Co-authored by Simon Karpen and Joel Duisman, Technical Consultants at Taos
In many companies, wikis have moved from ad-hoc tools used by engineers, to serving as key pieces of documentation infrastructure. This change in role brings a change in requirements; instead of simplicity and ease of setup, we now have to think about security and compliance. Wikis also need to integrate with enterprise authentication systems, and frequently have security and compliance requirements.
Many companies are also using wikis as a tool to interact with customers and developers. These wikis are very different from a true enterprise wiki; they’re externally facing, hold only public information, and are designed to foster discussions and contributions.
Commonly Used Software
While Wikipedia (itself a wiki) lists dozens of available software packages (see http://en.wikipedia.org/wiki/List_of_wiki_software), there are principally four commonly used wikis. These include:
TWiki – http://twiki.org/ – open source, Perl
Mediawiki – http://www.mediawiki.org/wiki/MediaWiki – open source, PHP
Confluence – https://www.atlassian.com/software/confluence – commercial, Java
DokuWiki – https://www.dokuwiki.org/dokuwiki – open source, PHP
Additionally, there are numerous niche players and pieces of software with limited Wiki-like or Wiki-related functionality (e.g. Jive, Microsoft Sharepoint). These solutions do not offer the same collaborative feel so, the corporate market for true Wikis remains relatively narrow.
When using a wiki in the enterprise, particularly in an environment with significant compliance and/or security requirements, some key features include:
- Authentication and Authorization Integration
- Active Directory, LDAP
- Permissions based on centralized groups / roles
- Manageability – backup, recovery, overall supportability
- Audit trail / logging – monitor changes, and possibly accesses
- Availability of Support – first party (author / seller) support is preferable
- User friendly interface – WYSIWYG editing, solid online help
- Data storage model – allows for scaling and disaster recovery
- Foreign Language Localization
Beyond simple access logging, a desirable feature (not necessarily available in any off-the-shelf solutions), is to detect and alert on or stop data exfiltration. Data exfiltration is when information is removed, sometime in bulk, from the corporate site. This feature can be a very important tool in safeguarding intellectual property, documentation, and possibly customer information. Unfortunately, in the wiki space, this is not really a well-developed capability.
How they Stack Up
|Active Directory / LDAP||Yes||Yes||Yes||Via web server only|
|Permission Management||Internal Only, Rudimentary, Object level||AD/LDAP Groups, plus Internal, Hierarchical / page / tree level||Internal Only, Rudimentary, Page/Web Level||Internal only, Rudimentary, Page/Web Level|
|Audit Trail – Changes||Extensive||Extensive||Minimal||Minimal|
|Data Storage||MySQL or PostgreSQL||MySQL, PostgreSQL, Oracle, or SQL Server||
|Backup and Recovery||Database + File system||Database Backup, or Database + Filesystem, or application-level XML backup||File system Backup||File system Backup|
|WYSIWYG Editing||3rd party, partial functionality||Included, full functionality||3rd party, partial functionality||Included, partial functionality|
|Support Model||Community + 3rd party||Commercial 1st party||Community + 3rd party||Community + 3rd party|
|Licensing Model||Open Source||Commercial / Per User (SaaS also available)||Open Source||Open Source|
There is of course no best wiki; the best wiki for the job depends on the use case, target audience, and security requirements.
The leading candidate for a public wiki, especially at scale, is MediaWiki. It’s battle tested (Wikipedia), has the tools for managing a large number of external users and contributors, and is built on scalable, industry standard back-end technologies.
TWiki and DokuWiki are also reasonable choices, for simple use cases with a limited audience (i.e. developer documentation, not end-user / general audience interaction)
Confluence’s enterprise-grade security and per-user licensing model make it unsuitable for a public wiki.
Confluence is the canonical choice for an enterprise wiki. Relative to the available open-source wikis, Confluence provides:
- A significantly more comprehensive permission model
- This includes having “no permission” show up as nonexistent, instead of “permission denied”, which helps prevent information leakage
- Access control at the page/tree level, with automatic protection for images and other content
- Deeper and broader integration with enterprise authentication
- A true WYSIWYG editor, accessible to non-technical users
- A strong audit log of all content and permission changes
Confluence is a licensed product so there is an annual maintenance cost which can vary from several hundred to several thousand dollars annually plus the initial purchase price. However, the cost is relatively small compare to the other costs of running a Wiki service.
Authentication — the process of determining the identity of an individual or role
Authorization — the process of providing permission or access
Compliance — the state in which something is in accordance with established guidelines and/or specifications
Data exfiltration — the unauthorized transfer of data from a computer or network
Enterprise – describes all the people working for a given company or governmental entity
Open Source – refers to any technology where the right to use and modify code is freely granted without cost
Public — describes open and often unauthenticated access
Security – the stated goal of compliance, measured by the ability to enforce business rules
Wiki – a tool that allows a large number of users to share (create, update and delete) content on a website
WYSIWYG – shorthand for What You See Is What You Get, a feature of document editing where the person receives an exact visualization of the final product while editing