Social media has made its mark on modern business, and I think it is safe to say that social media isn't going away anytime soon. Over time, employees have become more technically savvy and they have become hooked into social media as well. Mobile devices have overtaken PCs as the preferred method to interact with social media services. This presents a two-fold problem for companies seeking to maintain some semblance of order in a world where the end user now has many options to circumvent traditional IT controls.
The core issue revolves around private company data and how to protect it. Private information can include anything from legal documents to trade secrets that are key to a company's success. How do you protect this information when there are so many avenues opening up through which it can pass? It was hard enough to manage sensitive data when IT had almost total control of desktop PCs and laptops, but with the proliferation of mobile phones, tablets (like the iPad) and other mobile devices, this task has become just about impossible.
The social media world hasn't made this task any easier as it is data that they are after. The more user data they can pull in, the more money they can make. Most social media services are opening up all sorts of ways to import and share content. Many social media services have also been very sly about telling users exactly what it is they are sharing and with whom. Their privacy policies are horrendous and mostly allow them to get away with the equivalent of digital murder. Privacy defaults are usually set to gather and expose as much user data as possible. Some of that data could very well be your private company information. The worst part of all of this is that most of these scenarios take place outside of the company's control.
Social media, on the other hand, can be huge in terms of marketing and networking. To ban social media outright or severely limit the use of it would not only anger employees, it would exclude your company from interacting with a much larger potential customer base. In order to strike the right balance between leveraging social media and keeping certain information private, a two-fold method must be implemented.
The first method involves shaping a social media policy that will address the core issue of what remains private and what is able to be shared. Employees must clearly understand where the line between the two is. It is vital to train employees (on a regular basis) on what can and can't be said through social media channels.
Once that is clearly defined and understood, the policy must then explain how social media is to be used and how it is not to be used. Employees need to understand that although your company may allow social media within the work environment, it must be used in a way that reflects positively on the company and it must not negatively impact employee performance.
The second method involves company data controls and compliance. Limit the amount of company data that is flowing outside of the data center on laptops and other mobile devices. Look to technology like virtual desktops which reside within the security perimeter of your data center but allow employees to work remotely as needed. Ideally, the more you are able to keep company information in a centralized secure location, the less the possibility of an accidental (or intentional) exposure.
Lastly, have a policy in place to deal with information leaks and employees who do not comply with social media policies. This will position you to better respond (proactively) to incidents that will rise with the increased use of social media.
Need help with your social media initiative? We can help you! Contact us for more information.