The upside of using social networking tools for businesses far outweigh the risks, but they do pose potential damage to brand image and corporate data. An informed and considered process is needed before you move into this space.
The growth and momentum of Facebook, LinkedIn, MySpace, Twitter etc. is well known. The crossover from personal use, on personal time to business use and business time occurred some time ago. Many companies entered this period with little or no policy, plan or protection. That should scare the bejeezus out of any senior management or business owner!
Yes, these sites are valuable and effective tools to build and maintain relationships with friends, brand advocates, colleagues, customers and potential employees. But evil doers with bad intent are also out there, seeking to achieve gain or do damage to others. Are you prepared?
The crux of the issue is around user identity and user created content. Despite the frequent reports of identity theft and web hacking, most users feel fairly safe and protected while on-line. Most of the social networking sites provide a treasure trove of personal information, which creates a tempting and lucrative target for hackers. Developing malicious applications which are populated on Facebook and then push malware onto user’s computers is not a hard effort
In addition, there are few impediments to restrict or prevent a disgruntled customer or former employee from slamming a brand on Twitter. Or someone decides to post the photos from the office picnic (where things got out of control) onto their Facebook page. How about Tweets from someone in R&D about a new breakthrough that will shake up your industry, sending the stock price up $3 in an hour! Yikes, you have issues in all cases.
Many organizations often first look to the IT department for guidance, which results in an iron clad block of all sites. This cannot be the answer for a progressive organization that understands the valuable marketing and sales window they offer. But the answer is not a technology based one. An effective and appropriate approach involves a blending of the following areas:
POLICY – An intentional, clear and concise policy regarding the use of social networking must be established within the overall use of company assets, Internet or Information Technology policy. It should incorporate guidelines for customer engagement and any and all ethical, legal and professional restrictions. (e.g. HIPPA for any medical related business). It should designate who is permitted to use social networking to represent the company on-line, and should specifically exclude all others.
Personal use of social networks should fall in line with the overall Internet policy, where excessive use and significant upload/downloads are prohibited. The policy should restrict any installation of unauthorized applications, tools or widgets. ALL employees should be required to review and sign the policy annually.
TRAINING – All staff should be required to complete a training module that covers the benefits, policy, threats and uses of social networks. Special emphasis should be devoted to acceptable and risky uses of the sites and those persons or groups authorized for “official” company use.
IT SOLUTIONS – There are a variety of new tools on the market that are very specific to the threats of social networks, skilled IT professionals are required to guide you through this process. At the very least, every business must have an effective set of defenses that should include multiple layers of firewall, spam, and virus and malware protection.
Any organization can leverage the power of social networks. Before jumping in, however a bit of thoughtful preparation is necessary to minimize the risks and assisting employees by providing structure and guidelines.
Good luck.
No comments:
Post a Comment