In Social networking websites such as Facebook, MySpace, Twitter, LinkedIn, YouTube, iVillage, Yahoo! Answers, TripAdvisor, del.icio.us, LinkedIn, Craigslist, Amazon and many others have changed the way we operate our businesses and live our personal lives . The prevalence of Social networking has exploded in the past few years. This combined with mobile technologies have completed changed the way people and businesses interact with one another. Organizations reputations are being changed by online conversations happening between people who might not even be directly connected with that company in any way!
Enterprises are debating as to what extent of Social media interactions can be allowed within the work boundary without inhibiting employee productivity and competitiveness of the business.
Business organizations and Social Networking
Cisco recently released the results of a third-party global study designed to assess how organizations use consumer social networking tools to collaborate externally, revealing the need for stronger governance and IT involvement. (Source: http://www.cisco.com/web/solutions/cmsg/social.html). Some interesting findings from this report are:
- Only one in seven of the companies that participated in the research noted a formal process associated with adopting consumer-based social networking tools for business purposes, indicating that the potential risks associated with these tools in the enterprise are either overlooked or not well understood.
- Only one in five participants identified any policies in place concerning the use of consumer-based social networking technologies in the enterprise. Within the respondent base, social networking governance typically involves more stakeholders than standard corporate initiatives, as these organizations have yet to define who "owns" external social media strategies. Without a single point of ownership within organizations, these initiatives are extremely difficult to control and manage.
- Due to the unstructured nature of social networking, companies continue to struggle with policy creation and adoption, as copying an established governance process from other, more structured areas (for example, information technology) often doesn't work for social networking. Businesses also find difficulty in striking the right balance between the social and personal nature of these tools while maintaining some degree of corporate oversight.
- Only one in 10 respondents noted direct IT involvement in externally facing social networking initiatives. Although the IT department is typically not involved as a primary decision maker, respondents did recognize the need for these tools to scale and properly integrate with existing business processes to reap maximum benefits.
Involvement of the IT department in planning the usage of social media within the organizations in still a grey area and different organizations are trying different methods. Some have gone for complete blocking of social networking websites while others allow limited but monitored usage. Interestingly, the US Defense department and State departments are now allowing the use of Facebook and Twitter at workplace. It came with the usual caveats for employees: don't disclose classified information; maintain a distinction between an official and personal account; and "be alert to the potential targeting of users for intelligence-gathering purposes." (Source: >http://news.cnet.com/8301-1023_3-20010409-93.html#ixzz1E8P79LHW)
The social networking sites are evolving and so are their complexities increasing day by day. Organizations have to work on optimum ways to integrate these sites into their IT environment while taking care to address security and risk concerns.
Challenges
In organizations today the information security policy does not always cover the complete gamut of implications of the use of social networking. Hence, IT managers need to review and rewrite the information security policy to address the new challenges being thrown in by the use of social networking tools. Today people work from home which adds another challenge to the corporate information security arena.
Some of the common challenges and security risks due to Social Media are listed below, (though it is only an illustrative list):
- Network Vulnerability
- Spam and Phishing
- Data Theft
- Involuntary Information Leakage
- Productivity Loss
- Virus and Malware attacks
- Infrastructure and Maintenance Costs incurred to monitor social networking usages
Quick Solutions
Some Simple steps that organizations can take to address the challenges rising due to prevalence of Social Media:
- Free Internet access with Monitoring and logging each activity of individual user.
- Generating report of top 25/10 Internet talkers (users)based on the company categories (Add social networking sites also as part of category).Keep an eye on the top talkers. You may implement restricted access to top talkers on data download/ upload.
- Educate the users on usage of social networking sites - What kind of information can be shared and what needs to kept confidential. IT managers need to be involved in such conceptualization of such education programs.
- Create company group on external social networking sites and monitor the information being shared there.
- Installation of social media usage monitoring tools on laptop. Monitoring of logs once the user is connected to corporate network to get information on the browsing history.
- Developing your own social networking sites (private social networks) within the intranet for your employees as alternative to external social networking sites and for knowledge sharing in a informal way within the organization. The downside of this is if the employees do not find the functionality as per their interest areas they will not start using it right away. The following case study provides a good example for this step:
Private Social Network
John Parkinson, the CTO of TransUnion, a credit rating company, recognized that more than 2/3s of the employees were on Facebook , on MySpace and were pressuring him to allow them to create a company social network on these public sites. Instead he decided to harness the familiarity with public social network platforms by implementing a private social network that included personal profiles, a wiki, instant messaging, a forum for questions and answers, polling and other common features. The cost of implementation was $50,000.
As employees started using the network, Parkinson studied usage and soon discovered who among the employees were best at problem solving. The result - the company created new roles for forum experts. It was never very clear to us, looking in, who the authoritative sources were, who was good at solving problems, Parkinson states. Now it is. The benefits are incalculable.
Parkinson wasnt implementing the social network because he was trying to retain staff or create knowledge sharing. He was trying to stave off the demand from TransUnion employees who were avid Facebook and MySpace users.
Parkinson calculated the ROI on the investment made in a private social network as yielding savings of more than $5 million in the first year. Compare that to the cost of implementation $50,000.
Source: Social Networking in the Enterprise: Whats the ROI? (>http://www.cmswire.com/cms/enterprise-20/social-networking-in-the-enterprise-whats-the-roi-006760.php?pageNum=3)
It is essential that we have an understanding of the social media and networking tools and platforms and map it with the organization information needs and security. There is no one size fits all solution here. Each organizations IT department has to look at it from their business priorities too and make relevant decisions to address the challenges of usage of Social media tools and platforms.
*The author is associate director IS, MindTree Ltd.
Add new comment