“Media hype and enthusiasm for virtual worlds must be tempered with a realistic assessment of the security and risk-management issues” they present to enterprises, Gartner vice-president and analyst Steve Prentice warned.
Companies should “exercise particular caution” when dipping their corporate toes into the lightly controlled Second Life “and should consider more heavily moderated, targeted alternatives,” such as There, Kaneva or Activeworlds, he said.
There are significant risks in virtual world participation by companies, Prentice said, especially those that “are sensitive to brand issues, as well as social and ethical positioning.”
Reasoned and Objective Analysis
The new statement from Prentice is a bit more foreboding than one he released back in April. While that statement also urged caution, it said, “the collaborative and community-related aspects of these environments will dominate in the future, and significant transaction-based commercial opportunities will be limited to niche areas, which have yet to be clearly identified … However, the majority of active Internet users and major enterprises will find value in participating in this area in the coming years.”
Prentice is not suggesting companies completely give up on searching for ways to make money in virtual reality.
While “the risks enterprises face as a result of their involvement in virtual worlds are real and can be significant,” the analyst also noted companies should not ignore “the potential opportunities and benefits that arise from using these new environments for corporate collaboration and communications.”
To aid companies interested in planning participation in virtual worlds — an action Prentice said should be done with awareness of and “a reasoned and objective analysis of” the risks involved — Gartner broke down the dangers into five categories.
The first is IT-related security risks. The main vulnerability on this front is “unverified applications being downloaded to managed desktop systems, and on issues regarding firewall permeability,” wrote Prentice.
The second area of concern is identity authentication and access management, according to Gartner. In virtual worlds, people are represented by avatars. Prentice noted that “new accounts can be opened with ease (and at no cost),” so many people have multiple avatars.
“Thus, it’s difficult (if not impossible) to ensure that any specific avatar actually represents the person with whom it’s associated,” he wrote. “This lack of verifiable identity control or access management is a major deficiency in public virtual worlds and is having a significant impact on the potential use of virtual worlds for internal collaboration purposes.”
Virtual Rumor Mill
Virtual worlds are not secure environments, so confidentiality cannot be ensured, Gartner said. For that reason, it warns that “discussions involving confidential and commercially sensitive information shouldn’t take place inside Second Life or any other virtual world — or in an open, Internet-supported social-networking site.”
There are applications that can help companies control matters involving privacy, confidentiality and identity, but they only work if a company moves to a “private virtual world” operated within the company firewall, Prentice said.
Coming on the heels of last month’s decision by Linden Lab to ban gambling on Second Life and its crackdown on virtual activity of a sexual nature, Gartner’s warning about “brand and reputation risk management” strikes a chord.
Less-controlled places such as Second Life “represent an environment fraught with danger for enterprises that are sensitive to brand and reputation issues,” Prentice said. He urged that companies “should exercise extreme caution in their virtual-world activities.”
The last realm of concern cited by Gartner involves productivity. There are pros and cons to employee involvement in virtual worlds and online social networking sites, conceded Prentice. “Gartner’s take is that productivity may decline during the extensive learning and adoption phases of virtual worlds, but this shouldn’t prevent enterprises from looking beyond the initial phases toward the productivity benefits that may ensue,” he wrote.
Gartner made some good points but seems to have ignored the ever-present need to educate and warn employees about the risks of online activity, said technology analyst Jack Gold, principal at J. Gold Associates.
“Although virtual worlds represent some potential risks to an organization, so do most of the other consumer-oriented technologies,” Gold told LinuxInsider. He noted that instant messaging “has penetrated many organizations and is becoming mission critical within the next one to two years.”
Companies must “do all they can to protect themselves from security and compliance exposure, as well as potential misuse by employees,” said Gold.
Gartner noted that virtual worlds might have real benefits to enterprises as places for employee collaboration. Companies should think twice about attempting to thwart this, Gold said.
“New methods of collaboration are springing up everywhere, and being able to eliminate all of them from a corporate work setting is likely impossible,” said Gold. “Even if it were possible, not deploying such applications could have a major negative impact in productivity, longer term.”