The internet phenomenon that is social networking has been one of the most talked-about security challenges of the past two or three years. However, the fear of the security threats should not stand in the way of exploiting the social media opportunities. Facts and tips to overcome the security challenges of social media in the workplace.
As soon as it became apparent that people were using their work as well as their personal internet connections to log on to external sites to share information – and, potentially, data – organisations began voicing their concerns. The worry was, and still is, that sites such as Facebook and Twitter might at best reduce people’s productivity and at worst pose a threat to information integrity.
Of particular concern has been the theory that the incoming generation of employees, reared on the internet and potentially blasé about security, will pose a major challenge for management. We often call them “Generation Y”.
Generation Y uses a different vocabulary, follows a different culture, has different demands, demonstrates a high speed of learning and has different expectations. They push the boundaries of older management. But is this a security threat?
The pace of change in terms of new media and social networking tools will frequently continue to outstrip our ability to check for technical security threats and counter them.
That said, the longer organisations spend debating the threats, the higher the danger that they will fall behind the curve when it comes to exploiting opportunities. And social media is a huge opportunity for businesses, which doesn’t mean we should look at the IT security threats. It’s not black or white: get the security basics right and embrace the advantages.
The social media benefits outweigh the security challenges
The social web is a driver of change and change can be scary. There are challenges – and solutions – for implementing social networking tools and using them safely in the workplace while demonstrating business value and creating an environment for young talent to grow and want to stay with your organisation.
The convergence of external and internal applications will proceed at pace and, certainly, the risk of data leakage is a very real one as people (of all generations, but particularly younger employees) increasingly blur the boundaries between their public/private and personal/professional lives.
The trick is to help people manage the fuzzy boundaries between their public/private and personal/professional lives. It is a challenge – but not a threat.
Practical advice to solve the social media security challenge and engage your employees
At their heart, social networking sites are about collaboration and sharing ideas. Both of these things are the very lifeblood of innovation and organisations must find a way of embracing rather than banning them.
- Make the social networking tools available.
You can’t – or at least will find it increasingly difficult and counter-productive to – stop people using tools that they have grown up with, that are so ingrained into their way of life.
- Divorce management issues from the security challenge equation.
For example, worrying about whether employees will ‘waste time’ chatting on Facebook is only a modern incarnation of worrying if they’ll ‘waste time’ chatting at the water cooler. Motivating people and optimising productivity is a management issue, not a security one.
- Train and inform your employees about social media.
It is possible to make any web-based tool secure, with the right technology, the right training and the right level of awareness among the workforce. And so, again, education is key:
- Make your security policy on social networking usage relevant to your social savvy employees. Listen to them, engage, and participate.
- Never say no! They will just go round you.
- Embrace the younger generation’s needs – it will accelerate innovation.
- As with any other application, layer up the technology to ensure that data is encrypted and secure, and that access controls to sensitive information are appropriate to the user.