Microsoft Office 365

External Messaging in Yammer: Applause and Questions

Microsoft announced a series of future and immediate updates for Yammer, with inclusion of Yammer in Office 365 Groups and Yammer signals in the Office Graph as future updates, while the ability to include external people in a Yammer network is available now.

I’m pleased to announce a new external messaging feature in Yammer, which enables you to add extended team members from outside your organization, such as partners, vendors and customers, to Yammer conversations. To include an external participant, simply add their email address to a Yammer conversation in your network, and they’ll be able to see and respond to this conversation from their own Yammer network or email inbox. Your data stays secure because outside participants only access the conversations they have been added to and not the rest of the information in your network. With 40 percent or more of the U.S. workforce expected to be made up of contingent or independent workers by 2020, companies need to empower the formation of dynamic teams. External messaging is an important step in that direction.

Here’s my comments with respect to Microsoft’s implementation approach for external messaging:

1. I applaud the use of a common policy engine for controlling / limiting what users can do with external messaging in Yammer. The centralization of policy statements in Exchange Online (using Exchange Transport Rules) means IT administrators, security professionals, and compliance officers have only one place to set and evaluate policies. Creating tool-specific policy rules is a quick path to tremendous complexity; I like the approach taken.

2. While I haven’t seen the implementation of the user interface warnings regarding the inclusion of external participants in a conversation, in principle having such warnings is essential. It sounds like Ignite in a couple of weeks is the place to see what the UI elements look like in practice.

3. I’m unsure about the suitability of “data export” from Yammer so verified admins can “monitor any conversation that originated in their network as well as conversations their employees are participating in outside networks.” Such monitoring is required under various industry and government regulations, but whether a “data export” meets those requirements remains to be seen. If a “data export” requires a manual action to get out all conversations, this sounds like an implementation that will bring trouble to organizations. Where is the automatic / automated real-time monitoring with immediate escalation when problems occur?

4. Microsoft says it “provide[s] Yammer users and admins the ability to remove external participants once they’ve been added, pulling that conversation entirely from the external participant’s inbox.” I wrote about this back in my Shared Spaces days, and that this is unfair. If an external participant has contributed ideas and intellectual property to a conversation, it is unfair for them to lose access to all of that. What upfront disclosure does Microsoft / Yammer give to external participants that they risk losing access to a conversation at any time?

Some applause, some agreement, and some questions. Looking forward to seeing where this goes.