Is your organization properly monitoring and managing the use of social networking websites like Facebook, Twitter, and LinkedIn by your employees? Here is a primer on what you need to know and why it matters.
The use of social networking websites such as Facebook, Twitter and Linkedin is exploding, with some using them even while in the workplace. While these sites offer work-related benefits such as fostering better workplace communication and collaboration, they also expose the organization to risks as well. Some of the risks borne out of social networks include the mundane—such as potentially embarrassing the company through inappropriate posts online, to the serious—such as security threats via viruses and malware or through the inappropriate sharing of proprietary or confidential material. This begs the question: are companies properly managing the use of social networking sites of employees at work?
In a survey recently published by the Society of Corporate Compliance and Ethics with the Healthcare Compliance Association, it was discovered that for most companies, this was clearly not the case. With a sample of almost 800 respondents from for-profit, non-profit and government organizations, the survey revealed that half, or 50%, did not have a policy covering the use of social networking sites at work. Of those companies that do have a policy, 34% include it in a general policy on online usage, and just 10% specifically address the use of social networking sites.
About half of the respondents also reported that their employer also does not monitor the use of these sites, or at best has passive systems in place—usually being done by their security department. Yet despite this, a significant number, nearly one fourth of those surveyed, or 24%, report that their organization has had to discipline some employees for improper use of these sites.
Despite the suggestion from the research that a lot of companies do not yet have formal policies and governance systems in place to manage the online activities of employees in social networking sites, it suggests that over the long term it is something that they should do. Employees may be engaging in risky activities that the company is not aware of—and therefore, as with other online activities such as email, should be managed properly.
Do you agree? Or do you think that the fears of some organizations are bigger than the actual risk? Let us know. We help companies understand more fully the risks associated with online activity and how to better monitor and manage them. We would be happy to speak with you on this subject and help you make sure that your data and systems are safe.