Printer Friendly Version

Does the Loch Ness monster exist? Were all those crop circles really the work of some drunken college students? How about that whole "aliens helped the Egyptians build the Pyramids of Giza" thing? Myths abound; some are passed down from generation to generation while others are more suited to the tabloids.

There's no shortage of myths in the corporate world either — most of which are based on a lack of understanding. Over the years I've received many e-mails from readers with some pretty wild, and even dangerous, misconceptions about intranet development and management. In this article I'll take a look at five of these common intranet myths.

Myth 1: Intranets and Corporate Web Sites Should Use the Same Brand

There's no reason why an intranet should share the same brand as an external, corporate Internet site. In fact, it's the opposite: An intranet should have an explicitly distinct brand that separates its identity from the corporate site. Why? Different purpose, different design.

Corporate Internet sites cater to a wide, external audience that has little knowledge of the organization. They visit a company Web site to get information about its services, its products, or the company itself. An intranet, on the other hand, caters to internal employees who are already familiar with the organization and contains large volumes of business, project, and industry-specific content.

Employees of an organization will rarely visit their own corporate Web site for more than a few minutes; they have little interest in reading marketing information. It's always useful to give an intranet a distinct brand and identity in order to separate it from the external site.

Even though an organization's intranet and Internet Web site serve two very distinct purposes, intranet owners and developers seem to have this misconception that they need to look the same simply because they're both Web-based. But this similarity is the only one that ties the two together. An intranet shouldn't look any more like its external counterpart than Microsoft Outlook should.

The table below illustrates the core differences between external, corporate Web sites and internal intranet applications:

	Internet Site	Intranet Application
Purpose	Marketing: Corporate visibility and product/service promotion	Productivity: Content management, online collaboration, company-specific applications
Audience	Casual visitors with little knowledge of organization	Heavy, function-oriented users who are already familiar with the organization
Content Life	Fairly static with occasional updates	Highly variable with daily updates
Design	High wow factor; must catch users' attention to maintain interest and increase exposure	High functionality; must cater to both quick content retrieval and long-term usage

Myth 2: Internal Security Is Not as Important as External Security

While it's vital to protect an organization's network resources from unauthorized access by external threats — hackers, viruses, spyware — you can't ignore the possibilities of internal threats either. Intranet owners can be lulled into a false sense of security by believing that there's no threat to corporate data simply because all personnel are part of the same organization. But you can't rely solely on the assumption that every employee will handle sensitive internal information with proper care and discretion.

A complete intranet security solution isn't a matter of either/or. Internal security is just as important as the firewalls, proxy servers, and anti-virus components put into place to keep outside threats from corrupting an organization's IT infrastructure. But unlike these external measures, internal intranet security involves procedural as well as technological components:

Procedural

• Access request procedure: A formalized process, either online or paper-based, whereby all requests for access to sensitive and confidential information must be authorized by someone in authority thus creating a security access audit trail.

• Internal security policy: Specifies the proper handling of all sensitive and confidential information.

Technological

• User authentication: Used to identify the user trying to gain access to the system. Authentication can include passwords and/or biometrics.

• Access control lists: Used to identify which users/groups have access to which pieces of information within an organization's intranet and network.

An intranet houses enormous amounts of strategic information — most of which isn't available to the public. Internal corporate information can become compromised — either through carelessness or malicious intent — if proper internal security measures aren't put into place and enforced. If this information does happen to fall into the wrong hands, the consequences can be extensive including the loss of competitive advantage, costly and time-consuming litigation, or the divulging of trade secrets.

(Related articles: Managing the Keys to Your Intranet, Intranet Security Begins With Education)

Page 2: Myths 3, 4, and 5.