Extranet Collaboration Platforms. Coming Soon, But Then There's That Pesky Many-To-Many Problem

Tedschadler by Ted Schadler

In our conversations with many information and knowledge management professionals, it's clear that their distributed and multicompany teams need better extranet collaboration tools.

And they feel the problem is only getting worse as companies go virtual, global, distributed, outsourced, green, travel-less, and partnered, thus driving the need for ever-better collaboration tools that work outside the firewall.

Trouble is, the messaging and collaboration services that  companies have implemented are designed primarily for internal teams.

For example, it's bloody difficult to set up a secure instant messaging connection with every partner you might want to work with. Such interoperability between IM platforms is technically possible, but operationally nightmarish.

So clever employees do what they must: Use public IM and calendaring services, cobble together conferences from piece parts, and fall back on endless scheduling and sharing emails and voice conferencing. Ugh. Ugly. And scary.

Well, the solution's just around the corner say vendors new and old. After all, many are on the cusp of major product releases that promise much better extranet connections and capabilities:

  • IBM Bluehouse promises a new extranet collaboration platform.
  • Google already offers an extranet collaboration toolkit in its Google Apps Premier Edition.
  • Cisco is adding extranet collaboration capabilities to WebEx.
  • Microsoft is moving its services into the cloud for easier extranet access.
  • PBwiki is already cloud-based and ready for extranet collaboration.
  • The extranet collaboration toolkit list goes on: Veodia, Forterra, Dimdim, Qwaq.

That may be true. I surely hope so. But I fear that we have a few more hurdles to clear before extranet collaboration becomes as straightforward as internal collaboration. The basic problem is the many-to-many combinatorial problem. (The mathematicians I know call this a combinatorial problem, and its solution scales exponentially with the number of companies, nee people, involved.)

In addition to all the important stuff to support multicompany teams -- conferencing, video, shared calendars, team sites, persistent chat, search, shared documents, unified communications, structured processes, etc. -- these structural problems must be solved:

  1. An extranet collaboration platform will have to be set up in the cloud. Using a cloud-based provider turns a many-to-many exponential problem into a many-to-one linear problem. But one of the partnering company must still own and control the platform services.
  2. The many-to-many permission problem must be solved. How do to manage access control when teams form and disband and companies sometimes partner and sometimes compete? The access control tools need to get easy to use and integrate well with existing corporate directories.
  3. IT will have to grow comfortable with new access control dashboards. Thomson Reuters Messaging has solved this problem for some industries, giving individual companies control over what their employees can do on the extranet collaboration platform that it hosts.

Agree? Disagree? Please comment.

Categories:

Comments

re: Extranet Collaboration Platforms. Coming Soon, But Then The

Not sure why Cisco needs wait to add stuff to WebEx to be considered offering this, WebEx purchased intranets.com many years ago and have been offering SAAS collaboration for many years.

re: Extranet Collaboration Platforms. Coming Soon, But Then The

I think you've hit the nail on the head with your three structural problems. And while folks like us are already taking advantage of being in the cloud, it makes integrating with existing permissioning systems critical, both for successful implementation, and for working with IT.To date, PBwiki has gotten around these issues because most of our implementations are grassroots efforts, but we're seeing more and more uptake by sophisticated users using our delegated authentication.I also think that the classic "best of breed" vs. "integrated suite" debate will become even more pronounced. My own opinion? It behooves providers to play well with others; I doubt that businesses will feel comfortable putting all their application eggs in a single basket. Why not use conferencing from WebEx, Google Calendar, and PBwiki, rather than settling for a suite comprising one leader and a bunch of knockoffs?

re: Extranet Collaboration Platforms. Coming Soon, But Then The

Carl -- I think that Cisco's ahead of the curve on this one, but it still needs to fully execute on that vision of tools to manage a full project (and get its channel up to speed on how to sell and service software applications).Here's my working model for an extranet collaboration platform toolkit in the "essentials" and the "advanced" versions. What are your thoughts?Essentials:* Multicompany permissioning* Enterprise access control* Web conferencing* Shared calendar* Document repository (Wiki if we must call it that)* Instant messaging* Presence* Persistent group chatAdvanced:* P2P and Broadcast video* Data and content feeds* Structured workflows* Shared document authoring

re: Extranet Collaboration Platforms. Coming Soon, But Then The

Chris (from PBWiki):Interesting (and I think important) thoughts on how cloud-based collaboration services can and should be integrated to solve the extranet problem.I think we still need centralized permissioning and provisioning, though. Yes?

re: Extranet Collaboration Platforms. Coming Soon, But Then The

"The many-to-many permission problem" certainly poses the biggest challenge here. It’s a classic problem -- one with which the software industry has always grappled. And now that we have more companies and more users interacting than ever before, the problem is demanding heightened attention.A well designed permissions system must strike a delicate balance between granularity and simplicity. The problem, of course, is that these are opposing goals. It’s trivial to build a simple permissions system with no granularity just as it’s easy to construct an extremely obtuse but highly granular system.Smart companies err on the side of simplicity and are slowly dragged in the opposite direction. Just look at Google Docs. They started with two classes of users: collaborators and viewers. Nice and simple but not flexible enough for their users’ evolving needs. Since those days, they’ve changed and tweaked things countless times. Setting and managing permissions in Google Docs is still relatively easy, but then again the product is arguably still in its early stages.It will be interesting to see how solutions to this problem evolve and adapt.

re: Extranet Collaboration Platforms. Coming Soon, But Then The

Brendan: Thanks for your thoughts on an approach to this problem. This is where we run into the brick wall of enterprise reality: Those controls are in place because somebody paid for their absence in blood.We'll have to be artful in solving the many-to-many permissioning problem because that blood has been shed by enterprises and they won't go there again, at least not any time soon.(For those of you that don't yet know Wistia -- they are a Lexington, Mass-based company doing video hosting for extranet environments; they focus on metrics that are important for procuring training budgets or ensuring regulatory compliance in some situations.)

re: Extranet Collaboration Platforms. Coming Soon, But Then The

Hi Ted:Call me a cheap CIO, but when I see Cisco/WebEx, Google, and IBM/Lotus rushing to compete with Veodia, Forterra, Dimdim, Qwaq, I can't help but think that web conferencing rates are about to plummet. :)To your point, though -- and breaking the 3-bullet rule, I know -- don't forget about the archiving and retention requirements for companies bound by such regulations. For them, the Compliance Office will be a tougher sell than IT. And with external partners in the mix, everyone must be in mutual compliance...It took long enough for email compliance vendors to incorporate IM into their solutions. Which facets of these new services will fall under these regulations? Persistent chat? probably. Edits to documents? Maybe. Workflow step status changes? I dunno.And how easy will it be for third-party compliance vendors to capture all of these required activities when they move to the cloud? It sounds as though the cloud providers have the advantage here -- will they recognize the opportunity and move to capitalize on it?Jeffrey

re: Extranet Collaboration Platforms. Coming Soon, But Then The

Jeffrey (or should I call you the Frugal IT Executive?):Yes, I think prices will come down on individual sessions, but I also think session volume will skyrocket. So it's probably a wash. But still more band for the buck, so that's a good thing.Regarding compliance, all I can say is, yes, yes, and yes. It's an example of the big disconnect in the market. On the one hand, we have this Gen Y-fueled openness. And on the other hand, we have the most locked down set of regulations ever seen in this country. The two megatrends are clashing right here on extranet collaboration.Thanks for the thoughts.Ted (And hi! Long time no see. Hope all is well.)

re: Extranet Collaboration Platforms. Coming Soon, But Then The

Wow, great discussion. A couple of thoughts:Ted asked if permissioning would be centralized. I think it will have to be. That's why we do delegated authentication--our principle is that people should be able to keep using their existing permissioning system.Brendan talked about permissions granularity. At PBwiki, we started off with only one type of user, and gradually expanded into five: Reader, Writer, Editor, Admin, Creator. And we're constantly finding new use cases we have to add, like giving Readers the ability to comment.Jeffrey talked about compliance issues. I think that there is a binary issue of whether or not compliance will accept archiving in the cloud. It's pretty easy for me to argue that storing data with PBwiki is safer than on-premise storage, but that won't get around a binary edict of "no offsite storage."As people get comfortable with the regulatory/legal aspects of offsite storage, I think the compliance issues will fade. After all, PBwiki could argue that it does a better job of compliance by providing revision by revision tracking and attribution.I also think that the logic of offsite storage is too strong to overcome. The analog in the real world is how companies like Iron Mountain provide offsite physical storage without major compliance issues.

re: Extranet Collaboration Platforms. Coming Soon, But Then The

Ted - Great post and ensuing thread.One more angle I propose to add to the list revolves around using consumer collaboration tools, but with enterprise-grade security. This creates a collaborative extranet platform, grounded in consumer tools that are familiar and popular, but ensures all conversations and activities remain behind the firewall.Companies use these tools to allow employees, partners, resellers and distributors to connect, share protected information, complete business tasks with access to backend enterprise systems, collaborate through user-generated groups, and more, using such services as Facebook, iGoogle gadgets, etc.In this case, the "Gen-Y-fueled openness and regulatory prerogatives megatrends" you highlight find middle ground. IT can still control authentication and permission, while extranet users engage on a collaborative, familiar platform. This is one of the trends we believe in, here at WorkLight, and where we are seeing customers seek out business value.

re: Extranet Collaboration Platforms. Coming Soon, But Then The

Ted, thanks for this. Issues we are trying to address in the collaboration space as well.On #1, what's drives your suggestion that one of the partnering companies must own and control the platform services? One of the things I have enjoyed the most about the collaboration platforms I have used is the SaaS model, is that I don't need the staff/resources to maintain the infrastructure and manage the code. With the right agreements in place, why would one of the collaborating parties still need to own the platform?Looking forward to more discussions in this area.Thanks!-kKevin Micalizzi, Community ManagerDimdim Web Conferencing / www.dimdim.come: kevin@dimdim.com / twitter: @meetdimdim

re: Extranet Collaboration Platforms. Coming Soon, But Then The

Kevin:Thanks for your comment.I mean that the permissions will have to be controlled by the inviting company. The cloud-based provider can provide the services, but the company must control access. Are you seeing that in your customers?Ted

re: Extranet Collaboration Platforms. Coming Soon, But Then The

A late comment! Nice post, Ted. I agree moving to the extranet is a trend and will need some deep thinking. But don't you think the mixed approach is the future. Instead of a dichotomy (intranet and extranet, and some also distinguish the internet), we will work on one platform (the internet) and decide which content we want to share to which audience. So, I write a blogpost and decide to share it with only my colleagues, or colleagues and partner, or with the world. I don't want to repost internal stuff on the extranet or the other way around. I want one transparent system to work securely inside the organization, with partners and with the world.

re: Extranet Collaboration Platforms. Coming Soon, But Then The

Samuel: that's a nice thought, and I wish it could come true: to allow an enlighted workforce to determine who gets to see what.Sadly, permissioning, corporate controls, regulatory compliance, Sarbanes-Oxley, HIPAA, name your favorite infosec law, makes that hard to do at scale.But we certainly don't want to burden people with two toolsets, so there has to be a better way than dual systems.Wish I knew what it was!