« AIIM Conference: Communities Social Networks | Main | Circling Around To Enterprise 2.0 Again »

March 09, 2009

Enterprise Social Messaging: Vendor Replies

Yammer, despite multiple requests, did not respond to my earlier post on the need for tools in this category to support policy, integration, security and other capabilities expected by enterprise decision-makers. Someone mentioned identi.ca as another option which I had forgotten to mention (as well as Traction which did provide some information). The folks behind ESME also did not reply but given it's still being worked on within Apache, that's actually understandable. some things that came to mind as I scanned these replies:

  • On encryption, I wonder if AES would also be a valuable feature (often used for web conferencing to encrypt data flows). I also wonder if data should be encrypted within the repository on the back-end when hosted.
  • On archive/logging, while individual sessions are captured - will conversation threads need to be built to satisfy records management and e-discovery needs.

The notes below are vendor supplied comments to the earlier post, I just wanted to call them out rather than see the information lost in the comment section.

SocialCast (Vendor Supplied info)

Security

  • We take service availability, integrity, and confidentiality very seriously. Our application and data center network environments are designed to deter, detect, and deny unauthorized access. We have been providing software as a service to enterprise clients for almost four years now in a variety of sectors including government, entertainment, retail, and media.
  • Data traffic between clients and Socialcast servers are encrypted using Secure Socket Layer (SSL). Security monitoring at our network, hardware, and application level are implemented and constantly maintained by our network operations and security team.

Access Control

  • In order to access and use the Socialcast service, each user needs to provide valid email and password credentials.
  • All user activity is only accessible to other users from the same organization. Socialcast is a tool that is private to each company, all communication is between employees.

Archive/Logging

  • All application usage by users are logged, archived, and backed up (including secure remote backup).
  • Users have access to the entire history of available messages either via searching or by paging through the history of activity.
  • Administrators have the ability to block and hide content that may deem inappropriate.
  • If a user chooses to delete content, it is simply a soft delete, as the original is still logged and stored but it is removed from view.
  • Clients can choose to request to download all of their content at any time.

Policy Management

  • Administrators have full control over which users have access to the system. They initially set up and invite the users, and they have the ability to add new users, edit existing users, and terminate access for users.
  • Administrators also have control over which external services and features their users are able to import and access.
  • Further directory integration and granular user access is scheduled to be rolled out onto the platform in Q2. At the same time, many of our clients have unique needs depending on their sector. For example, 90% of employees that work at some of our retail clients do not have a corporate email account and don’t use directory integration. Socialcast allows these clients to reduce the anonymity of these workers in a secure, transparent environment utilizing SaaS and mobile access to our software platform. For the first time, our clients are gaining direct communication access to front-line employees.

Email/IM integration

  • Socialcast's Google Gadget can be integrated into Gmail, iGoogle, or Lotus Notes 8. (Note: A large number of our customers use Google Apps)
  • Jabber integration allows users to interact with Socialcast via IM. Additional IM integrations are coming to Socialcast in Q2.
  • Users can also choose to use Twitter to update their status inside Socialcast.
  • Many new integrations for email and IM clients are coming in Q2 and Q3.

Socialtext (Vendor Supplied info)

Security

  • Socialtext provides an appliance that can be deployed behind the firewall for a high level of network protection.
  • Socialtext Signals & Socialtext Desktop transmissions are encrypted via https when the server uses https.

Access control

  • Socialtext Signals and Socialtext Desktop require username/password login to send and view signals.
  • Socialtext Signals and Socialtext Desktop already leverage Socialtext's directory integration. Socialtext Signals also leverages existing browser-based Single Sign-on implementation. Socialtext Desktop is not yet supported with Single Sign-on.
  • The only users who can see Signals are users who belong to the same network (directory group) as the sender of the signal.
  • Individual users can participate in more than one network. The most common example an intranet and one or more extranets. In those cases, the user will be able to choose which network to send a Signal
  • Users can send Signals regarding updates to wiki pages. These Signals are transmitted only to users who have permission to view the signaled pages. For example: Alan follows Eugene. Eugene is in several workspaces in common with Alan, and when he makes updates to pages, Alan can see them. However,
  • Eugene is also in workspace that Alan is not authorized to, for example Leadership Team. When Eugene updates a page there, even though I am following him, Alan does not see that update.

Policy management

  • Socialtext Signals is enabled on a per-network basis. Appliance administrators can choose to enable or disable Signals for a network. Appliance administrators can view all users per network, add users, and remove users.
  • Socialtext is currently working on a feature to enable directory groups to be added to an account. This is expected to be available in Q2.
  • Socialtext has fine-grained role-based access. We currently have no known customer use cases to restrict the use of Signals by role, but expect it and is easily implemented with the current architecture.

Archive/Logging

  • All Signals sending actions are logged, archived, and backed up. Users can page through past signals. A robust display of past signals is on the roadmap.

Email and IM integration

  • Email and IM integration are on the roadmap.

Traction TeamPage (Vendor Supplied info)

For Traction TeamPage's LiveBlog product: security, access controls, archiving/logging, LDAP/AD integration, and policy management (including groups defined by dynamic LDAP/AD queries) are all handled by the TeamPage engine (along with permission aware display of search results, RSS/Atom feeds, IM notification, email digests, and inline comments, and paragraph level tagging). I'm not aware of a competing product that goes deeper or does more.

"LiveBlog" is a specialized (ajax) skin with live updates and a Twitter like interface that can be specified as the default for any TeamPage project (aka workspace). The content of a LiveBlog post can be viewed, tagged or replied to using the LiveBlog UI - or the UI search, syndication, inline comment and all other capabilities of the TeamPage product.

March 09, 2009 in Enterprise 2.0, Social Networking & Collaboration |

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.

Martin

Thanks for this blog post! Maybe you should consider creating a comparison matrix. I would like to add the answers for Communote (www.communote.com):

Security
- Security is one of the key issues for enterprise adoption. For this reason it is very important for Communote:
- SSL encryption (https)
- Secure RSS (RSS feeds require username/password)
- Robust and well-tested J2EE application
- You can choose between the SaaS solution hosted on our servers or an in-house installation
- Regular security audits and an ambitious security roadmap
- IP range restrictions can be defined by the administrator (soon)
- Accounts are temporarily locked on multiple false login attempts (soon)
- Setup of company specific VPN on explicit customer demand possible (soon)

Access Control
- LDAP integration
- No limitation to a specific email domain
- Users with administrator rights can activate new users
- Communote is organized as platform for a set of microblogs. You create topic-related microblogs like “Project ABC” and invite existing or new users to this special Microblog. A microblog can be readable/writable for all or you can add single users as viewer, member or manager. This allows our clients a powerful rights management with as much transparency as possible but as much access control as needed.
- Of course users only see microblog names or tags in the tag cloud where they have rights for

Archive/Logging
- There is no “lost message on page 42” in Communote. The system is built to find relevant stuff even after a long time. We have text search, tags, filter for authors and filter for a time period. You can combine all these filters and drill down till you find what you need. The tag cloud gets updated for every filter combination. This way you have a good summary of related keywords.
- Postings or microblogs can be exported.

Policy Management
- The administrator has full overview on the users in the system.
- Responsible for the single microblog is the manager of this blog. The administrator cannot see the microblog or its postings.
- We will support LDAP groups soon.
Email/IM
- Integration is mission critical for enterprise Microblogging. Communote comes with:
- email and XMPP integration (for postings and notifications)
- RSS on every possible filter combination
- Portlets
- mobile client
- JSON API

Posted by: Martin | March 13, 2009 at 08:43 AM

The comments to this entry are closed.

Become a Fan

Twitter Updates

    follow me on Twitter

    Subscribe to Collaborative Thinking

    Recent Posts

    Categories

    Subscribe to this blog's feed
    Add me to your TypePad People list

    Archives

    More...