First off, before diving in I want to clearly state that I am a huge proponent of using social media and Enterprise 2.0 tools both internally and externally for a company. That being said, I believe in order to be successful in evangelizing your efforts, you need to meet with the folks that could potentially put a stop to your plans. Many fail to address the up front work it requires to build a strong security and social media policy as it pertains to these tools and sites within their organization. A lot of attention usually gets paid to how useful these things can be to a business whether that be through marketing, customer care, or sales teams. We paint a model of new customer engagement, new sales channels and a wonderful world of connections and possibilities. However, there are risks associated with doing this. Many corporate security experts will tell you: “If something has the potential to get us in the papers (negatively), we need to be hyper sensitive on how we treat it.” Social media certainly falls into this category. I could choose from a variety of examples, but most recently the GM F-Bomb Tweet and Kenneth Cole’s Egypt-Themed Tweet showcase the ease at which accidents can happen. Other issues could occur such as “time-wasting”, “discussions of IP sharing”, or inappropriate material being viewed or posted to sites. When issues like these happen without a proper policy and plan for these types of events, the result is what I call the “Social Media Knee Jerk.” Shut it down. Shut it all down while we sort this out.
I am sure there are many reasons why people fail to engage the right security and policy teams up front. I can think of a few:
- Lack of knowledge into how it’s done.
- Cloud software is so easy to deploy it may not occur to someone that this could be an issue.
- Perception that security and policy orgs are too slow and may not see the benefits.
- Social media is too big of a space and lack of education drives blanket policies that they don’t want to fall under.
Corporations need to move to a model of working with the very teams they tried to avoid, and do so, up front early in the process. Sure, it may be painful at first, but I think most security and policy teams are starting to realize the importance of tools like these (if they haven’t already) and why they are needed to help you do your jobs better. Most will tell you that it’s a matter of risk management to ensure the company is covered in the event that something should happen (which it likely will). Another thing to think about is legislation may change periodically in how companies deal with social media, so having this up-front dialog may not only protect the company, but protect the employees as well. Collaborating with these teams up front also will serve as a way to educate on the business case and the type of work you’re doing and why it’s important to your job.
So to ensure long-term success of your social medial and E20 efforts, engage early and often and don’t fall victim to a ‘knee jerk’ that will halt the process and have you answering questions why it occurred in the first place.