To collaborate or not - this is NOT the question.

Just came across this interesting article in Network World by Kurt Johnson - Control Collaboration, don't inhibit it. No doubt concerns from Web2.0 and social media security risks also weighed in...

The article argues about best practices and has some good suggestions - however, I feel that the core challenge was not fully addressed. How do we really let data go free, but control it?

There are technology solutions (perimeter security, anti-malware, access control), process solutions (compliance - the challenge of managers now becoming compliance police? I doubt whether they would want to take on that responsibility) and people solutions.

The one aspect not touched upon explicitly is the data-centric perspective on meeting these challenges. I am a firm believer in de-perimeterization and think that we have to get to more granular controls at the data level with policies around encryption, access control and retention to effectively deal with these challenges.