Microsoft last week announced a connector between Microsoft Outlook, and profile information in Facebook. The service works by matching a user’s e-mail address to their Facebook profile. So if one of your contacts in Outlook is on Facebook, you will see whatever information is publicly available from their profile within Outlook (or whatever information you can access if you are “friends”). Microsoft previously announced a similar integration between Outlook at LinkedIn.

Microsoft’s move creates new challenges for organizations trying to balance the need to embrace the world of social software with concerns over security, compliance, privacy and productivity. Our 2010 benchmark of over 200 companies shows that 40% block access to public social sites such as Facebook, Twitter and YouTube, but often are forced to back off blanket bans due to employee demand or business justifications to participate in public social communities. Meanwhile, only 23% have a formal social strategy.

Allowing employees to engage with public social networks can provide real benefits in terms of building personal relationships with customers, partners, and suppliers, but of course carries risk and must be implemented with respect to information protection requirements (See Socialware’s recently released Guide to Facebook Social Networking Compliance).

We continue to spend a lot of time working with our clients to try and help them balance the need for openness with the reality of governance. Enterprise managers should take efforts by Microsoft and others to poke holes in the social firewall as further justification for a proactive enterprise social strategy.

What happens when an investor “friends” his broker or agent and they use Facebook chat or e-mail to discuss account activities? This sort of scenario sends shivers through the spine of those responsible for compliance in the financial services sector. We’ve seen a huge market develop around compliance enforcement for e-mail and IM, now those same concerns are extending into the social space.

FINRA, the Financial Industry Regulatory Authority, issued new guidelines this week designed to help financial firms balance the need to enter the social world with the need to meet electronic records retention rules. The problem for enforcement managers so far has been the lack of tools. While companies such as Facetime Communications have introduced social site enforcement gateways, it remains difficult to cover all the bases as social sites rapidly grow. Ultimately the heart of any successful compliance strategy is user training and a solid acceptable use policy for those accessing social sites. Financial firms would be wise to carefully read FINRA’s recommendations and proactively take measure to limit their risk.

At this week’s Lotusphere IBM introduced “Project Vulcan“, it’s road-map for integrating public and private collaboration and social communities into an extensible set of user interfaces. Ed Brill notes that Vulcan “is the blueprint for where Lotus Notes is going.” Vulcan continues a trend by IBM to merge Notes into public social networks, highlighted by last year’s announcement of LinkedIn integration with Notes.

IBM’s announcement, coupled with Cisco’s recent introduction of public social hooks into its Enterprise Collaboration Platform demonstrate a continued convergence of public and private social networks. These moves highlight the reality that social network such as LinkedIn, Twitter, and Facebook are increasingly used for legitimate business purposes rather than for entertainment or catching up with friends and family, but they also raise alarms for those responsible for governance, compliance, and security. I expect that over the next year we’ll see a continued battle between those responsible for information protection and those looking to improve collaboration. Vendors can help their odds of success by addressing compliance concerns up front.

Bill Pray blogged today on the Supreme Court’s decision to take on a case involving the privacy rights of an employee’s use of a government-provided mobile device for personal text messaging. This case further highlights the growing concerns around privacy and compliance as companies embrace emerging communications applications. In almost every conversation I’ve had with end-user organizations the topic of compliance is front and center as they evaluate tools such as SMS, Instant Messaging, Microblogging, and social computing platforms. Our recent SRO session at Enterprise 2.0 in Boston explored many of these issues as well. Bottom line is that its wise to involve your governance and compliance officers early on in as you develop your enterprise 2.0 strategy.

Tandberg’s new compliance appliance could be a precursor of a potentially growing market around compliance enforcement for emerging collaborative technologies. Tandberg’s offering is designed to help companies archive and manage video conferences to support compliance and auditing needs. We’ve already seen similar developments as companies like Akonix, IMLogic and FaceTime emerged to support compliance needs in light of use of instant messaging. I expect to see similar appliances or applications popping up to support enterprise usage of services such as Twitter, Google Apps, and Facebook to name a few. We’ll discuss this topic at Enterprise 2.0 on Wednesday at 3:30 in a session entitled “Privacy, Data Ownership and Identity in an Increasingly Virtual World” - hope to see you there!