Wednesday, April 22, 2015

Social Media Management and Information Governance

The social media landscape today has ballooned to include several different types of platforms from video or photo sharing to microblogs to short posts and activity feeds for all. With all of this newly introduced communication software, there becomes an increasing amount of data and data risk.

There are three layers of information governance involved with social media use within official organizations. Read on to learn what these layers are and what can be implemented within your organization to keep data compliant with legal, organizational and regulatory policies and procedures, as well as keeping data safe and free of risk.

Social Media Security

Organizations, including small and midsize businesses, non-profits, corporate enterprises, even governments, are no doubt being inundated with automatic cyber-attacks, hacks, spam, phishing scams, DDoS (distributed denial of service) attacks and other forms of electronic malware. Much of this malware also no doubt comes from social media use. Interestingly though, many organizations are not prepared or putting effort into scanning this content for malware stemming from social media use.

Short links distributed through tweets, wall posts and other forms of communication are generated by bots that are designed to appear human online, though they are not. The information gathered through deploying these bots can be devastating for an organization. Imagine that employee clicks on one of these links and critical business information becomes vulnerable to automated information harvesting.

This information can be used in a variety of ways including business or government espionage, theft of important customer or internal financial information, theft or distribution of important trade secrets like research or prototypes and illegal or compromising use of other critical data.

There are tools that can scan this content and monitor user behavior to ensure secure communications. One of the tools that can manage social media is HootSuite.

Social Information Archival

The archival of information is obviously important for any kind of enterprise or organization. Data can become stockpiled or deleted immediately on social media sites, depending on their own policies for data retention.

If an employee or member creates a piece of content that was deleted, there must be a way to retrieve when and why the content was removed. It may come up in a legal matter at some point (continue reading to see Social Media Information Policy).

Screenshots of content or documentation of social media activity are a couple of ways that this information may be monitored or recorded. Some kind of record needs to exist. A simple log may not suffice, depending on policy or regulations. Businesses with a supply chain, product or other third party scenario may need to refer to this information for business practices or other reasons effecting third parties or partners.

Social media insights can also be gained through tracking content and activity over long periods of time. Research into social use over time can enable organizations to become adaptable to market conditions, laws, disruptions, customer expectations, business practices and a broad range of other areas important to organizations using social tools and sites.

Social Media Information Policy

Organizations are more heavily burdened by legislation, regulation and threat of legal action or litigation than ever before. To complicate matters, the amount of information is growing ever more rapidly. As old data becomes archived, exponentially larger volumes of data are being produced. This trend is not going to slow down anytime soon. Just take a look at the massively growing market of cloud storage and computing services on the market. So how can we ensure that social media use follows guidelines?

It starts with auditing content, campaigns and procedures to ensure legal, regulatory and organizational compliance. Look at content to see if there are vulnerabilities. You don’t want users posting content that can lead to insider trading, for example. Trade secrets and confidential customer or supplier information must also not be distributed to the public, for another example.

These are just a couple of ways that this kind of media use can harm or injure the credibility, profitability and even viability of an entire enterprise. Information handling policies must be both set in stone for things that will not change (corporate responsibility, for example) and things that will change or evolve over time (product marketing, for example). Some things will in fact change quite rapidly, while others will be a little slower moving.

After the audit, the next step is to ensure enforcement. Not only management, but every single member of the organization must first understand that these policies are important and then see to it that they are being followed. Monitor all onsite or virtual network use and the use of social on those systems. Let users know that their activity is being monitored to dissuade them from engaging in the risky behavior to start with. Remember that the average employee spends nearly an hour engaging in social media use at work.

There are various risks associated with this activity. Employees must both know the risks associated but also understand that there will be no tolerance for non-compliance with these policies. Disciplinary action is at the discretion of each organization.

Implement the Layers Proactively

Remember that the sooner your organization starts implementing these layered tasks, the better. You don’t want to be comfortable today and sorry tomorrow for not realizing the mistake of complacency. Make sure that everyone is on-board at all levels to ensure the smoothest possible transition into security protocols, policies, procedures and use of tools and software.

People are often afraid of change or resistant to do things that require patience or more work on their end. You may be able to alleviate some of those pains from them, but ultimately everyone must be responsible for the information they produce, gather and distribute.

All this being said, social media is a great tool for boosting productivity as well as marketing efforts for most organizations, so don’t be afraid to use social media, just use these precaution measures first.

No comments:

Post a Comment