There’s a lot of discussion in our company, and in many others, about how people should be able to use social media, and what guidance employees should have to use it in their personal lives and on behalf of the company. Some companies see social media as a threat – and therefore want to prevent its use. Other companies see it as an opportunity and want to enable everyone in the company to blog/tweet/comment/video on behalf of the company.
Access to social media sites is blocked by the IT department of a company, the reasons given are to do with often associated with risk. This is an approach more common in highly regulated industries, where it may not be possible to discuss client service information openly.
But risk isn’t necessarily averted by locking a service out since staff will use it in their own time; eg if linkedin locked down on basis of cybercriminal social engineering attacks then you’ve only moved risk out of 9 to 5.
For some companies locking down social media use could be the right approach. But if you lock down personal use of social media, and don’t have an internal social media platform, it will not be possible to make effective use of social media to promote your company or defend the company’s reputation. You simply won’t have the skill base.
In fact this strategy will introduce risk, eventually you won’t be able to serve your clients – I recently heard of a case where the communications team could not see a facebook complaint that had been emailed to them because facebook was blocked. Even once they’d seen it they stated that their policy was not to respond to complaints made in social media. They’ve missed a simple opportunity to make things right.
The second common reason for blocking social media is out of fears of time wasting. Given the ubiquity of smart phones this isn’t a real solution either.
In this approach companies try to control their employees’ use of social media. Some tools may be blocked, or blocked temporarily, policies and rules will be implemented and monitoring may be in place with strong repercussions for misuse.
I understand the concerns about reputation that lead to a perception that control is the right answer, but it is not possible to control everything that is said about your company, and it’s not possible to monitor every account of every employer.
It’s essential that companies do have policies and do monitor and act, but it’s also reactive – you’re monitoring and acting on issues, not really preventing them from arising. So it’s not enough.
Use is open, there may be policies in place, but they focus on encouraging use and helping employees use it well. There may be good reasons not to follow an open policy for your company – but the top 100 employers are heading in this direction.
JRC have taken this to the extreme, posting just three rules and then leaving them blank. But if you work in a big company, or a highly regulated industry that may not be enough. Companies like TNT have included some “don’t’s” in their otherwise encouraging policy.
Whatever form your guidelins take it’s OK to present the possible negative outcome, I like the clarity offered by Best Buy;
Just in case you are forgetful or ignore the guidelines above, here’s what could happen. You could:
• Get fired (and it’s embarrassing to lose your job for something that’s so easily avoided)
• Get Best Buy in legal trouble with customers or investors
• Cost us the ability to get and keep customers
So which is the right approach to take? I would say be open, but then I’m bound to be biased. Take a hard look at what risks you need to consider, then be as open as you can be.