A deployment strategy for maximising the impact of institutional use of Web 2.0
Introduction
The benefits of Web 2.0 are now widely acknowledged, but before embracing use of Web 2.0 organisations need to be aware of potential risks and to develop strategies for managing such risks. This chapter illustrates how various Web 2.0 technologies (such as blogs, wikis and social networks) are becoming accepted and are being embedded within our institutions, initially perhaps by individuals and early adopters, but increasingly as part of the core services provided by the institution.
The effective exploitation of Web 2.0 will require an understanding of how such services can be used to support institutional objectives and the selection of services to support these aims. The section of externally hosted services will require an assessment not only of the functionality of the services but also of their sustainability. However, it would be a mistake to focus only on the services themselves. An important aspect of Web 2.0 are the softer characteristics, such as the view as the network as a mechanism for delivering applications, trust in users and the ‘always beta’ nature of web-based services. Jenny Yorke and Helen Walmsley in Chapter 4 explore how this issue might be addressed via an online community of practice for teaching staff. Geoff Walton in Chapter 3 indicates that a technologically independent e-pedagogy can mitigate the effects of ‘constant beta’. David Ley in Chapter 6 explores the technological developments in more detail. Many of these aspects of Web 2.0 challenge well-established approaches to the development and deployment of IT services, where the application is managed in a stable environment, the release of updates is agreed with the user community and the trust of the user is managed by contractual obligations or agreement with institutional terms and conditions.
A number of case studies that outline the potential benefits of externally hosted Web 2.0 services are provided, together with details of the approaches that have been taken to the risk assessment of such services. These examples are used in the development of a risk assessment and risk management toolkit, which seeks to ensure that institutions have a better understanding of the risks and have document strategies in place for managing them.
Examples of uses of Web 2.0 services
In order to illustrate ways in which Web 2.0 can help to maximise impact we will consider some examples of popular Web 2.0 services.
Wikipedia: Although its detractors point to the lack of formal and well-established quality assurance processes, the popularity of Wikipedia cannot be disputed. The list of libraries in Wikipedia is not as comprehensive as the list of museums, but the libraries that do have a presence in Wikipedia, such as John Rylands Library (http://en.wikipedia.org/wiki/John_Rylands_Library), gain benefits from the popularity of Wikipedia and the increased Google ranking to the John Rylands website provided by links from the Wikipedia website.
Facebook: The University of Wolverhampton’s learning centres have a Facebook presence (http://www.facebook.com/wlvlc), which provide links to institutional resources, embedded search facilities (such as searches of the JSTOR and COPAC services), the ability to become a ‘fan’ of the learning centres and a means of providing news in an environment which many students at the university are likely to use and be familiar with.
Blogs: Blogs provide a simple and easy to use mechanism for alerting users to new developments within a library and soliciting feedback. At Imperial College London blogs were set up by library liaison staff initially for the physics and maths and engineering departments. Following the success of these initial experiments 13 blogs have now been established and this is felt to provide a valuable service to the user community (Evans, 2009).
Twitter: Increasing numbers of librarians and information professionals use Twitter. This ‘micro- blogging’ service is being used for a variety of purposes, including peer support, engagement with fellow librarians and dissemination and engagement with library users. Examples of librarian Twitter users can be seen from the list of 100 British librarians on Twitter (Bradley, 2010).
Maximising the impact of Web 2.0 within an organisation
A Web 2.0 deployment strategy
In order to maximise the impact that Web 2.0 can have within an organisation it can be helpful to devise a deployment strategy that aims to exploit the enthusiasms of the early adopters, leading to embedding of Web 2.0 technologies within the organisation.
The following elements of a deployment strategy are suggested:
The initial activities are likely to start with small-scale experimentation by early adopters. In order that the enthusiasms of the early adopters can lead to embedding of services within the institution it can be helpful for the early adopters to engage with fellow enthusiasts who might be willing to make use of emerging new technologies. Ways of structuring and harnessing the enthusiasm of adopters are illustrated in Chapter 4.
A potential danger with groups of early adopters and enthusiasts is that they fail to recognise possible apprehension that others may have. It is desirable, therefore, to listen to others within the organisation in order to understand their concerns. This activity should lead to expectation management (avoiding the inevitable over-hyping of new technologies) and strategies for addressing concerns that have been raised.
The need for education and training is clearly of importance. It should be noted that this should include providing an understanding of Web 2.0 concepts and not just training in a particular application. In addition it can be helpful if the training made use of Web 2.0 concepts, for example by using the Common Craft series of videos (http://www.commoncraft.com/), which introduces topics such as blogs, wikis, social networks, RSS and so on. The outcome of this deployment strategy should be the embedding of Web 2.0 services to support organisational needs.
In order for this approach to be realised there is a need to have a good understanding of what is meant by the term ‘Web 2.0’. In addition it will be important to be able to identify barriers to deployment and to devise strategies for addressing them.
Web 2.0 applications
For many the term Web 2.0 is associated with applications such as blogs and wikis. A broader understanding of the term embraces services that allow users to create content and to comment on content provided by others. This encompasses various social sharing services, such as those for photographs (e.g. Flickr), videos (e.g. YouTube) and bookmarks (e.g. Delicious). The term Web 2.0 also includes web-based technologies for communicating with others. Initially the main focus of such communications services covered web-based chat facilities, which complemented instant messaging technologies such as MSN Messenger. More recently the communications aspect of Web 2.0 has focused on social networks such as Facebook and MySpace, later followed by Twitter, which provide communications between friends and mechanisms for interacting with others with similar interests. This, then, might be considered to be the users’ view of Web 2.0. A developer, however, might also wish to highlight the fact that the popularity of such applications is helped by the ease of use and usability of such services provided by advances in user-interface technologies offered by tools such as Ajax or Flash-based interfaces to services. The developer might also add that provision and use of rich content in such services is provided by syndication technologies such as RSS and Atom and the provision of, often lightweight, application programming interfaces (APIs), by such Web 2.0 services.
With a slippery concept such as Web 2.0 it can be difficult to provide a simple definition that covers both users’ perceptions of Web 2.0 and those of developers. However, although Web 2.0 was initially derided by sceptics as marketing hype, it is now clear that the term has gained widespread currency and that many organisations are seeking to exploit the potential of Web 2.0. To take one specific Web 2.0 application area let us look at how libraries are making use of blogs. The early adopters of blogs were, as might be expected, those in the web development community. However, particularly in the USA, the academic and library sector began to appreciate the benefits that could be gained through use of blogs in teaching and learning (e.g. to encourage reflective learning or team working) and within the library (e.g. to disseminate information using technologies that, through use of RSS, would allow the information to be easily reused by a variety of different tools or as a discussion forum to encourage feedback from the user community). These early adopters often wished to make use of blogging software before the institution was in a position to provide access to software in-house. This led the enthusiasts who were not in a position to install software simply to make use of externally hosted services such as Blogger or WordPress, which required no software to be installed locally and needed little technical expertise to set up and deploy.
In many higher educational institutions the role of blogs to support educational needs is becoming accepted. Institutions are now beginning to deploy blogging services either through the installation of blogging software locally or through blog functionality being provided in other systems, such as an enterprise virtual leaning environment (VLE).
The use of blogs within the public library sector is patchier, however. This is probably because of concerns related to some of the softer aspects of Web 2.0, such as ownership of technologies, trusting users and willingness to take risks, rather than technical issues. We will now explore these issues in more detail.
Web 2.0 culture
Tim O’Reilly’s famous Web 2.0 meme map (see Figure 7.1) includes the following phrases, which aim to characterise Web 2.0: ‘an attitude not a technology’, ‘the perpetual beta’, ‘the rights to remix’, ‘trust your users’ and ‘small pieces loosely connected’, with Web 2.0 strategically positioned as ‘The Web as Platform’ (O’Reilly, 2005). It is Web 2.0 as an attitude not a technology which is challenging many institutions: the notion of services that may change without notice may be felt to undermine the expertise of support staff and can make obsolete documentation and training materials; the rights to remix can conflict with the desire of organisations to control their materials and prevent potential misuse; staff’s trust in users does not appear to be able to coexist easily with the need to manage the security of networking services in order to prevent viruses, denial of service attacks, spam and so on; and the management of small, loosely connected pieces may be in conflict with institutional commitment to enterprise solutions.
Most importantly, perhaps, are the challenges provided by Web 2.0 strategically positioning itself as ‘The Web as Platform’. To date the platform for delivering applications has been the computer; initially the computer was a mainframe system but in the 1980s the PC became the important platform for many users. With the growth of computer networks we reached a hybrid position in which the PC is often the platform of choice on the end users’ desktop, but this is closely coupled with server systems, which could be Unix, Microsoft Windows or a combination of the two. It is this well-established environment of delivering applications through use of a variety of in-house systems that Web 2.0 is challenging. When users make use of Google to find resources, Google Mail to send e-mail to their colleagues, Flickr to share their photographs or Facebook to update their friends on their activities, none of these services are based on in-house services. And although many will use these services for personal and social purposes, increasingly institutions such as universities and colleges are starting to explore the potential of such services to support both formal and informal learning. An initial reason for this may be to enable students to make use of tools they are familiar with and will still be able to use once they have graduated. But the ease of use of many Web 2.0 services and their popularity is leading to institutions asking whether externally hosted services can be used more generally and not just for small-scale or informal teaching and learning purposes.
Two tribes
Staff in IT service departments within institutions will often see their role as providing reliable, secure and managed services for use by their user community. These goals are clearly laudable, and when services become unavailable or are unreliable the IT services department is the first to receive criticism. So it is understandable that staff in many IT service departments have concerns about relying on third party services, especially when there are no formal contracts or service level agreements.
And yet institutions, in particular those within the higher education community, may also value the flexibility to exploit innovative solutions. Innovative IT applications may be of particular interest to the research community, for use in niche areas in which there are limited developments provided by the commercial sector. But in addition to supporting their research interests, institutions may also feel that they have a responsibility to ensure that their students have encountered technologies which they may expect to use when they graduate, and that they have developed an awareness of the risks associated with use of such technologies. And finally such innovation may eventually become the mainstream solution of tomorrow, as was seen during the 1980s when the PC was perceived by many in central IT service departments as initially an irrelevance, before becoming a threat to existing structures, before eventually emerging as the main access point for many users in the institution.
We can see that there are conflicting views, which may be deeply embedded within organisational cultures. The ease of use of Web 2.0 services is bringing many of these tensions to the fore. There is a need to gain a better understanding of the concerns of these two diverse views held by the ‘two tribes’ (Kelly, 2007).
The managed environment
An IT environment that is hosted and managed locally has been the norm for many large organisations, especially in the higher education sector, which traditionally provides IT service departments with a responsibility for managing and supporting the IT technologies used within the institution. In this environment IT services will have well-established working practices for managing and developing the infrastructure (managing growth in usage, understanding vendors’ roadmaps for developments to their software, and so on) and providing the necessary user support (such as education and training, help desk and FAQs). The working culture within this environment is well understood, with established mechanisms for managing change and development.
The outsourced environment
The term ‘outsourced environment’ is an emotive one within public sector organisations in the UK, with its implications of privatisation and outsourcing of public sector services. Yet wide area networks are at the heart of the delivery of services to remote organisations. This is well understood and fundamental to the role of the national services (such as Mimas and EDINA), which JISC fund on behalf of the UK’s higher and further education communities. A reliance on third party services is understood by everyone who has ever used Google and, at a more technical layer, the internet itself (the network, the routers, the DNS gateways and so on) is dependent on a devolved, distributed provision of the network infrastructure.
The tensions therefore relate not to the nature of third party services per se, but rather to the sustainability of such services and their accompanying business models. The provision of networked services within a community of shared values and a tradition of collaboration, such as the UK higher education environment, is widely accepted. The provision of networked services by commercial companies is new, however, and leads to concerns as to whether such services are in a position to deliver sustainable services and uncertainties regarding changes to such services.
The concerns
Those with a responsibility for providing a managed secure and reliable IT infrastructure would probably raise the following concerns about the use of third party services:
Performance and reliability: Will a third party service provide the satisfactory levels of performance and reliability that may be needed for use in mission-critical activities?
Security: Will data held on third party service be secure? Can it be guaranteed, for example, that personal data will not be divulged to third parties?
Legal issues: Will the service comply with appropriate legislation, including data protection, copyright, defamation, accessibility and so on? Will the organisation making use of third party services be liable for failures by the service to comply with legislation?
Accessibility and usability: Is the service usable by people with disabilities? Who is legally responsible if the service fails to comply with accessibility legislation?
Sustainability: Will the service be sustainable in the long run? If the service is not sustainable, how much notice will users be given?
Interoperability (data migration): Can data be exported from the service? How easy is it to do this? How rich and how complete will the data be? How easy will it be to import the data into a new application and rebuild a new service?
Interoperability (data integration): Is the service interoperable with other applications? Does it support relevant standards?
Terms and conditions: What terms and conditions does the service define? Are such terms and conditions of concern? Can the terms and conditions change, and what would be the implication of changes?
These are the concerns that are likely to be expressed openly, and it should be acknowledged that there are also likely to be concerns that will not be openly articulated. These might include individual concerns (such as fears over job losses and deskilling) and departmental concerns (such as departmental downsizing or reductions to levels of funding).
There may be additional concerns, perhaps at a political level (such as dangers that political tensions may hinder the exchange of data such as the dispute seen in 2009 between Russia and Estonia), or at a macro-economic level (use of IT developed in other countries may undermine a local IT development industry). However, as it is difficult to predict the implications of such large-scale challenges, this chapter will focus on issues that can (and should) be addressed within the organisation.
Addressing the concerns
It would be very easy to become despondent over the lack of any guarantee of the long-term sustainability of third party Web 2.0 services. The companies will typically refuse to provide cast-iron guarantees over the long-term sustainability of their services and are likely to reserve the rights to change their terms and conditions at any time. However, it should be borne in mind that similar uncertainties also exist with Google’s search facility, as there is no certainty that Google will continue to provide this service. Nevertheless, as we all know, the Google search engine has grown in popularity since it was launched and this has contributed to Google’s financial success. Experiences with traditional licensed IT applications have also shown us that using licensed software and having a formal contract with a company that supports the software is no guarantee that the software is sustainable in the long run. Rather than having cast-iron guarantees or relying on using only mature services, an alternative approach will acknowledge that there will be risks associated with many activities, but risk taking is needed in order for changes to happen. Since the research and educational environment depends on the notion of change, an element of risk taking will be inherent in many activities. There will be a need to be able to assess risks and also to manage risks, if an adverse event occurs.
Risk assessment
When assessing the risk of use of a third party Web 2.0 service it is important first to clarify the purpose of the service. If the aim is to gain expertise in use of the service, then using an alternative service clearly defeats the point of the exercise. In an educational context we may find that use of a service is intended to provide exposure to it, perhaps in order to understand its limitations. The service might also provide benefits that can only be realised if it is used by large numbers of users. Social bookmarking services, such as Delicious, and social sharing services, such as Flickr and YouTube, benefit from the large numbers of users who help to rank their favourite resources and provide access to them by community agreement on common tags. In these cases, hosting such services internally will fail to deliver key benefits which the externally hosted services provide.
There is also a need to avoid making use of guidelines that have been shown to be inapplicable in a Web 2.0 context. A good example of this is the Web Content Accessibility Guidelines (WCAG), which were developed by the Web Accessibility Initiative (WAI) to help provide widely accessible web resources. A conservative approach would treat these guidelines as mandatory, and would shy away from services in which, for example, users could create content that did not comply with the WCAG guidelines or services that made use of JavaScript to provide more usable interfaces. However, Michael Cooper (WAI) admitted to the limitations of the WCAG guidelines (released in 1998) in a Web 2.0 environment in a paper on the accessibility of emerging rich web technologies presented at the W4A 2007 conference:
However, we recognize that standards are slow, and technology evolves quickly in the commercial marketplace. Innovation brings new customers and solidifies relationships with existing customers; Web 2.0 innovations also bring new types of professionals to the field, ones who care about the new dynamic medium. As technologies prove themselves, standardizing brings in the universality of the benefit, but necessarily follows this innovation. Therefore, this paper acknowledges and respects Web 2.0, discussing the issues and real world solutions.
Related to risks regarding the accessibility of services are the legal risks associated with use of a third party service. There are risks in allowing third parties who are not affiliated to your organisation to create content on your services, such as commenting on blog posts, adding content to wikis, uploading images and so on. The risks might involve the uploading of copyrighted materials, illegal materials and materials containing personal information either to your services or to third party services associated with your organisation, which may then face the potential danger of being sued by copyright holders or aggrieved individuals, or seeing damage to your organisation’s brand and identity.
Once again it would be very easy to become despondent over the legal risks associated with use of Web 2.0 technologies, which make it much easier for individuals to create content or reuse others’ content. Yet in reality, might the concerns turn out to be over-stated? Are there ways in which such risks can be managed? When the web became popular in the mid-1990s there were concerns that caches, which held copies of resources in order to enhance the performance of slow networks, would breach copyright. Similarly, in 1996 a dispute between the Shetland News and the Shetland Times about deep-linking to web pages caused concerns that links to web pages should not be made without first seeking written permission. But we now find ourselves in an environment in which caches are an integral part of the web’s infrastructure and web authors routinely link to pages without being concerned about possible copyright infringement – or, in those cases in which there is an understanding of reasons why organisations may have concerns regarding deep-linking, the approach taken is likely to be a willingness to remove the links if the copyright holder makes such a request.
Finally, it should be understood that there may be risks in doing nothing or in continuing to use current technologies. This might include losing one’s competitive edge, lost opportunity costs and a loss of one’s user communities to services that are willing to take risks.
Risk management
A risk assessment exercise can help to clarify the risks associated with the selection of Web 2.0 services. This risk assessment needs to be complemented with a risk management strategy, which will document the processes to be adopted if the risks that have been identified actually occur.
There are several approaches that can be taken to the risk management of Web 2.0 services including:
Use in experimental areas: Web 2.0 services can be used in experimental areas, in which an element of risk is deemed acceptable. Such experimentation might include the evaluation of new services.
Engagement with users in the risks: A useful strategy might be to engage your user in the risk-taking. Users may be willing to take part in the evaluation of new services and to provide their views on the service.
Data migration: The normal approach to risk management is to ensure that data held in the service can be easily migrated to alternative services.
Transfer to alternative solutions: Not all services will necessarily create data that needs to be migrated. There may be services that can be replaced by alternatives if the original service is not sustainable.
Willingness to forego service: Users may decide that although they make use of a service, if it disappeared they would not feel the need for it to be replaced by an equivalent alternative.
Willingness to discard data: Users may be willing to accept the loss of their data. Note that this may be the case when individuals leave an institution and no longer have access to services hosted by it.
If the intention is to migrate data to new services, it is desirable to test the data migration in a controlled, managed fashion, rather than leaving this to a time when a service has announced that it is to close in a short period of time. Such testing should identify possible limitations in the data migration. In the case of a blogging service, for example, you may find that although blog posts can be migrated easily, associated comments are lost together with details of the author of the post. Such experimentation may help to identify various strategies for the data migration, ranging from the import or export of RSS feeds through to the transfer of the HTML representation of the service.
Case studies
Case study 1 ‘Amplification’ of the Institutional Web Management Workshop 2009 event
Organisations that are willing to exploit the potential offered by externally hosted Web 2.0 services, but which recognise that this may entail some risks, would be advised to document their analysis of potential risks and to describe their plans if such risks occur.
An example of this approach was taken by the organisers of UKOLN’s Institutional Web Management Workshop (IWMW), an annual event aimed at members of institutional web management teams in UK universities. The IWMW 2009 event, held at the University of Essex in July 2009, provided the organisers with an opportunity to exploit the availability of a wi-fi network at this three-day event and to evaluate the potential of a variety of Web 2.0 technologies with 200 delegates whose area of professional interest is in the managing institutional web services. This ‘amplified event’ (Wikipedia, 2009) made use of a wi-fi network to allow discussions about the talks and sharing of the accompanying resources to be ‘amplified’ for the delegates at the event and to a remote audience watching the accompanying live video streaming of the plenary talks and engaging in discussions on the Twitter event backchannel.
Since this user community would have an interest in learning more about innovative web technologies, it was felt that the event would provide an opportunity to explore the potential of a variety of services. The approach taken towards potential risk was to document the reasons for the provision of the services, the potential risks and ways in which the risks could be addressed. This information, which is also published on the IWMW 2009 website (http://iwmw.ukoln.ac.uk/iwmw2009/risk-assessment/), is summarised below.
Reasons for deploying Web 2.0 services
UKOLN provides a variety of externally hosted services on its IWMW 2009 website for a number of reasons, including: supporting UKOLN’s role in evaluating new technologies and advising its user communities; providing richer experiences to the user community by making use of services that would be difficult or expensive to provide locally; to gain experiences of the services in order to help decide whether such services should be deployed to support future activities; and to engage with its user communities in discussing the potential benefits and risks of the tools.
User benefits
Delegates at the event would have the opportunity to gain exposure to a number of new services and would be able to evaluate the services for use within their own institution. The services would also enhance the quality of the event in a variety of ways, including improving the communications channels at the event and providing better mechanisms for sharing resources, such as reports about the event and photographs.
Risk management for ‘amplified events’
In addition to documenting potential risks of use of various Web 2.0 services, such as SlideShare, consideration was also given to possible user concerns. Delegates at the event who did not want to be photographed or appear on the streaming video were invited to sit in a ‘quiet zone’. As well as providing an area that respected privacy, in this area of the lecture theatre delegates were requested to avoid making use of laptop PCs, which may be distracting to others.
Case study 2 Archiving pebble blogs
A case study on archiving pebble blogs (Trafford, 2007) provides an interesting example of the problems of sustainability of a blogging service based on open source software installed locally. In this case open source blogging software had been installed locally to support a project activity. However, after the project had finished the resource costs of supporting the blogging software were found to be too great, especially as there was no funding stream to cover the work. It was therefore decided to migrate the data to a static website before removing the blog application. The case study document describes the steps that were taken in order to migrate the content to a static website. Of particular interests are the summaries of the lessons learnt from this work:
Small-scale innovations can help to identify the potential for new services and provide motivation for larger-scale deployment.
However, there may be resource implications if an experimental service proves popular.
There may be a need to migrate an experimental service to a more reliable service for use in a service capacity.
It can be useful to identify migration strategies before deploying an experimental service.
Case study 3 UK Web Focus blog
The UK Web Focus blog (http://ukwebfocus.wordpress.com/) provides a forum for thoughts and discussions primarily on matters relating to Web 2.0. The blog is hosted on the Wordpress.com service.
Risks of inappropriate content
There are risks in allowing unmoderated comments to be made on the blog. Most automated spam messages are trapped by the Akismet spam filter. However, occasional spam messages do get through and are displayed on the blog, and may contain links to inappropriate materials. Such comments are normally spotted and removed shortly after they appear, but there is a risk that spam could remain on the blog for a longer period, for example when the owner is away on holiday. However, it has been decided that such risks are low and the intended target audience for the blog will not be unduly shocked by such messages and would be able to appreciate that this content is not the responsibility of the blog owner.
Risks of loss of long term access to the service
A more important issue may be the sustainability of the contents of the blog, which is reliant on the WordPress.com service. In order to ensure that a feasible data migration strategy is available so the contents of the blog are not lost if the WordPress.com service becomes unavailable or changes its terms and conditions, a number of options have been explored.
Initially a back-up copy of the blog posts was set up on the Vox.com blog service. The posts were copied periodically from the WordPress.com blog to Vox.com. On further investigation of the new service it was found that the blog posts appeared to have migrated satisfactorily. However, accompanying comments were not copied. In addition, images stored on the WordPress.com service had not been copied and links in the new blog pointed back to images and other resources held on the WordPress.com service.
Another approach taken to creating a back-up of the blog was to use an offline browser program. The WinTrack software was used to copy all resources on the UK Web Focus WordPress.com website. This appeared to work correctly, copying not only the blog posts but also comments and images. However, the end result was a static HTML resource, and not a copy of the blogging environment.
The final approach was to use WordPress’s export functionality to create an XML dump containing a representation of the content of the blog. This file was then imported into a local installation of the WordPress software.
Risks of dependencies on the author
Although the UK Web Focus blog is a funded activity, which supports the aims of UKOLN, the author’s host institution, the content of the blog is not subject to editorial and checking processes. The blog also has a personal, conversational tone, which reflects the views of the author; these are not necessarily endorsed across the host organisation.
How are the risks that the author may publish inappropriate content without the checks and balances that an editor of a traditional newsletter would provide to be addressed? And what would happen to the content if the author left the institution to move to another one or fell out with the institution?
These risks have been addressed in the blog’s policy statement (UK Web Focus, 2007). The risks of the author publishing inappropriate content are analogous to the author giving similar views in a talk. The author’s professional integrity and reputation will help to ensure that a professional approach to the blog is maintained. The blog’s policy also makes it clear that the content is owned jointly by the author and the host institution – if the author leaves, the documented policy makes it clear that a copy of the blog will be provided for the institution.
A risk assessment toolkit
These case studies illustrate a variety of approaches that have been taken to assessing the risks associated with the use of Web 2.0 services and documenting strategies for managing such risks.
A toolkit has been developed for organisations that wish to exploit the benefits of Web 2.0 services, while taking a managed approach to risk, based on these experiences:
Purpose: Documenting the purposes of the service can help to clarify why you need to make use of Web 2.0 solutions rather than using existing solutions.
User awareness of risks: You may have a responsibility to ensure that your users are made aware of potential risks in using the service. This will be particularly relevant if users create data that can potentially be lost.
User acceptance of risks: It can be useful to engage your users actively in discussing the risks.
User education: You should ensure that you provide your users with any training they require in best practice and effective use of the services you are providing.
Provision of alternatives: You may provide multiple alternatives to services that may be at risk.
Willingness to discard data or services: You may decide that you are prepared to accept loss of data or a service.
Data migration: If services are likely to give notice of changes to their terms and conditions you may decide to migrate the data if this happens.
Risks of doing nothing: You may decide that the risks of doing nothing and the associated missed opportunity costs are greater than the risks of using a Web 2.0 service.
An example of how this toolkit could be used for the case of the IWMW 2009 and related event is shown in Figure 5.1.
A risks and opportunities framework
We have outlined risk assessment and risk management approaches to exploiting the potential of Web 2.0 services. A risks and opportunities framework has been developed at UKOLN, which provides a structure for supporting the accompanying discussions and decision-making processes (Kelly, 2009a).
The framework is based on the notion that it will not be possible to innovate without a willingness to be prepared to take risks – after all avoiding risks may also result in missed opportunities. Rather than seeking to avoid risks completely the challenge is to understand and evaluate the risks. Once the risks have been assessed, approaches for managing these risks can be identified.
The key components of the risks and opportunities framework are illustrated in Figure 5.2.
Figure 5.2 Risks and opportunities framework for the social web Source: Kelly, 2009b
The key components are the identification of:
the benefits to the various stakeholders
the risks to the various stakeholders
the missed opportunities in failing to take the risks
the costs and associated resource implications
approaches taken to minimising risks that have been identified
gathering of evidence related to the components in the framework.
It should be acknowledged that in making use of the risks and opportunities framework, subjective factors including prejudices and biases will be expressed.
Using the framework
Two examples illustrate use of this framework.
Use of Twitter by an individual
Purpose: Individual use of Twitter by staff in an organisation in order to support community building with peers across the sector.
Benefits: Being part of an active community of practice can help an individual’s professional development. The ability to share successes can help to promote an organisation, and having a pool of experts can be beneficial when seeking help and advice.
Risks: There may be dangers that excessive amounts of time are spent using Twitter. It may also be used for non- work-related purposes.
Missed opportunities: A failure to permit motivated individuals to use Twitter to support their professional activities may demotivate them and result in a failure to exploit the benefits of a community of practice.
Costs: There should be no licensing costs for software. The costs are primarily staff time.
Use of Facebook by an organisation
Purpose: Organisational use of Facebook in order to promote the organisation.
Benefits: Facebook users can become fans of an organisation’s page, thus establishing a relationship with that organisation’s community. Information on news, events and so on can be provided without the need to set up and maintain a web presence. The Facebook wall allows users to send messages and establish a dialogue with the organisation.
Risks: The Facebook terms and conditions allow Facebook to exploit commercially content that has been uploaded. This may infringe the rights of copyright holders if, for example, images are uploaded to Facebook. It may be difficult to migrate content uploaded to Facebook to other environments. Maintenance of content and responding to messages may be time-consuming. In addition, maintenance will require access to Facebook, which may be blocked in some organisations. Some users may regard Facebook as an environment for personal use and not wish to make links to an organisational presence.
Missed opportunities: A failure to provide an organisational presence on Facebook can result in missed marketing opportunities.
Costs: There should be no licensing costs for software. The costs are primarily staff time.
References
Bradley, P., 100 British librarians on Twitter, 2010. http://tweepml.org/100-British-Librarians-on-Twitter/ [(accessed 7 January 2010)].
Cooper, M., Accessibility of Emerging Rich Web Technologies: Web 2.0 and the semantic web, 2007. http://www.w4a.info/2007/prog/k3-cooper.pdf [World Wide Web Consortium Web Accessibility Initiative, (accessed 7 January 2010)].
Evans, J., Guest post: blogs at Imperial College, UK Web Focus blog, 2009. 2 Octobe. http://ukwebfocus.wordpress.com/2009/10/02/guest-post-blogs-at-imperial-college/ [(accessed 5 February 2010)].
Kelly, B., When two tribes go to war, UK Web Focus blog, 2007. 22 Novembe. http://ukwebfocus.wordpress.com/2007/11/22/when-two-tribes-go-to-war/ [(accessed 8 January 2010)].
Kelly, B., Time to stop doing and start thinking: a framework for exploiting Web 2.0 service, 2009. http://www.ukoln.ac.uk/web-focus/papers/mw-2009/ [(accessed 8 January 2010)].
Kelly, B., Further developments of a risks and opportunities framework, UK Web Focus blog, 16 April, 2009. http://ukwebfocus.wordpress.com/2009/04/16/further-developments-of-a-risks-and-opportunities-framework/ [(accessed 5 February 2010)].
O’Reilly, T., What is Web 2.0?: design patterns and business models for the next generation of software, 2005. 30 Septembe. http://www.oreilly.com/pub/a/oreilly/tim/news/2005/09/30/what-is-web-20.html [(accessed 8 January 2010)].
Trafford, P., Archiving Pebble Blogs at Ramble.oucs, QA Focus Case Study 36, UKOLN, 2007. http://www.ukoln.ac.uk/qa-focus/documents/case-studies/case-study-36/ [(accessed 8 January 2010)].
UK Web Focus, Policies for this blog, 2007. http://ukwebfocus.wordpress.com/policies/ [(accessed 8 January 2010)].
Wikipedia, Amplified conference. , 200. http://en.wikipedia.org/wiki/Amplified_conference [(accessed 8 January 2010)].