The media has been crawling all over Ashley Cole the England left back criticising him heavily for use of certain language towards the FA. Interestingly it isn't that long ago that the Prime Minister David Cameron used the same in relation to twitter itself (perhaps with less venom)(http://www.youtube.com/watch?v=d3Mrfut-FSw). Whilst the details of the two instances don't really interest me, they do show how difficult it is to control the use of social media by employees. Equally, it shows how quickly someone's opinion or language can reflect on them, or perhaps their employer. It is interesting to think about when the views of the individual are the views of the employer or not. I think the usefulness of a corporate twitter profile should now be obvious, if for no other reason than to be able to clearly distinguish between "corporate messaging" and employee "chatter". If a message comes from the company managed twitter it can clearly be identified as such, as opposed to an employee saying something on their personal account. Whether an employer chooses to take action against something an employee says is clearly their decision and may depend on the type of organisation they are. Restricting access to social media in the enterprise does have some benefits - 1) It might help to stop non-corporate tweets being directly linked to you. As tweets could be restricted so they don't originate from your network during working hours unless authorised. (although limited benefit -tweets can be done many other ways) 2) Can help stop malicious URL propagation by re-tweets - (it is not uncommon for staff to follow each other) so one bad re-tweet could get a URL to a large amount of staff at a company from what looks like a trusted source. Imposing restrictions on the corporate network use should be the norm but in my experience those that tweet personally do so from their smart phone via 3G so corporate network controls are ineffective. Corporate tweeters tend to (or should) use a desktop/tablet application that can provide statistics and so access can be managed. I have seen some organisations say it's acceptable to use social media on personal devices, but block it completely from corporate devices.. Clearly, this could be problematic in BYOD scenarios. If you already impose lifestyle restrictions on your employees, (very common in football clubs, media/entertainment and certain social roles) then including an "acceptable social media policy" into your brand management strategy is the way forward. This should outline your companies position on what it considers to be acceptable from an employee during their employment. This can then be incorporated into their employment contract. How you choose to enforce this is a different matter and likely to be very difficult. Managing by exception is common - censuring employees if a tweet/post/message is reported. I've seen very few organisations actively monitoring employee twitter activity mainly due to the privacy concerns and the amount of resources it takes to do so. Placing restrictions on social media use such as twitter or Facebook needs to be a considered decision and should be done in-line with the culture of your organisation. If you do allow it the risks should be considered and measures put in place to help prevent the technical vulnerabilities. If you are concerned about the risks associated with social media, and how to protect yourself please feel free to give me a call/email(07889 183207 - andrew.barratt@ptpconsultingllp.com).
Contact Details Mobile - 07889 183 207 Skype - andrewbarratt andrew.barratt@coalfire.com Andrew is an experienced IT and Information Security Consultant, PCI DSS advisor and QSA. As a…
Post articles and opinions on Manchester Professionals
to attract new clients and referrals. Feature in newsletters.
Join for free today and upload your articles for new contacts to read and enquire further.
