Power to the people? Managing technology democracy in the workplace Sponsored by A report from the Economist Intelligence Unit Power to the people? Managing technology democracy in the workplace Preface P ower to the people? Managing technology democracy in the workplace is an Economist Intelligence Unit white paper, sponsored by Trend Micro The Economist Intelligence Unit bears sole responsibility for the content of the report The Economist Intelligence Unit’s editorial team executed the survey, conducted the analysis and wrote the report The findings and views expressed here not necessarily reflect the views of the sponsor Our research drew on two main initiatives: l We conducted an online survey in March and April 2009 In all, 390 executives from seven European countries took part l To supplement the survey results, we also conducted in-depth interviews with senior executives and independent experts on technology use in the workplace The author of this report was Svetlana Grant and the editor was Denis McCauley Our sincere thanks go to the survey participants and interviewees for sharing their time and insights on this topic September 2009  © The Economist Intelligence Unit Limited 2009 Power to the people? Managing technology democracy in the workplace Executive summary T echnology changes are often accompanied by fanfare, but in recent years at least one quiet technology revolution has been developing in the workplace Individuals are adopting for work use the applications and devices they have learned to use in their personal lives Applications previously accessed only on home computers, such as wikis and social networking sites, now appear on business PCs Nearly every employee is now equipped with a personal mobile device and can become an online publisher with the help of blogs As a result, employees are challenging the technology status quo in their organisation Many are demanding “technology democracy”—greater freedom to use the information technology (IT) applications and devices of their choice in order to conduct their work more effectively Companies are not entirely ready for this development In Europe, many firms resist the notion of according greater technology choice to employees and business units Just under one-half—48%—of respondents to an Economist Intelligence Unit survey of European executives conducted for this study say that management of their firms is supportive of expanding technology freedom at the grassroots level, but virtually the same number, 47%, say the opposite On a hopeful note, executives tend to see more opportunity than risk to their business from this development Nonetheless, the use of new IT tools goes on at many firms without clear IT guidelines and proper training In their absence, business risks are likely to increase for these firms This pressure from below on company management and the IT function will to continue to mount Generation Y, also known as the “millennials”, is populating the workforce in increasing numbers, and it will not be long before they begin advancing to middle management positions Increasingly reliant on social media, messaging and other personal networking technologies to conduct their work, this generation will challenge the established modes of IT management in organisations Other key findings from the research are highlighted below l Innovation and morale stand most to benefit from technology freedom Over 40% of European executives are prepared to deal with the risks of technology democracy in order to reap its business benefits The chief gains, they believe, will come in the form of better grassroots innovation, as well as higher morale on the part of employees who are trusted to make at least some technology decisions for themselves  © The Economist Intelligence Unit Limited 2009 Power to the people? Managing technology democracy in the workplace l The risks are real but can be managed The fears of executives who resist according greater technology freedom in their firms are not misplaced No few employees have wasted valuable work time using Web 2.0 applications for personal purposes, and companies have been damaged by sensitive information appearing on blogs, for example Survey respondents agree that the biggest risks from technology democracy are lower productivity, the loss of confidential information and an increased vulnerability to viruses l Keeping technology chaos in check requires clear rules Where any degree of democracy exists, technology freedom must be supported by clear rules and regulations to prevent a descent into chaos The most important means of minimising productivity loss and security risks include conducting regular and mandatory training courses for employees, developing formal guidelines and continuing the work of upgrading network defences l Firms must provide better training on using new technologies Most executives in the survey claim that their firms have drafted IT policies to govern employees’ use of devices, applications and websites in the workplace But few have begun to instil these guidelines in the minds of employees: no more than 21% of surveyed firms provide training on the use of personal communications devices, and only 17% this in regard to social networking applications More worryingly, no more than one-fifth have plans to so in the future l Some IT decentralisation may be needed to manage the security risks When asked their view on the implications of greater technology freedom for the IT function, survey respondents’ reply that Six steps to keep technology democracy from descending into chaos Whether or not management is supportive of expanding technology freedom, grassroots pressure to use new technologies will not go away The research suggests a few measures that all organisations can implement to ensure that this pressure remains creative and not destructive l Publish clear guidelines for technology use and update them regularly Clarifying the rules of technology engagement for employees is imperative in order to minimise the threat of security breaches (and productivity loss) They must also be updated frequently, as technologies change at breathtaking speed l Make the guidelines specific Some firms which encourage the workplace use of blogs and social networks, for example, require employees, among other things, to identify themselves clearly and to use disclaimers when discussing the firm, and to avoid citing clients, partners or suppliers without their approval l Educate and train It is not enough to develop guidelines; they must be communicated to employees Courses on the use of social  media and personal communication devices should also become part of regular employee training l Be ready to devolve some security oversight Securing the everexpanding universe of applications and devices that employees use could overwhelm the centralised IT function Trained IT specialists in the business units may be better placed to manage this aspect of information security l Develop in-house social networking tools Large companies should consider building internal social networking applications, which can deliver the benefits of information sharing—especially improved innovation—without the security risks Such tools may not be right for all firms, however, as they can require significant resources to build and maintain l Make the business units a partner of IT Current mantra holds that the IT function must become a “true partner” of the business units This should also work the other way round Employees often have a keener sense than IT of the business utility of a new application, and line managers may have a better knowledge of employees’ technology needs and practices Involving business units in technology decision-making will ensure that this knowledge is tapped, and will also expand awareness of new risks © The Economist Intelligence Unit Limited 2009 Power to the people? Managing technology democracy in the workplace the delegation of responsibility for information security to individual business units is the most likely outcome This would allow the IT function to focus on other tasks, such as the management of firewalls and other aspects of physical network security and tracking new external threats The technology democracy survey The analysis in this study is based in part on an online survey, conducted by the Economist Intelligence Unit in March and April 2009, of 390 executives based in the UK, Germany, France, Italy, the Netherlands, Sweden and Russia The sample was senior: 49% of all respondents were C-level executives, with CEOs and board members  alone accounting for 30% of the group A range of functions was represented in the survey, with general management, strategy and business development, sales and marketing, finance and IT the most prominent Respondents hailed from 18 different industries, as well as a range of company sizes, with one-half of respondents coming from large firms—those with over US$500m in annual revenue More details on the survey sample and results can be found in the appendix © The Economist Intelligence Unit Limited 2009 Power to the people? Managing technology democracy in the workplace Introduction: Challenging the established order T The Work Foundation, Changing Relationships at Work, 2008  he traditional model of information technology (IT) management in organisations may be likened to a benevolent dictatorship The IT function, led by the chief information officer (CIO), chief technology officer (CTO) or IT director—having the best interests of the business at heart—makes all decisions about which technology tools should be used by staff, procures them centrally, and sets the rules by which these tools are used for daily tasks This model, which has predominated for half a century around the world, in public- and private-sector organisations alike, allows some limited freedom for experimentation to individual business units, but almost none to individual employees “Technology democracy”—which we define as freedom to choose the IT applications and devices with which to conduct one’s work—spells chaos and risk for IT’s “benevolent dictators” As the Internet and advanced (particularly mobile) telecommunications have become a thorn in the side of political dictatorships, however, so the use of these technologies in organisations threatens to erode the traditional model of IT management By increasingly bringing the technologies they use in their personal lives into the workplace and using them for work purposes, employees are, consciously or not, making a case to be involved in the IT decision-making process The change is gradual: some use blogs to solicit product or marketing ideas from peers; others use personal mobile devices to read work e-mail or make business calls In many organisations, the result is a quiet workplace revolution as employees assume the power to choose their own applications and devices Driving the change is the rising use of Web 2.0 applications and personal communications devices by individuals The workplace use of these technologies may not yet be as widespread as is popularly assumed, according to Alexandra Jones, associate director of the Work Foundation, a UK not-for-profit institute which conducts research on work practices Ms Jones points to the results of a recent study by her organisation which suggests that less than one-fifth of UK employees at large companies use blogs or social networks while at work.1 There is little doubt, however, that the workplace use of these technologies is on the rise More than two-thirds of European executives in our survey believe that the use of personal mobile phones and notebook computers by their employees for work (as opposed to personal) purposes is increasing; nearly one-half think the same about social networking and similar applications Several changes in the working environment will ensure that this trend continues One is the arrival © The Economist Intelligence Unit Limited 2009 Power to the people? Managing technology democracy in the workplace “CEOs and CIOs need to get used to the idea that their companies are now more open and accept it when employees give away more information They also need to rethink their information and technology management.” Michael Nelson, visiting professor of Internet studies, Georgetown University  of a young generation of employees to the low and middle ranks of the workforce This Generation Y, or “millennials”, born between the early 1980s and the mid-1990s, grew up using mobile phones and the Internet; most of them are IT-savvy and accustomed to using social media online During the next five years, they will progress to middle management positions, and some will even start bringing the use of new technologies into executive suites and boardrooms Another change is the rise of teleworking The UK’s Institute for Employment Studies predicts that telecommuters in the original 15 EU member countries will top 27m by 2010, or 14% of all employees, up from approximately 4m in 2000 In the US, already as many as 22% of the entire workforce work remotely at least one day a week, according to WorldatWork, a professional association focusing on human resources management Geographically dispersed employees need new technologies to communicate and manage teams Michael Nelson, visiting professor of Internet studies at Georgetown University in the US, describes the resulting change as “the blurring of boundaries between personal and professional, between the use of technology for personal and business purposes” He believes that its consequences are significant: “The biggest problem corporations face is a cultural issue CEOs and CIOs need to get used to the idea that their companies are now more open and accept it when employees give away more information They also need to rethink their information and technology management.” Far from all the executives in our survey appear ready for this Just under one-half of respondents say that senior management is supportive of according employees greater freedom to use applications and devices of their choice, or “technology democracy” Employees in 40% of Russian firms and 38% of Dutch firms in the survey are likely to face disciplinary actions for using social networking applications (German and French firms are considerably less likely to impose sanctions than the European average.) Technology use in these companies continues to follow the traditional rules, but for how much longer? © The Economist Intelligence Unit Limited 2009 Power to the people? Managing technology democracy in the workplace Key points n Some European executives focus on the risks of according greater technology freedom, but a larger share see greater opportunity than risk in this development n A growing number of companies across different industries are leveraging interactive Web 2.0 technologies to enhance their innovation practices n Freedom to use new technologies and innovate can also become an important morale booster for employees Democracy in action E uropean companies are divided in their views on technology democracy, and for good reason Expanding employees’ freedom of choice introduces many unknowns into the established system of IT functions and responsibilities It opens new and exciting business opportunities, but it also exposes organisations to risks which they have spent many years trying to manage and minimise The arrival of many new technologies to the workplace, moreover, is so recent that executives have not had time to give them much consideration The above are likely to be reasons why nearly one-third of survey respondents (and over 40% of IT executives) believe there is more risk than opportunity in according employees greater freedom to use technologies of their choice at work, and that 23% see as much risk as opportunity A larger share of European executives see a brighter side, however: 42% are prepared to deal with the risks in order to capitalise on its business benefits UK executives are the survey’s most optimistic national group How would you say that senior management of your company views the balance of opportunity versus risk in allowing employees greater freedom to use the technologies of their choice in the workplace? (% respondents) Total Significantly more opportunity than risk IT Non-IT 12 13 Somewhat more opportunity than risk 30 27 30 Equal balance of opportunity and risk 23 18 25 Somewhat more risk than opportunity 18 19 18 Significantly more risk than opportunity 13 24 11 Don't know/Not applicable Source: Economist Intelligence Unit survey, April 2009  © The Economist Intelligence Unit Limited 2009 Power to the people? Managing technology democracy in the workplace Which of the following, if any, are likely to be the main benefits to your organisation resulting from employees’ greater freedom to use applications and devices? Select up to two (Top responses from selected countries; % responses) Enhanced innovation (eg, from employees' involvement in online forums, etc) Enhanced employee morale More effective collaboration with external partners Total 31 27 25 UK 35 32 27 Germany 38 46 23 Italy 37 27 20 Russia 29 13 40 Source: Economist Intelligence Unit survey, April 2009 on this count, with half seeing more opportunity than risk (Russian executives, by contrast, emerge as the most wary, with 41% seeing a greater amount of risk.) John Linwood, CTO of the BBC, the UK’s public broadcasting company, sums up this sentiment: “There are clearly risks involved, but we think those are far outweighed by the opportunities.” Mr Nelson articulates the benefit for businesses: “Every time a new technology appears, it gives people more power Organisations that find the way to build on this power and take advantage of the new tools are the ones that will come out ahead.” The chief rewards for accepting the risks, according to the survey group, include better innovation, improved employee morale and enhanced collaboration with external partners Freedom to innovate Brainstorming with social networking technologies requires clear thinking beforehand about what to with the resulting flow of ideas  A growing number of companies across different industries are leveraging interactive Web 2.0 technologies to enhance their innovation practices One of them is IBM, an IT services firm Says Ed Bevan, IBM’s vice-president for innovation and market insight: “We think that innovation today is a much more complex process than in a lone-inventor era Successful innovation requires a combination of many technologies, business processes and even business models For that you need more expertise, and using social media and online tools are very useful.” IBM uses online collaboration to develop ideas for new business investment The company has been organising an online brainstorming session called Innovation Jam™ since 2006, using a combination of technology platforms it built for the purpose; these have led the company to create ten new businesses with seed financing totalling US$100m, according to Mr Bevan The 2008 session brought together 90,000 participants from 1,000 companies in 20 industries Mr Bevan explains the philosophy behind IBM’s approach: “Technology is obviously very important [to innovation], but it is much more important to have alignment between business approach, strategy and the culture created within a company or a group of companies, which includes partners We have © The Economist Intelligence Unit Limited 2009 Power to the people? Managing technology democracy in the workplace a very similar approach to Innovation Jams, blogs, social media or any other new technologies It is all about democratisation and listening to many voices and ideas, allowing people to collaborate in business ventures, and creating a flat playing field with non-hierarchical approach.” Such brainstorming, however, requires clear thinking beforehand about what to with the resulting flow of ideas, warns Mr Bevan, otherwise “you have a big party where everybody constantly contributes and then nothing happens.” Many organisations are also proactively utilising social media to leverage what Mr Nelson calls the “power and wisdom of crowds” Such organisations as the BBC, for example, use social networking sites to solicit feedback from their viewers Lego, a Danish toymaker, consults an online panel of young toy users called “Kid’s Inner Circle” on specific innovations they would like to see in new products.2 Happier employees, more effective teams The Lego and Procter & Gamble examples are described in The digital company 2013: How technology will empower the customer, a 2008 white paper from the Economist Intelligence Unit Freedom to use new technologies and innovate can also become an important morale booster for employees Ms Jones from the Work Foundation believes that improved loyalty and higher employee retention are important benefits of a more open working environment: “We found that new technologies are associated with a more flexible culture and could play a role in supporting closer working relationships Where the choice and use of new technologies is allowed, employees are more likely to describe their organisation as having a culture based on loyalty and mutual trust, and this is what people like in the workplace.” The survey results support this assertion, at least in some European countries: as many as 46% of German respondents and 31% of those from the UK believe enhanced workplace morale is among the main benefits they expect to gain from greater employee freedom to use technology In addition to talent retention, new technologies are also seen as an effective tool for collaborating with external partners and creating greater team cohesion Longer and more complicated supply For the BBC, social media opportunities outweigh the risks BBC, the British public service broadcaster, has adopted a liberal view on the use of new technologies Its journalists and reporters use social media sites, such as Twitter, on a daily basis as one of many sources of information and public opinion, and leverage Facebook in their research of news stories and people BBC employees also use Facebook for internal networking and communication with colleagues The IT department is also mulling over the policies that would permit the use of personal laptops John Linwood, the BBC’s CTO, who joined the corporation in early 2009 from Yahoo, an online media portal, is receptive to many other uses of social media in the workplace “We are the largest media company in the UK, with 28,000 employees, and interaction with our audiences is very important to us Social networking is an additional tool we can use to achieve greater interactivity Whenever we release  a new version of iPlayer [an online play-back portal for the earlier broadcast programmes], for example, we use the Twitter community to get feedback on different features.” Mr Linwood admits that using social media has increased the risks for the company: “Social networks are another vehicle that malicious people can use; we are aware of that and are making sure that our IT policies and procedures can deal with it.” The corporation has rules for the use of social media and blogging, and it sends its employees on mandatory training courses to make sure they have sufficient knowledge and skills to use information effectively and wisely Information security is a shared responsibility at the BBC, according to Mr Linwood “Responsibility for developing information policy and understanding the IT threats lies with the CIO But in terms of implementation, it is up to each individual employee Once they receive the training, they need to step up and take responsibility for their own actions and for data security within their area Our role is to equip and educate staff across the organisation and then have them take responsibility for the areas in which they are involved.” © The Economist Intelligence Unit Limited 2009 Power to the people? Managing technology democracy in the workplace The use of which of the following technologies/applications will pose the greatest information security risks in your workplace over the next two years? Select up to two (Top responses; % responses) File-sharing sites/applications 28 Laptop and notebook computers 27 E-mail 25 Social networking sites (eg, Facebook, LinkedIn) 22 Smartphones 21 Blogging sites or services 12 Instant messaging Netbook computers Mobile phones Wikis and similar collaborative sites Source: Economist Intelligence Unit survey, April 2009 companies are required to pay for their Internet traffic—in Russia, for example—file sharing can be very costly Executives in Italy and the UK express a particularly high degree of concern with the risks posed by file-sharing sites The use of personal laptops and notebook computers is another category of high-risk devices mentioned by European executives Some firms are beginning to encourage employees to use these in order to reduce infrastructure costs and also to boost personal productivity, particularly while travelling However, laptops and notebooks equipped with WiFi or a mobile broadband connection and unprotected by virtual private network (VPN) software can create holes in network security and be easily exploited by hackers The potential loss of large amounts of sensitive data stored on laptops is likely to preclude a majority of organisations from going down this road Mr Jutte of Achmea, for example, says that he would not consider allowing the use of personal portables “Laptops are high risk because they are used by senior management, who have access to the most sensitive information We are, however, very familiar with the potential risks around using laptops; there is plenty of hardware and software to deal with them.” The issue is not as clear-cut for netbooks—low-cost mini-notebooks used to browse the Internet and access the most basic personal productivity applications With a price tag of US$300-400, they are affordable for many employees, while their small size makes them easy to carry around The risks around the use of netbooks, however, are very similar to laptops; 7% of executives in the survey believe that the use of personal netbooks should be banned in the workplace 14 © The Economist Intelligence Unit Limited 2009 Power to the people? Managing technology democracy in the workplace Key points n No more than a handful of European firms provide training on the workplace use of social networks and personal communications devices, or have plans to so n Allowing employees or business units the power to make decisions about new applications and sites should, in theory, ease some of the burden on IT departments n More IT staff may be needed to ensure application and device security, but these are more likely to work in business units than in the IT department Keeping chaos at bay V irtually all companies will need to allow a greater degree of technology freedom than exists at present, as completely controlling employees’ use of a burgeoning number of devices, websites and applications is simply not feasible More freedom to choose their own IT tools might be good news for tech-savvy employees, but for CIOs and IT teams it presents the headache of having to find new ways of providing a secure working environment For business unit managers, it means increasing watchfulness over employees’ daily work practices to discourage productivity-sapping activities Organisations such as IBM and the BBC have made headway in introducing rules for more technology freedom, but most others have barely made a start What can management to prepare their organisations for the transition to a more open technology environment? When it comes to guarding against information security breaches, executives in our survey believe that the most useful steps would be to conduct regular and mandatory training courses for employees, upgrade network security defences and develop formal guidelines Which of the following would be the most practical and effective measures the organisation can take to ensure that greater employee freedom in the use of technology does not result in the loss of company information? Select up to two (% respondents) Conduct regular and mandatory training courses for employees on guarding against information loss Upgrade network security systems Draft and distribute formal guidelines for employees' use of social networking and similar applications Total 38 35 28 Netherlands 21 47 21 UK 38 48 27 Germany 50 25 39 Russia 49 33 27 Source: Economist Intelligence Unit survey, April 2009 15 © The Economist Intelligence Unit Limited 2009 Power to the people? Managing technology democracy in the workplace governing the use of social networking and similar applications German and Russian respondents put particular stress on the importance of employee training and education, whereas those from the UK and Netherlands emphasize the need to upgrade network security Training goes missing Most executives claim that their firms have already developed the IT policies that govern the use of hardware devices, applications and websites which employees can use in the workplace “We learn some of these tools by doing,” says Mr Bevan of IBM “If you let your employees loose with new technologies, almost anything can happen.” IBM created a set of non-compulsory guidelines for its Innovation Jams and for blogs In its online guide for bloggers, IBM admonishes its employees: “Don’t cite or reference clients, partners or suppliers without their approval”; and it proceeds to offer other guidelines on the use of content, proprietary information and copyright issues The BBC, according to Mr Linwood, requires that employees clearly identify themselves when discussing company-related matters and use disclaimers If the survey is any judge, however, very few European companies have begun to instil these principles in the minds of their employees More than one-half of survey respondents say their firms provide training on safe computing practices, but no more than 21% provide training to employees on the use of personal communications devices (including laptops) at work, and only 17% this for using social networking applications What’s worse, no more than one-fifth of these companies have plans to provide such training in the future Education and training normally not require heavy investment and should be straightforward first steps to ensure that technology democracy does not descend into chaos But who in the organisation should be responsible for this? No rest for the vigilant Achmea, the Netherlands’ largest insurance company with 13,500 employees, added PDAs (personal digital assistants) and smartphones to its portfolio of business communications devices about two years ago, but Bob Jutte, the firm’s CIO, continues to review the potential risks of using them “Smartphones,” he says, “now have connections to the mobile Internet and have effectively become small notebooks Originally it was a mobile contact book, now it is a mobile office So we need to continue looking for a good security solution for PDAs Once we find it, we will be able to use PDAs more widely in the company.” Similarly, Achmea is constantly reviewing the use of social media and Internet sites It blacklists and blocks the sites it considers too risky, but the list is reviewed and modified on a continuous basis, allowing access to sites if they are considered secure Both Achmea’s business units and external partners advise the 16 IT team on what should be allowed or banned Mr Jutte, however, sees a problem with this approach “The challenge is that when you find a solution for one PDA or smartphone model, a new generation is coming out a month later with new technology and means completely new risks This adds considerably to the workload of the IT team.” This dilemma is familiar to most companies grappling with “technology democracy” even in industries less conservative than insurance If personal mobile devices and social media are to be used in the workplace, the IT division will need to feel that their security is ensured However, the explosion in the number of sites and devices make their use increasingly difficult to control One possible answer is to create a single security management interface that would safeguard different devices and applications For now, however, something will have to give: the security of workplace devices is likely to come at the expense of their variety and choice, but some control over the use of social media sites and applications will need to be delegated to business units © The Economist Intelligence Unit Limited 2009 Power to the people? Managing technology democracy in the workplace Do you agree or disagree with the following statements about the role of the IT function in governing employee's use of technology? (% respondents) Strongly agree Agree Disagree Strongly disagree Don't know/Not applicable Rules governing how employees use personal devices and applications should be specific to each business unit and not uniform — technology autonomy is appropriate for some types of employees more than others 15 53 20 6 The IT department should focus on other, more critical issues than controlling how employees use devices and applications 14 42 32 Source: Economist Intelligence Unit survey, April 2009 Should IT ease up on the reins? Devolving some responsibility for information security to individual business units is one likely response to greater technology freedom 17 Finding the right balance between according greater technology freedom to employees and safeguarding against technology misuse and security breaches will be extremely difficult for companies On the one hand, the younger workforce has more knowledge about new technologies and—in theory at least—requires less hand-holding from IT Allowing employees or their business units the power to make decisions about new applications and sites should also—in theory—ease the burden on IT departments that themselves are being given many new challenges to help the business grow On the other hand, as the technology demands of different business units start to diverge, the range of potential security breaches is likely to expand, and the IT team may need to spend more time securing new devices and software More, not fewer, IT staff may be required to ensure adequate network and device security in this environment (although recession will mitigate against hiring new staff in the short term) These are more likely to end up working in business units than in the central IT department Faced with these new requirements, a centralised IT approach may run counter to the objective of ensuring that “technology freedom” does not lead to damaging security breaches or other problems Devolving some responsibility for security appears to be the next best option When asked their view on the implications of greater technology freedom for the IT function, survey respondents reply that the delegation of responsibility for information security to individual business units is the most likely outcome (IT executives are even more emphatic that this will be the case than other categories of respondent.) This would allow the IT function to focus on other tasks, such as the management of firewalls and other aspects of physical network security and tracking new external threats Even firms that are unlikely to go in for a decentralised approach to security (and managing technology use) see the value in consulting with the business units on security policy According to Mr Nagle of Kellogg, “IT regards itself as the guardian of access to the Internet, but we set the rules in consultation with business units We also liaise with the HR, communications and marketing divisions as to who should have access to various social networking sites, to make sure that IT is aware of their relevance to different functions.” © The Economist Intelligence Unit Limited 2009 Power Power to the to the people? people? Managing Managing technology technology democracy democracy in the in workplace the workplace Conclusion D emocracy, in the view of the Economist Intelligence Unit, is the most efficient and equitable form of political organisation that countries can hope to achieve But it is far from perfect, and its imperfections keep us from arguing that it is a viable form of organisation for businesses, which often require executive diktat to achieve the objectives set for them by shareholders In business as well as politics, however, information is a powerful tool, and modern technology is putting more information into the hands of more people at all levels than ever before For this reason, companies may not be able to resist the encroachment of some principles of democracy into some parts of their operations To the extent that expanded freedom boosts morale and energises the forces of innovation, this development will be good for businesses So, we believe, will be the case when it comes to the use of technology itself As Generation Y establishes itself in the workforce, employees will increasingly seek to use the devices and applications they are most familiar with to their jobs Companies will not be able to control this entirely, and this may be no bad thing The most innovative solutions to business challenges tend to be conceived at the grassroots level; increasingly tech-savvy employees make it likely that information and communications technology will be part of most new business innovations Much education, training and organisational experimentation is needed to ensure that greater technology freedom does not sap productivity or cause damage to the company The sooner that firms begin to tackle this, the sooner the benefits of technology democracy will start to flow 18 © The Economist Intelligence Unit Limited 2009 Appendix Survey results Power to the people? Managing technology democracy in the workplace Appendix: Survey results In March-April 2009 the Economist Intelligence Unit conducted a survey of 390 executives of companies from seven countries in Europe Our sincere thanks go to all those who took part in the survey Please note that not all answers add up to 100%, either because of rounding or because respondents were able to provide multiple answers to some questions Are your employees making increasing use of the following types of technologies to conduct their work (as opposed to using them for personal reasons during work hours)? (% respondents) Yes No Not sure, but sense they are Don't know/Not applicable Social networking and similar applications 49 23 24 Personal communications devices (employees' own mobile phones, own notebook computers, etc) 68 18 11 Do you agree or disagree with the following statements about employees' use of digital technology in the workplace? (% respondents) Strongly agree Agree Disagree Strongly disagree Don't know/Not applicable Our employees frequently use social networking and similar applications for personal rather than work purposes 15 52 21 Senior management is supportive of according employees greater freedom to use applications and devices of their choice (not necessarily those provided by the company) in order to perform their work 42 37 10 We can trust our employees to use the applications and devices of their choice appropriately for work purposes 53 27 Employees' increased use of social networking and similar applications has increased our organisation's security risk 12 44 28 11 18 11 Employees in our organisation who use social networking or similar applications while at work are likely to face disciplinary action 26 42 How would you say that senior management of your company views the balance of opportunity versus risk in allowing employees greater freedom to use the technologies of their choice in the workplace? (% respondents) Significantly more opportunity than risk 12 Somewhat more opportunity than risk 30 Equal balance of opportunity and risk 23 Somewhat more risk than opportunity 18 Significantly more risk than opportunity 13 Don't know/Not applicable 19 © The Economist Intelligence Unit Limited 2009 Appendix Survey results Power to the people? Managing technology democracy in the workplace Which of the following, if any, are likely to be the main benefits to your organisation resulting from employees’ greater freedom to use applications and devices? Select up to two (% respondents) Enhanced innovation (eg, from employees' involvement in online forums, etc) 31 Enhanced employee morale 27 More effective collaboration with external partners 25 Improved productivity 22 Faster decision-making 16 Greater team cohesion 15 More effective marketing and advertising 15 Improved brand visibility Improved customer loyalty (eg, from employee use of multiple channels in customer communications) IT staff are freed up to focus on other responsibilities Other, please specify None of the above Don't know/Not applicable Which of the following, if any, are likely to be the main negative consequences for your organisation resulting from employees' greater freedom to use applications and devices? Select up to two (% respondents) Loss of productivity 35 Leakage of confidential company information 32 Increased network vulnerability to viruses 24 Loss of IT department's control over technology use in the company 19 Increased network vulnerability to external hackers 18 Damage to the firm's reputation and brand 12 Leakage of customer data 12 Managers' reduced control over information flow within their teams 11 Increased liability to legal claims against the company Other, please specify None of the above Don't know/Not applicable 20 © The Economist Intelligence Unit Limited 2009 Appendix Survey results Power to the people? Managing technology democracy in the workplace Do you agree or disagree with the following statements about the use of social media in the workplace? (% respondents) Strongly agree Agree Disagree Strongly disagree Don't know/Not applicable The business benefits of employee use of social networks, blogs and other online communities are underrated 11 49 25 The benefits of allowing employees to utilise applications (such as social networks and blogs) of their choice in the workplace outweigh the risk of productivity loss resulting from their use 46 34 The benefits of allowing employees to utilise these applications outweigh the risk of information security breaches resulting from their use 43 35 11 How has the overall level of risk of information security breaches — from both internal and external threats — changed for your organisation since economic and market conditions began to deteriorate? (% respondents) Significantly increased Slightly increased Remained unchanged Slightly decreased Significantly decreased Don't know/Not applicable From internal threats (employee malfeasance or negligence) 26 58 8 From external threats (viruses, hacking and other cybercrime) 21 56 If you responded "increased" to any part of question 7, what are the main reasons for the change? Select up to two (% respondents) Lack of employee understanding of security policies 34 Increasing sophistication of hackers and other external sources of threat 28 Sabotage or threat of sabotage from disgruntled employees 20 Employees' increasing use of social networking and similar applications while at work 19 Falling employee morale 17 Employees' increasing use of their own communications devices while at work 17 Failure of the organisation's network defences to keep pace with the existing threats 17 Increase in remote working (employees working from home) 14 Other, please specify Don't know/Not applicable Which type of potential loss or damage from information security breaches has your organisation been most concerned about over the past two years? Which type of potential loss or damage from information security breaches should your organisation be most concerned about over the next two years? (% respondents) (% respondents) Loss of customer data Loss of intellectual property 23 Loss of intellectual property 22 Reputation or brand damage 21 Reputation or brand damage 20 Loss of customer data 18 19 Financial loss (eg, through fraud) Financial loss (eg, through fraud) 14 13 All of the above equally All of the above equally 21 Other, please specify 21 22 Other, please specify © The Economist Intelligence Unit Limited 2009 Appendix Survey results Power to the people? Managing technology democracy in the workplace When important company information is lost or compromised, what are the most likely factors? Select up to two (% respondents) Employee negligence (eg, losing a work device, forgetting to sign off of the network) 46 Employee use of devices not authorised or approved by the IT department 23 Employee sabotage or theft 20 Data loss from third parties (eg, outsourcing partners, suppliers) 20 Network defences are breached by external attackers 18 Employee misuse of blogs, social networks or similar applications 16 Data loss in transit (eg, by couriers) 11 Other, please specify Don't know/Not applicable The use of which of the following technologies/applications will pose the greatest information security risks in your workplace over the next two years? Select up to two Which, if any, of the following technologies or applications should employees be banned from using in the workplace for information security reasons? Select all that apply (% respondents) (% respondents) File-sharing sites/applications File-sharing sites/applications 28 Laptop and notebook computers 47 Personal email accounts (eg, Hotmail, Google mail) 27 E-mail 29 Personal social networking sites such as Facebook 25 Social networking sites (eg, Facebook, LinkedIn) 24 Blogging sites or services 22 Smartphones (eg, Blackberry devices, personal digital assistants) 22 Instant messaging 21 Blogging sites or services 17 Music players such as the iPod 12 Instant messaging 12 Professional social networking sites such as LinkedIn Netbook computers 10 Netbook computers Mobile phones Personal mobile phones 6 Wikis and similar collaborative sites (eg, Wikipedia) Other, please specify Other, please specify None of these 17 Don't know/Not applicable 22 Don't know/Not applicable © The Economist Intelligence Unit Limited 2009 Appendix Survey results Power to the people? Managing technology democracy in the workplace Which, if any, of the following technologies or applications should employees be banned from using in the workplace for productivity reasons? Select all that apply How familiar are your employees with the information security policies and procedures in place in your organisation? (% respondents) (% respondents) Very familiar Personal social networking sites such as Facebook 26 47 Somewhat familiar Blogging sites or services 47 Only partially familiar 32 Music players such as the iPod 21 Not at all familiar 30 Personal email accounts (eg, Hotmail, Google mail) Don't know/Not applicable 28 Instant messaging 25 File-sharing sites/applications 23 Professional social networking sites such as LinkedIn 13 Personal mobile phones 13 Netbook computers Other, please specify None of these 14 Don't know/Not applicable Does your organisation currently have IT policies which outline the following? (% respondents) Yes No Don’t know Which hardware devices (eg, laptops, storage devices, personal digital assistants) can or cannot be used in the workplace for work purposes? 69 24 Which websites (eg, social networking sites) can or cannot be accessed using the work computer? 56 36 Which applications (eg, media players, Web 2.0 toolbars) may be installed on the work computer? 65 28 The use of computers and applications by home-based workers 59 28 13 Which of the following would be the most practical and effective measures the organisation can take to ensure that greater employee freedom in the use of technology does not result in the loss of company information? Select up to two (% respondents) Conduct regular and mandatory training courses for employees on guarding against information loss 38 Upgrade network security systems 35 Draft and distribute formal guidelines for employees' use of social networking and similar applications 28 Prohibit employees' use of anything but company-authorised applications and devices 25 Extend network protection systems to employees' personal communications devices 21 Establish internal websites (eg, social networks) where employees can communicate with each other 16 Increase the monitoring of social networks and blogs Other, please specify Don't know/Not applicable 23 © The Economist Intelligence Unit Limited 2009 Appendix Survey results Power to the people? Managing technology democracy in the workplace Does your organisation provide formal training (eg, seminars) to employees on the following? (% respondents) Yes No Don’t know The use of social networking and similar applications at work 17 77 72 41 The use of personal communications devices (their own mobile phones, own notebook computers, etc) at work 21 General safe computing practices 52 If you responded "no" to any part of question 16, does your organisation intend to provide formal training (eg, seminars) to employees in that area? (% respondents) Yes No Don’t know The use of social networking and similar applications at work 13 61 26 The use of personal communications devices (their own mobile phones, own notebook computers, etc) at work 20 58 22 General safe computing practices 49 35 16 Do you agree or disagree with the following statements about the role of the IT function in governing employees’ use of technology? (% respondents) Strongly agree Agree Disagree Strongly disagree Don't know/Not applicable Rules governing how employees use personal devices and applications should be specific to each business unit and not uniform — technology autonomy is appropriate for some types of employees more than others 15 53 20 6 The IT department should focus on other, more critical issues than controlling how employees use devices and applications 14 42 32 If employees in your organisation are likely to gain greater freedom to use applications and devices of their choice, what are the main implications for the IT function? Select all that apply (% respondents) Responsibility for information security (excluding the management of network firewalls, perimeter protection, etc) will increasingly be devolved to the individual business units 36 More IT staff will be needed to ensure adequate network and device security in this more open environment 33 IT staffing will remain the same but they will be able to focus on activities of more direct relevance to the business objectives 29 Responsibility for delivery of IT services is likely to become increasingly de-centralised to individual business units 21 Responsibility for delivery of IT services is likely to become more centralised than it is now 20 Don't know 16 24 © The Economist Intelligence Unit Limited 2009 Appendix Survey results Power to the people? Managing technology democracy in the workplace In which country are you personally based? What are your organisation's global annual revenues in US dollars? (% respondents) (% respondents) Sweden 18 Netherlands $500m or less 17 United Kingdom 15 Germany 14 Italy 13 50 $500m to $1bn 12 $1bn to $5bn 13 $5bn to $10bn $10bn or more 18 Russia 12 France 11 What is your primary industry? Which of the following best describes your title? (% respondents) (% respondents) Board member Financial services 17 CEO/President/Managing director Professional services 23 16 CFO/Treasurer/Comptroller IT and technology 9 CIO/Technology director Manufacturing Government/Public sector Other C-level executive SVP/VP/Director Consumer goods 16 Healthcare, pharmaceuticals and biotechnology Head of Business Unit Head of Department Telecoms 10 Manager Education 15 Entertainment, media and publishing Other Energy and natural resources Construction and real estate Transportation, travel and tourism Retailing Automotive Chemicals Agriculture and agribusiness Logistics and distribution 25 © The Economist Intelligence Unit Limited 2009 Appendix Survey results Power to the people? Managing technology democracy in the workplace What are your main functional roles? Please choose no more than three functions (% respondents) General management 36 Strategy and business development 29 Marketing and sales 24 Finance 22 IT 16 Operations and production 12 Customer service Risk R&D Human resources Information and research Legal Supply-chain management Procurement Other Approximately how many full-time IT staff does your organisation have worldwide? (% respondents) Less than 100 55 100 to 299 11 300 to 499 500 to 699 700 to 999 1,000 or more 16 Don't know 26 © The Economist Intelligence Unit Limited 2009 Whilst every effort has been taken to verify the accuracy of this information, neither The Economist Intelligence Unit Ltd nor the sponsor of this report can accept any responsibility or liability for reliance by any person on this white paper or any of the information, opinions or conclusions set out in the white paper Cover image - © Stephan Zirwes/Getty Images LONDON 26 Red Lion Square London WC1R 4HQ United Kingdom Tel: (44.20) 7576 8000 Fax: (44.20) 7576 8476 E-mail: london@eiu.com NEW YORK 111 West 57th Street New York NY 10019 United States Tel: (1.212) 554 0600 Fax: (1.212) 586 1181/2 E-mail: newyork@eiu.com HONG KONG 6001, Central Plaza 18 Harbour Road Wanchai Hong Kong Tel: (852) 2585 3888 Fax: (852) 2802 7638 E-mail: hongkong@eiu.com [...]... their relevance to different functions.” © The Economist Intelligence Unit Limited 2009 Power Power to the to the people? people? Managing Managing technology technology democracy democracy in the in workplace the workplace Conclusion D emocracy, in the view of the Economist Intelligence Unit, is the most efficient and equitable form of political organisation that countries can hope to achieve But it... makes them easy to carry around The risks around the use of netbooks, however, are very similar to laptops; 7% of executives in the survey believe that the use of personal netbooks should be banned in the workplace 14 © The Economist Intelligence Unit Limited 2009 Power to the people? Managing technology democracy in the workplace Key points n No more than a handful of European firms provide training... of technology freedom”, the use of new tools is on the rise: Achmea, an insurance provider based in the Netherlands, for example, uses instant messaging to link its 13,500 employees spread across 12 locations 10 © The Economist Intelligence Unit Limited 2009 Power to the people? Managing technology democracy in the workplace Key points n Productivity loss is viewed as the chief risk of according employees... needed to ensure that greater technology freedom does not sap productivity or cause damage to the company The sooner that firms begin to tackle this, the sooner the benefits of technology democracy will start to flow 18 © The Economist Intelligence Unit Limited 2009 Appendix Survey results Power to the people? Managing technology democracy in the workplace Appendix: Survey results In March-April 2009 the. .. 2009 Power to the people? Managing technology democracy in the workplace The use of which of the following technologies/applications will pose the greatest information security risks in your workplace over the next two years? Select up to two (Top responses; % responses) File-sharing sites/applications 28 Laptop and notebook computers 27 E-mail 25 Social networking sites (eg, Facebook, LinkedIn) 22... 19 © The Economist Intelligence Unit Limited 2009 Appendix Survey results Power to the people? Managing technology democracy in the workplace Which of the following, if any, are likely to be the main benefits to your organisation resulting from employees’ greater freedom to use applications and devices? Select up to two (% respondents) Enhanced innovation (eg, from employees' involvement in online forums,... sensitive information is a significant threat to a company’s security Firms have ploughed enormous investments over the past decade into beefing up network defences against security breaches, and in training employees to use information, networks and the devices attached to them with care The executives in our survey appear sanguine about the level of information security threats they face today, even in these... customer data 12 Managers' reduced control over information flow within their teams 11 Increased liability to legal claims against the company 6 Other, please specify 1 None of the above 5 Don't know/Not applicable 3 20 © The Economist Intelligence Unit Limited 2009 Appendix Survey results Power to the people? Managing technology democracy in the workplace Do you agree or disagree with the following... Source: Economist Intelligence Unit survey, April 2009 11 © The Economist Intelligence Unit Limited 2009 Power to the people? Managing technology democracy in the workplace networking sites all the time,” affirms Mr Jutte “When we have a clear picture of the risks and know that we can manage them, then we make changes.” Even executives supportive of technology democracy in the business acknowledge... considerably to the workload of the IT team.” This dilemma is familiar to most companies grappling with technology democracy even in industries less conservative than insurance If personal mobile devices and social media are to be used in the workplace, the IT division will need to feel that their security is ensured However, the explosion in the number of sites and devices make their use increasingly difficult .. .Power to the people? Managing technology democracy in the workplace Preface P ower to the people? Managing technology democracy in the workplace is an Economist Intelligence Unit... their relevance to different functions.” © The Economist Intelligence Unit Limited 2009 Power Power to the to the people? people? Managing Managing technology technology democracy democracy in. .. continues One is the arrival © The Economist Intelligence Unit Limited 2009 Power to the people? Managing technology democracy in the workplace “CEOs and CIOs need to get used to the idea that their