Enterprise 2.0mplementation

AARON C. NEWMANJEREMY THOMAS

New York Chicago San FranciscoLisbon London Madrid Mexico City Milan

New Delhi San Juan Seoul Singapore Sydney Toronto

CONTENTS

Foreword xixAcknowledgments xxiiiIntroduction xxv

4 , Overview q( Enterprise ZQ . ,r>

T 1 The Evolving Technology Environment 3Web 1.0 4Before Web 1.0 5Web 2.0 6

Web 2.0 Technologies 8Web 2.0 Warnings 10Collaboration 11It's All About the Content 12

Enterprise 2.0 13Enterprise 2.0 as a Competitive Advantage 15Making the Move to Enterprise 2.0 17

Summary 19

XI

xli Enterprise 2.0 Implementation

T 2 Enterprise 2.0 ROI 21The Need for Measuring Return on Investment (ROI) 22Measuring Enterprise ROI 22

Measuring ROI in Web 1.0 23Measuring ROI for Small Projects 23Measuring ROI for Large Projects 23What Does ROI Measure? 24

Return on Investment Analysis 24The Scenario 24Enterprise 2.0 Solutions 25Goals 25Costs 26Implementation 26Adoption Success 27Beginning the ROI Measurement Process 27Measuring Benefits to Joction 33

Measuring the Return on Investment 36Comparing Open Source Costs 37

Open Source Software Costs 37Summary 38

T 3 Social Media and Networking 39Pre-Internet Networking 40

The Internet Expands Communications 41The Need for Online Networking 41

The First Online Social Networks 41Present Day: Facebook and MySpace 42

Combining Business Networking and Social Networking 42Social Networking Theory 43Network Effects 43Social Networking in the Office 44Social Networking Outside the Office 44

Barriers to Adoption 45Risks of Implementing and Using Social Networks 46

Overview of Current Social Networking Platforms 47Facebook 47MySpace 48Linkedln 48Ning 48

Internal Social Networking 52Awareness 52IBM Lotus Connections 53

Contents

Clearspace X 53HiveLive 53

Bringing Social Networking to the Enterprise 54Summary 54

T 4 Software as a Service 55

Software as a Product 56Economics of Software as a Product 57Using Software as a Product 58

The New Model: Software as a Service 59SaaS Challenges 60

Infrastructure as a Service 62Virtualization 63Virtual Appliances 64

SaaS Security 65ASP Versus SaaS Model 66Summary 68

implementing Enterprise 2.0 Te

T 5 Architecting Enterprise 2.0 71

Why Enterprise 2.0? 72A Quick and Dirty Enterprise 2.0 Case Study 72

Why Enterprise 2.0 Faces Greater Challenges than Web 2.0 74The Internet vs. the Intranet 76

The Intranet 78Leveraging Existing Information Assets 81

Master Data Management 82Thinking in Terms of SOA 84Service-oriented architecture: The Plumbing 86Search, Search, Search 88SOA and Democracy 90

Discovery 91Crawling and Indexing 91Searching 92

Motivation 97Authorship 98Capitalizing on Informal Networks 99Signals 104Rich Internet Applications 105Summary 106

X I V Enterprise 2.0 Implementation

T 6 Enabling Discovery 109

Why Companies Need Discovery 110The Enterprise 2.0 Discovery Vision Il lImplementing Discovery in a Phased Approach 114Respecting Security 117Integrating Line-of-Business Applications 120Customizing the Search User Interface 123Leveraging Collective Intelligence: Social Bookmarking 124An Enterprise 2.0 Discovery Case Study 127

Planting the Seed 130Enterprise Search Vendors 140Social Bookmarking Vendors 142

Summary 143

T 7 Implementing Signals and Syndication 145

What Is Web Syndication? 146Types of Feeds 149Advantages of Web Syndication 149Feed Readers 152

XML 155XML Documents 156

RSS 164RSS 0.91 165RSS 0.92 167RSS 1.0 169RSS 2.0 171

Atom 171Atom 1.0 Format 171Parsing an Atom Feed 175

Summary 177

• 8 Implementing Wikis 179

What Is a Wiki? 180Evolution of Wikis 180Why Use a Wiki? 182

Using a Wiki 183Editing Content in a Wiki 184Recent Changes 187Page Revisions 188Locking pages 189Linking and Searching in Wikis 190Wiki Roles 191CMS, ECM, and Wikis 192

Contents

Wiki Platforms 192Installing a Wiki 195

Installing a Wiki on a Server 196Installing a Wiki Virtual Machine 198

Adopting Wikis in a Corporation 199A Journey, Not a Destination 201

T 9 Implementing Blogs 203What Is a Blog? 204

The Blog as a Printing Press 204Business Blogging 205

How to Blog 206Characteristics of a Blog 215Other Types of Blogs 217Blog Search Engines 218Mixing Work and Personal Life 222Building a Community of Business Bloggers 223

Blogging on the Intranet 224Other Blogging Platforms 230Monitoring the Blogosphere 231

Summary 235

T 10 Building Mashup Capabilities 237Mashups in the Real World 241

Mashup Makers 241Service and Widget Makers on the Internet 243Service and Widget Makers on the Intranet 248Mashup Servers 252

Enterprise Mashup Makers: Spreadsheetsfor Enterprise Applications 254

Summary 261

T 11 Rich Internet Applications 263What Is a Rich Internet Application? 264

The Web as a Platform 266AJAX 266

XMLHttpRequest 268JavaScript and the Document Object Model 269Using the XMLHttpRequest Object 270Google Widgets Toolkit 272

ASP.NET AJAX 274Server-Centric Model 274Client-Centric Model 276

XV

Enterprise 2.0 Implementation

The Future of RIAs 278Adobe Flex 278Example Flex Application 279Microsoft Silverlight 281

Summary 282

• 12 Implementing Social Networking 283

Social Capital 285Defining Informal Networks 289

Social Graphs 290Social Graphs of the Corporate Intranet 299

Visible Path 299Social Networking Software 301

SocialEngine 302Summary 311

• 13 The Semantic Web 313

HTML Markup 314The Semantic Web 317

Ontologies 317Human Understanding 319Layer Cake 320Semantic Web Value Proposition 321Approach 322

RDF 323SPARQL 325

OWL 327Microformats 330

Semantic Web Technologies and Enterprise 2.0 331Summary 333

Managing Enterprise 2.CF1

T 14 Governance, Risk Management, and Compliance 337

Whole Foods Market Inc 338A New Era of Governance 341Risk Management 342

Best Practices 342Culture 343

Mitigating Risk 343Regulations and Liability 344

Resource Abuse 346

Contents

Managing Best Practices 347Standards 348

Structure 348Discoverability 349Cultural Governance 350

Transparency, Flatness, and Informal Networks 350Compliance 351

Securities Exchange Act of 1933: The Quiet Period 351E-Discovery 352Business Record Retention 352

Summary 353

• 15 Security 355

Security = Risk Management 356Managed Risk 357What Is "Good" Security? 358Getting Hacked 359Think Like a Hacker 360Internal Threats 361Security Policies and Procedures 361Sensitive Information 361

Security Technologies 362HTTPS 362Securing Web Services 363

Auditing Enterprise 2.0 Applications 364Gathering an Inventory 365Auditing Content 366Reviewing Authorization 369

Security Vulnerabilities 369Third-Party Software 370Google Hacking on the Intranet 371Securing Mashups 372Denial of Service Attacks 372SQL Injection 373Cross-Site Scripting 375Sample Vulnerabilities 377Security Vulnerabilities in RIA 378

Summary 379

• Glossary 381

• Index 391

xvii