Why an intranet can’t go it alone, how to be a successful player in the realm of business, and what really matters if you want your intranet to succeed
“We don’t need the IT department on this project!” This is something you’re very likely to hear when an intranet project that’s about to go south, kicks off. And unfortunately, about a third of all projects end up going this route.
Why wait? Why take a lot of time to decide? We’ll simply call it an “employee app,” bring in a cloud provider, leave our lame IT department out of the picture, and we’ll be up and running with a really cool solution in just a few days or weeks!
So much for the idea and its feasibility. Corporate communications gets everything up and running, leaves IT out of the picture, and sets up a cloud solution that’s tailored to not needing IT.
However, you could get it wrong the other way too. The intranet? It’s a piece of software we run ourselves that belongs to us. We’ll just make a few small changes! And, no, we don’t need to ask anyone. Actions instead of words!
And there you have it: the new system is already up and running. It may look chic and sleek, but unfortunately, no one is using it. But without the meat and potatoes - input and content - no intranet on earth will be successful.
And even if we do love to brag to our customers that this amazing app is the be-all and end-all, the real star is the content driven by engagement.
No Intranet Success without IT and Corporate Communications
The fundamental task of corporate communications is to support management in matters of external and internal communication. In large companies, there’s sometimes even an organizational distinction between external and internal corporate communications.
We’ve already considered the idea that it can be disastrous not to involve the works council (see “Establish Broad Support – Before You Start”).
The situation is very similar here: once you have everyone around the table, you’ll definitely need many rounds of discussion and decision making before the results can speak for themselves.
In reality, it doesn’t really matter how you get things started on your own. So, if something like this happens to you and you can’t put a stop to it, I strongly recommend removing yourself from the project and finding something else to do. Because if a miracle doesn’t happen, things can only go wrong.
At some point, corporate reality will catch up with you. That’s because, by going it alone with a cloud-based intranet, you’ll throw a wrench in the works of the organizational system. Management is just as annoyed by the lame IT department as you are, and this gives you the green light for a quick solution. You plug in the new system and do what you do best: fill the system with really cool content. What you got out of the box (our Linchpin solution belongs to the category of “plug-in intranet systems”) is pretty chic and looks ready to go. Great. Top management is satisfied. You go live with the intranet to the workforce. You get some pretty good feedback. So, who needs the IT department? You knew it all along!
And just when you think you can slowly start devoting yourself to some new projects and tasks, the first problems start to creep in: data protection, legal safety, revisions, audits, off-boarding, single sign-on, profile data, system comparisons and synchronization, performance, mobile device management, and so on.
But first things first. Let’s assume that your IT people don’t resent you and they’ve simply decided to ignore you and your intranet. This is crucial because if you have dissent in your IT ranks, you won’t even be able to go live. We’ve seen this a lot. In this case, your project will simply be trashed with some killer arguments shortly before you reach the finish line. As I said, earlier...
If you want to go it alone with an intranet, sooner or later you’ll fail.
From my perspective, the only scenario where a tactic like this can work is when the IT department later gives in and says, “Okay, we agree you were right. We’ll do it your way. We accept the fact that you didn’t bring us on board and we’re happy to be actively involved from now on.” I like to call this a Machiavellian tactic. You power through the various iterations and eventually become so powerful, that you dominate over all the other players. Some people find this to be an attractive strategy but there’s little chance of something like this working. And it will never be sustainable. You’ll create enemies along the way and others won’t volunteer to come to the rescue. They’d rather watch you crash into a concrete post on the freeway at 100 miles an hour. So, you’d better hope your airbag works!
But wait. What we really want is to see the good in people and leave political intrigue aside. Let’s assume that the other players stoically accept everything. Now all you have to do is implement the requirements. A few classic IT stumbling blocks may exist for corporate communications along the way, but that’s to be expected.
And actually, I would have banked on the data protection people saying no to the cloud as an overall concept. By now, however, it should be clear that tech companies like Amazon (AWS), Microsoft (Azure and Office 365), and Google (Google Cloud) have long been on the winner’s path, and it’s only a matter of time before the majority of them stop operating their own servers themselves.
For me, however, an incident at help desk provider Zendesk proved symptomatic of the ways in which data protection in the cloud can be awkward. What I discovered was this: you can never lose sight of the fact that third parties will be able to access your data in certain circumstances. The manufacturer of Zendesk’s help desk system knew that excellent customer support is critical to the success of the Zendesk product and business model. So, the provider gave its employees the option of being able to start sessions with any customer account in the system.
In a nutshell, any Zendesk support employee could log into their system as an agent or as any particular customer. In reality, this is pretty helpful because it speeds up support. It allows problems to be understood more quickly and remedied faster and better. Unfortunately, this practice not only contravenes the GDPR, which was not in force at the time, but most likely all the other data protection standards in the world – even the American ones.
If you allow a third party to run your intranet for you, you have to make sure they don’t break the law.
Specifically, you need a legally safe contract data processing agreement between your organization and the provider that has access to your systems. If multiple companies have access, you need to ensure that all participating organizations submit to the agreement. Large companies in particular often come to us to arrange reviews to ensure that the agreement is not only signed but actually put into practice.
In addition to legal safety and data protection, IT also focuses on information security. A basic requirement here is that the software is so secure that third parties can’t simply break in from the outside. That’s easy to say. But you don’t have to be a diehard fan of hacker movies to know that there are countless malicious players out there trying to break into servers and software systems at any time. And they succeed at this too, even though that’s the last thing you want.
It’s therefore extremely helpful for your IT department if the software can be installed behind a firewall in your own infrastructure. Then it doesn’t really matter how secure the software itself is. Ultimately, it’s secured from the outside by a supposedly very safe firewall. That said, cloud software is usually accessible on the open internet and, as a consequence, is exposed to much greater dangers. The only thing that matters for corporate communications is that your corporate cloud intranet is not hacked. But how will you know whether or not it’s in danger? No one can ever completely rule this out.
If you don’t get the support of IT now, a dark cloud will hang over your project, you, and ultimately your career. If the cloud service that you’ve brought in on your own without involving IT goes south, not only will IT blame you for it, but everyone else will too. Think dark hacking scenarios, data loss (everything gone), or inaccessibility (i.e., the servers are continuously down, or they’re down for a very long time or everything becomes very, very slow).
What’s actually celebrated as the great benefit of the cloud (i.e., everything secure, everything fast, everything under control – with absolutely no IT involved) quickly boomerangs when everything falls apart. Admittedly: the risk of this happening is not particularly high. If worst comes to worst, however, it really can be a problem - and annoying – and it will all come back to haunt both you and corporate communications.
And, of course, having IT on board won’t make the same cloud service any less vulnerable. Even if they are on board, the intranet can still be hacked, suffer a long outage, suffer data loss, or be constantly slow. However, if this does happen, everyone will be fine, at least from a corporate policy perspective. This is because corporate communications will point the finger at IT. IT, in turn, will document that it carried out its due diligence properly on the cloud provider and will call it “residual risk!” – and life will go on as normal.
But let’s move away from the hypothetical horror scenarios and practical situations that corporate reality is sure to throw at you, which, in my opinion, are certain to prevent the successful implementation of your intranet project if you don’t involve IT.
A modern intranet is made up of people who interact with one another. That’s why many providers now put the word “social” in front of the word “intranet.” It should be a place where people can come together to work, exchange ideas, and experience a feeling of togetherness, all while developing and reinforcing topics and content. And the people who are active on the intranet have profiles. A profile consists of a photo and as many descriptive fields and information as is feasibly possible.
As a rule, IT doesn’t have a particularly large volume of structured and approved information available. So, it’s relatively rare that the data you can pull from a user directory consists of anything more than just usernames, first and last names, email addresses, and group associations.
For proper profiles, you need a photo that users can best upload themselves, otherwise, you may run into problems with the GDPR and other personal rights.
You have a section in there – the heart of the profile, so to speak, that IT maintains – with the user name, password, real name, and email address. And then there’s the other section, which can only be efficiently collected and maintained on the intranet itself. Some companies already have this data stored elsewhere. In this case, the information then needs to be imported, of course, and perhaps synchronized if necessary, but I’ll come back to this in a moment. My point is that the heart of the profile will only be accessible through IT. Period.
I’d even go so far as to argue that if you don’t get this from IT, you won’t be able to get started on your intranet. And I’m not referring to a one-off export either. You’ll need constant and permanent merging. And yes, I’ve already seen someone make the rather half-hearted attempt to simply export the data from an easily accessible user directory and then leave the user and password set up to an outside intranet cloud provider. You can do it like that if you want. However, it won’t work for long.
This is because you have no way of ensuring that new hires are entered into the system or that people leaving the company have their access credentials canceled. Systems like Yammer used to solve this problem easily using email addresses: if you have an firstname.lastname@example.org address, you’re still an employee. That’s one method. However, it doesn’t go far enough in terms of mapping the GDPR requirements and other legal frameworks. I doubt that corporate communications would be able to get away with this sort of thing today.
By far the best option is a single sign-on solution (SSO). You’ll be familiar with this from the internet. You can now use it to sign in to a wide range of services using your Google, Facebook, or Microsoft account.
The providers take care of the legitimization process and then pass on the information that you share as a user to the new service. This also works for intranets – either those created by your IT department using a similar solution or by staging the solution themselves. Again, the important thing here is that there’s no SSO without IT. So, if in doubt, you’ll have to negotiate that curve like Machiavelli – i.e., using a power play – and force the connection.
In addition to the central profile, additional user information can be synchronized in both directions. Our major customers often use SAP for this. We, for example, have incorporated an import interface from the HR module in the SAP system into our intranet. You can’t get something like this to work, however, without the involvement of IT -- or if you can, you won’t be able to keep it running permanently. Many other systems can be integrated into your intranet using programming interfaces (called APIs). This is also possible if you have cloud intranet, but the systems to be integrated operate behind a firewall. And again, you’ll only be able to do this in collaboration with your IT people.
If you want to roll out your intranet to mobile devices, you’ll have to verify whether the employees in your company are allowed to use their personal smartphones. That would involve a BYOD concept, which we’ve already discussed (see “Bring Your Own Device Concepts and Their Strengths”).
Control mechanisms in the form of software also frequently exist in order to subject smartphones and the data they carry to special protection. These usually involve the mobile device management systems (MDM) I’ve already referred to above. Usually, even your IT will find these mechanisms insufferable, though, because most of the solutions available are useless.
Without the involvement of your IT people, you’ll find it difficult to determine why certain things aren't performing as you might imagine. And performance problems are quite common with cloud systems because they’re run on physically distant servers.
If you have a weak internet connection, even the most advanced intranet will be useless. No one will ever use slow software -- which means you’ll have to put it back in the box. Incidentally, real deceit and lack of trust can creep in if everyone in IT has also read Machiavelli, and they decide to configure a rule into the firewall that systematically triggers a speed brake for access to your intranet.
In my opinion, something like that requires a warning shot across the bow and the ostracism of those responsible, but this is the way it goes with many of the power games we unfortunately experience in very large organizations. Incidentally, if you think it’s impossible to disguise actions like this, you’re wrong. In this case, IT simply uses a standard concept for abolishing network neutrality by declaring individual systems (business) critical. This results in a lot of the information highway’s bandwidth being reserved for these systems. And because your system isn’t business-critical, it will be throttled.
We’re now delving quite deeply into the political warfare that can be observed at some corporations. So, at this juncture, I’d really like to recommend something to you:
Don’t try to cut corners! Get IT on board as your corporate communications arm. This way, they’ll be more likely to take care of the corporate communications side of the project. And while you’re at it, talk to the works council!
Your project may take longer to get off the ground at first, but if everyone wants it, it will have all the bells and whistles. And that’s all that counts in the end. Later on, nobody will ask you how long it took to scratch away the grains of sand with your plastic shovel. The main thing is that the standing stone has been toppled and everyone is impressed. So be patient. You’re on the right track.
Link to this page: https://seibert.biz/intranetbookgettingstarted