Social networking: The ‘what not to do’ guide for organisations
Summary
The article explores the changing landscape of social media integration within organizations, noting a shift from initial resistance driven by security concerns to a more pragmatic approach focused on risk management and employee education. Initially, IT security professionals favored blocking social media platforms like Facebook, Twitter, and LinkedIn due to inherent risks. However, this approach proved ineffective as employees circumvented controls. A recent survey by the Corporate IT Forum indicates a growing acceptance and tactical use of social media, particularly Twitter and LinkedIn, driven by demands from marketing and business units.
The article highlights the need for IT to transition from a controlling role to a facilitating one, emphasizing education and acceptance of risk. Experts like Robert Stroud of ISACA point out that social media is essentially cloud computing and cannot be ignored, while Ewan MacLeod stresses the importance of security professionals delivering value rather than hindering progress. The rapid pace of technological change and the presence of multiple generations in the workforce—from baby boomers to digital natives—add complexity to the situation.
Furthermore, the article identifies key risks associated with social media use, including malware, brand hijacking, and compliance issues. It emphasizes the importance of clear policies, tailored security solutions, and a shift in mindset among information security professionals to embrace the opportunities presented by social media while mitigating potential threats. Ultimately, the message is to adapt, understand the risks, and facilitate responsible social media integration within the organization.
(Source:Infosecurity Magazine)