risk to organizations using this technology. For Social Enterprise, data protection is one of those holes. The two primary questions that users need to ask themselves when deploying a software system that has important, valuable, or mission-critical data is “can I back it up” and “can I get it back?” Not only do you need to know how to back up and retrieve important data but how fast you can get it back (RTO), how far back in time you can retrieve it (RPO), and what level of object you can retrieve. I worry that these questions are not being adequately answered in the rush to implement social technology.
For example, what type of object can you retrieve from a backup? Ask many Social Enterprise vendors about backups and they say “The data is in a database,” as if that matters. Does that mean that the entire database has to be recovered to get one deleted object? What if only a single conversation needs to be retrieved? How does one do that? Certainly not by picking through database rows. What are the chances that anyone in the company will even know the underlying schema of a Social Enterprise tool? Zero. There is also the implication that all of this social data will be there forever. However, just like e-mails, social conversations get stale and lose their value over time. Some social tools such as Instant Messaging lose value almost immediately. Don’t we want to at least archive these conversations?
To be a true enterprise application, the data has to be managed in a manner consistent with other enterprise applications. To not do so declares that the data and interactions – and hence the system – have no value. If they were valuable, they would be protected in the same way we protect all valuable assets.
This is a gaping hole in the Social Enterprise landscape. It is also an opportunity for vendors who know how to build enterprise data protection products to jump ahead of those who are ignoring this space. Maybe, like the social enterprise, this will provide incentive for the creation of a new company.