The Challenge of Collaboration AND Security

This is a discussion I also have had with IT to point out how they are either in denial or that their belief in security is overblown. I believe that nothing is secure and that whatever security measures you create someone (and people are very clever) can find a way to get to it. That does not mean that security is futile and you should abandon it, what it does mean is that you want to make it as difficult and expensive as possible for someone to get at your secure information. In reality most IT groups do a good job of perimeter security, but not such a good job on the number one security threat, people, your employees, even your best employees. The diagrams below from Brainloop shows a variety of security risks, and features in Brainloop to deal with each of these risks:

 

I used to get the security is critical talk every time I brought this issue up at a number of three-letter agencies, or when I was the keynote speaker at the Joint Conference on Collaboration for the Intelligence and Military communities a number of years ago. I am not saying that security is not critical, but that a culture of security and not one of collaboration contributed to the 9/11 disaster. There are many other examples for when collaboration is critical in an enterprise: for supporting distributed teams, for working with entities outside the firewall, for finding and interacting with colleagues inside the firewall… 

 

These days, with collaboration being so popular due to economic realities driving the adoption of these tools (travel bans), and the Web 2.0 movement towards transparency and participation, there has to be a way for collaboration and security to work together, they should be like peanut butter and chocolate, where one enhances the other. A great example of this is the new boat that BMW Oracle Racing have built for the next America’s Cup challenge in February. This YouTube link shows the revolutionary new firm sail that they are using on their boat, which took 40,000 hours of design and development time. I am sure this information was made as secure as possible, as a leak could be devastating in a race. However, the idea of a crew sailing this boat to win the race is also one where collaboration is critical.

I recently was briefed by Brainloop, who offers document and collaboration security. I had a far ranging discussion with Camille Roberts their Director of Marketing. They focus on security, governance and collaboration. They deal with document security, and specifically the problem of how to get files to where they are needed in a safe way, where they are available from anywhere, and then can be specifically encrypted for just that person. 

 

 

Brainloop has been around for 10 years, started in Munich but two years ago opened an office in Cambridge, MA. Their technology is often used with financial services (M&A deal room), or with biotech companies looking to have a larger pharmaceutical firm do the clinical trials and marketing for the molecule they developed. They also are used often in conjunction with SharePoint which provides some level of security, and though an API they can make specific documents more secure and shareable in Brainloop.

 

I have been fond of saying lately that “the best way to make money in the Web 2.0 world is through Intelligent Aggregation.” Some successful examples of this are Facebook (aggregates people and makes it easy to add friends and communicate with your network), Amazon (aggregates books, but also aggregates cloud servers (their EC2 (elastic compute cloud) service), and there are many more examples of this. The ability to make an aggregation of secure document available to clients through a central repository (called a document collection) is a huge asset.

 

Some customers use this to help prevent documents being duplicated. Another advantage is that a document in the collection can is a document collection can draw on sets of source documents.  For example is you are creating documents for the board of directors for a board meeting, everyone can work on their own part of the document and then to distribute the documents they can send the link to the document collection. Source docs can live in different locations and are not duplicated in the collection. This too is a good example of Intelligent Aggregation.

 

It will be interesting to see how this service evolves over the next year. With Smart phones becoming a common way for employees to access and comment on documents I believe we will see a mobile strategy from Brainloop.