Trust Boundaries

[Podcast]
Trust boundaries are a tricky thing when we start talking about Web 2.0 in the workplace. It's not generally an issue within a social context when a group of friends or family members are sharing photo's because everyone involved is using the same application and have been identified as a "trusted friend". However, in the corporate world, not every company is using the same set of applications nor does a common set of trusts exist.

The idea of trust boundaries is constantly evolving. It used to be that a company's trust boundaries were inside the four walls of it's building and anything or anyone external to that was not to be a trusted source to send/receive information. A lot has changed since then.

• With IP and the ability to create location transparency "trusted" employees have become highly distributed.
  
• There are growing needs to collaborate with business partners, consultants and suppliers globally.
  
• Business process outsourcing has extended the employee pool to include contractors and external developers in emerging countries.
  
• Even merger and acquisitions have changed trust boundaries, where it may take months or years to integrate a newly acquired company but the need to share information seamlessly may be a day one requirement.

Today, there is no blanket statement as to where trust boundaries exist. It varies by company, by project, even by day. I even had one customer this past week tell me that their trust boundaries extend into space (they work with the space station)! The ability to traverse trust boundaries or firewalls is a key component to a successful Web 2.0 strategy. To achieve a state of true Universal Collaboration, where an organization can leverage any resource in its ecosystem to participate in a value added activity, you must be able to go across trust boundaries.

For example, to improve time-to-market of a new product or application a company will want to improve its collaboration and communication with it's developers. In some cases, these developers may be on contract (and thus part of a different domain) and located in another part of the world. In order to leverage the collaborative power of Web 2.0 to achieve that goal the ability to communicate, collaborate and share information across firewalls must exist.

Looking back to the blog from January 12, 2008 - "Fears About Adopting Web 2.0" - we talked about how, among other things, tools and solutions you adopt should be secure. I think now would be a good time to revise that statement to state that a sustainable Web 2.0 strategy should include "security across trust boundaries".

What are some of your thoughts and comments on this topic? What else do we need to consider relative to trust boundaries? Looking forward to your thoughts.