Social Media Best Bets: Stacking the deck against organizational risk
November 2, 2011
Toronto, November 2, 2011 Would you wager your company's security? A subcontractor tweets, celebrating the conclusion of a major, confidential project; alerting competitors, customers, and suppliers, it results in millions of dollars of lost sales. Or an employee gets charged with a serious offense and the companys name gets mentioned repeatedly in the news reports due to a connection to your organization in social media. The probability of these scenarios happening are likely more probable than you can imagine. Rarely are risks thought about when it comes to social media, let alone how to protect against them. At an organizational level, the responsibility for protecting corporate assets, including customer information, trade secrets, and ultimately the brand, falls to IT security professionals.
Sadly, IT is inadequately equipped to do this this job. Sometimes they are stretched too thin and don't have the necessary resources to stay ahead of security threats. Sometimes the threat lay beyond the reach of IT in the form of mobile phones. "Sometimes the organizations themselves don't have a comprehensive social media policy," says Randall Craig, social media and web strategist and author of the Online PR and Social Media series, "which means that individuals have their own ideas of what is acceptable and not."
"Clearly, for an organization to manage social media risk effectively it needs to delegate information security responsibility well beyond the IT group, " adds Randall Craig. This is a challenge when many managers cannot identify more than a small handful of potential problem areas. With such a broad range of threats to protect against, how might one embed a social media security mindset within an organization?
Craig offers the following five-step process:
1. Executive Briefing: Senior management must be educated both on social media strategy, but with an embedded risk management context. It is no longer acceptable to propose a strategy without acknowledging and protecting against the risks. Senior managers ask great questions; an executive briefing gives them the data points to do so.
2. Develop a social media policy to reduce risk. Going through the discussions and knowledge transfer that occur as the policy is being formulated is far more powerful than merely adopting a generic off-the-shelf policy.
3. Develop a social media strategy: Usually done concurrently with the policy work, the strategy binds the organizations goals to specific activities at an individual or departmental level.
4. Communication and Training: This is the mechanism to connect the policy to the people. It is not possible to manage, or measure, without first letting people know whats expected of them, or how to actually use the tools.
5. Monitoring: Monitoring fulfills the dual objectives of evaluating the effectiveness of strategy, while at the same time surfacing risks.
Though this process is designed for the organization, it is also a good idea to look at your personal actions to mitigate personal risk as well. It is significantly easier to mitigate and manage risk than it is to deal with the aftermath of a breech. Stack the deck and remove the gamble of social media without ending the conversation.
Since 1994, Randall Craig has advised on web and social media strategy. Craig is the author of six books including Social Media for Business and the Online PR and Social Media series. For more information on Randall' Craig and social media visit www.RandallCraig.com.
For information contact:
416.256.7773 x101 / Randall@ptadvisors.com
416.256.7773 x 103 / Carolyn@ptadvisors.comFor more information contact
Pinetree Advisors Inc.
Phone: 416-256-7773 x103
Website: www.RandallCraig.comClick here to view our Sources Listing: