Now might be the best time to address the issue of an enterprise’s employees’ use of social media and whether a business should—or even has the right to—regulate their employees’ use of Facebook, blogs, Twitter, and other sites known as “social media” sites. This has become a concern as of late because now that Facebook is well over five years old, it does not look to be a fad that is going away. It has become a breeding ground for computer viruses and worms, such as the one circulating this week. It has also been a platform for social engineering attack tactics. Similarly, blogs (including this one) have been occasionally prone to spammers and potential attackers.
Even beyond the virus and social engineering risks associated with social media sites, business are faced with several dilemmas surrounding social networking. These include the following:
- Content filtering: Businesses must decide whether to completely block sites such as facebook.com or blogspot.com so that employees spend less time wasted on the internet and more time working. On the other hand, some Facebook pages or blogs (especially the GraVoc News Blog) could provide helpful information.
- The Organization’s Use of Social Media: GraVoc obviously has a blog and a Facebook account, as do many of our clients. In fact, one of the services we provide is helping a business leverage social media as a business tool. But who is responsible for updating and regulating content posted on these sites? Is the organization going to devote several hours of labor to monitor employees’ status updates and/or regularly write articles like this one?
- Employees’ Behavior on Social Media: Organizations don’t want their employees to be posting Twitter updates or blog posts about how much they hate their boss, how rudely they were treated by a customer, or how they are not motivated to be working on a Friday afternoon. They also don’t want their employees to be posting R-rated material on their Facebook page while listing who their employer is on their profile.
Ultimately, it is most likely going to become necessary for most businesses, even the smallest businesses, to develop written policies dictating what is allowed and not allowed on social media outlets. For liability purposes, it is probably necessary to document what an employee is responsible for and what the employee can or cannot do surrounding social media and how they can affect the organization’s reputation or information systems.
GraVoc Associates, Inc, a Peabody, MA-based technology consulting firm, uses social media including a Facebook page and the GraVoc News Blog to inform customers, potential customers, and friends about relevant topics such as this one. GraVoc’s practices of information systems, information security, and professional services interact with social networking from several different directions, as GraVoc provides information security services that could help an organization draft policies or detect social engineering tactics, web 2.0 development services that help businesses generate business through these sites, and IT services that could help an organization safeguard itself with technological risks associated with the use of social networking sites. For more information about the wide variety of services offered by the organization, please visit http://www.gravoc.com.
