Answering Your CIO’s Concerns About Yammer

There are many articles outlining CIO concerns over the rise of social networking in the enterprise. Since Microsoft’s acquisition of Yammer a year and half back, there have been many written about social concerns within the Microsoft space. To be honest, it goes back further to that, back when social capabilities in SharePoint 2010 (and the limitations, thereof) were being talked about within the SharePoint community. I don’t think there’s anything new here. From security to business alignment, the concerns voiced by CIOs today are pretty much the same as what CIOs were concerned about in the late 1990’s as the precursors to our current consumer and enterprise social applications came into being.

Some of us have spent a lot of time in front of customers trying to convince them that it is safe to go in the water, that their employees were engaging in social activities inside and outside of the firewall whether they liked it or not — and that it was something that needed to be embraced and planned for, not disregarded. These days, whether an application is on premises (you control the servers locally) or hosted offsite (private cloud or public cloud) is almost inconsequential — these platforms and apps are maturing, and many of the concerns we had in the early days of social technology are just no longer valid.

Understand that Microsoft’s vision for the future of collaboration is not about SharePoint on its own, nor is Yammer “replacing” SharePoint. You need to abstract your thinking, and recognize that content and conversations will begin across many different platforms. Our ability to govern and administrate is not yet federated — but we’re heading in that direction, where you’ll be able to track artifacts created, edited, and shared between Yammer, SharePoint, Dynamics, Project Server, Lync, and so forth. We’re not entirely there today, but the rate of change is increasing, and we’re moving in this direction.

For those who find themselves stuck within their organization in shaping your business processes and team culture around this vision of a social future, I thought I’d specifically address the leading CIO concerns for social computing within the context of Yammer. Is your CIO blocking your every move? What are the issues? Should your management team be concerned about these new technologies?

Some of the questions you’ll likely run into as you introduce Yammer to your organization, and some ideas on how to address them:

1.How secure is the platform?
First and foremost in any CIO’s mind is security of existing systems and applications. Will enabling Yammer create backdoors and open the company up to issues? What does this do to access controls and permissions management? The first line of defense in the free version of Yammer is that only those with a corporate domain can join your network. However, you may also have a bunch of former employees still logging in to the system with their old email and password — and there’s not much you can do until you secure things with the paid version. Within a paid network, your network admins can manage who has access, and tie account provisioning to Active Directory. Beyond that fundamental layer of security, your other protections are through private groups, and, of course, security at the document-level.

2.How difficult will it be for us to monitor and protect our intellectual property?
While we’ve seen news of inconsiderate employees losing their jobs over loose talk on unmonitored social media sites, there just hasn’t been the wave of IP issues predicted in the early days of these tools. Part of this is because many companies closely monitor  their brands and trade secrets, but the real reason is that the way we work has changed. People inherently understand what can and can’t be talked about in these forums. Having said that, you need to be aware of the capabilities (and limits) of Yammer. The partner ecosystem is starting to provide apps that can improve on the out-of-the-box keyword monitoring, but for the most part you’ll need to monitor and take appropriate actions based on what your employees are doing within the system.

3. How will we enforce compliance?
At the root of every compliance rule is a creative lawsuit claim. Somebody, somewhere was sued for leaking the kind of data floating around in your internal social platform. The problem with many of the common platforms is that they are limited in their ability to capture and store historical data. Not a problem within Yammer. In addition to the aforementioned keyword monitoring, you can monitor, capture, and archive just about anything. Social compliance is not something that can be automated just yet, but I’m sure someone in the partner community is looking at ways to address this issue.

4. Is there any way to measure productivity?
Are you scanning your Friend lists, checking on the status of your college buddy to see if he was able to catch Avatar in 3D last weekend, or are you actually doing something “work-related?” To be honest, this is one of the most difficult issues to overcome with a CIO who insists that social media = unproductive employees. It’s hard to sell effectiveness and efficiency, the intangible fruits of social computing. Senior managers who see everything as quantitative have a hard time understanding qualitative arguments. Yammer’s app model solves some of this by providing dashboard-like visibility into what is happening within your network, and by whom. To some extent, how to use Yammer effectively should be part of your ongoing employee training plan — but when standards are defined (create a usage policy, for example) the community does a fairly good job of enforcing it.

5. What will this do to our internal support queue?
What is the server footprint? What are the support options?  What are the priority and severity levels? What is the mean time to resolution of any issue you might find? Are there SLAs? How much visibility do you have into the types of supports issues you can expect, or that other enterprise customers are experiencing? Many of these kinds of questions are reduced by the fact that Yammer is, and always will be, a cloud-based platform. Support is community-based, and issues are generally resolved very quickly due to Yammer’s agile release cycle. One best practice is to create separate Admin and End User groups with training material and FAQs.

6. What will this cost us?
This is a legitimate concern, no matter what the platform. Again, since Yammer is a cloud platform, many of the associated costs of infrastructure and support are built into the low monthly cost. You can get more details on pricing at

7. How will we handle the lack of transparency in what people are doing?
Truth be told, this is just another flavor of the security, IP, and compliance concerns above. In my experience, this concern has more to do with control than anything else. But within Yammer, its also a non-issue, since the entire premise of the platform is anti-hierarchy, giving everyone access to the content and conversations being generated within your organization. Of course, there are private groups and secure content — but even then, some admins will have the ability to access even these, providing the necessary transparency to ease this concern.

8. How will this impact our network bandwidth?
Honestly, every vendor under the sun has this question answered. Yammer is no more resource-intensive than any other internet network usage.

9. Isn’t social just a fad?
Microsoft doesn’t think social is just a fad. Prior to the Yammer acquisition, they were building robust social capabilities into SharePoint Server. They are all-in on social, integrating Yammer with their Dynamics CRM platform and making it a core aspect of their Office365 offering. Doesn’t sound like a fad to me.

10. Is this really something we should care about?
The good thing about a CIO who doesn’t seem to care about the latest, greatest technology is that they don’t tend to last very long. Your best approach to apathy is to show your CIO why they should seriously consider using Yammer, such as increased productivity, improved employee communication, or just happy end users.

Hopefully you’ve found this list to be helpful, and it helps you better understand your CIO’s hesitations around social computing — and how to answer these concerns as you explore the use of the Yammer platform. Don’t be deterred. The first step for you is to understand their concerns. The second step is to answer those concerns. Do your homework, and be prepared. Good luck.

If you have any questions or feedback on Christian’s article please leave a comment below. We would love to hear from you.

See Christian and Mark Kashman’s keynote What It Takes to Make Social Successful at ESPC14 for only €1150.

Christian BuckleyChristian Buckley is a SharePoint MVP, internationally recognized author and speaker, and a Forbes Top 25 SharePoint Influencer. As the chief evangelist at Metalogix, he drives product awareness and community development. He was part of the Microsoft team that launched SharePoint Online (now part of Office365), and worked with some of the world’s largest technology companies to build and deploy social, collaboration, and supply chain solutions. Co-author of Microsoft SharePoint 2010: Creating and Implementing Real-World Projects (MSPress) and 3 books on software configuration management, Christian is president of IAMCP Seattle, is part of’s Executive Leadership Council, and can be found online at and @buckleyplanet.

Share this on...

Rate this Post: