Corporate Blogging Behind the Firewall - Looking for Best Practices
The company I work for (which I make a reasonable effort to not mention on this blog, but which isn’t necessarily a dark secret) has begun to support internal employee blogs. By “support” I mean “provide a means to make happen”, but not “encourage by implementing a simple yet effective architecture familiar to most bloggers.”
My company is a telecommunications and networking infrastructure provider, and we have a lot of intellectual property that we must maintain. We’re struggling to figure out how to create cutting edge technology and freely participate in the technology marketplace of today, which includes openness, direct communication, collaboration, user-generated content etc. etc. - while still protecting our IP (intellectual property).
So we’ve taken a small step by implementing something more like a web forum system tweaked up to look like a blog. It supports real html, comments and attachments. However, it’s an SSL-encrypted webpage behind our firewall, there’s no RSS and the internal URL’s look like a mashup of misspelled Russian words and symbols that are at least 20 characters long.
In short, it’s extremely inconvenient for others to access the content - you have to have a specific URL of the employee blogs page. In stead of RSS, the system offers an email subscription, which is certainly better than nothing.
I understand why our company isn’t allowing externally-visible employee blogs, and can understand the security concerns even behind the firewall - at least to a point. But the restrictions significantly hinder the power of a blog - easily accessible, open posting API (e.g. Wordpress or Moveable Type) and syndication.
I’d like to offer my very humble input to our IS team but would like to seek others input about the best practices for setting up blogs behind the firewall. For example:
- are there some proven ways to implement RSS with both authorization and encryption?
- what blogging platforms are most conducive to a behind-the-firewall application?
- how have other companies developed an internal blogging policy (I’m not even considering external blogging policies at this point) where there is a lot of IP discussion involved, even internally?
If anyone has input on this topic I’d love to hear it! Thanks.
We have implemented the opensource blogging software Lifetype (found it on sourceforge) on an intranet. It should be pretty easy to fire up a windows or linux box running apache and install this software on it - and do not tell the firewall that it exists. Without proper routing at the firewall the web server is “safely” inside the network and only available to those within the network (or using VPN).