Social media - part 3

Risk management

We like our risk management, don’t we? It allows us to identify risks, and take action to mitigate them. Risk Management can and should be applied to social media usage.

It makes good sense to manage the risk by having a very clear social media policy. If an organisation thinks that reduced productivity will be the result of allowing staff to have access to social media, they are missing the point. People who want to waste time will find a way to waste time! It is usually a sign that the employee is disengaged.

Social media can be an excellent way to engage people across the organisation, both internally, and with external stakeholders, as long as the social media policy is clear, relevant, and communicated.

The social media policy needs to have clear guidelines about confidential or proprietary information. It should make it very clear to employees what the employer expects of them when they use social media, both in work and on their personal time. It should include reference to the other policies that the employees are bound by, such as:

  • Anti-discrimination
  • Sexual harassment and bullying policies,
  • Referring to management, board, shareholders in social media and so on.

Make sure your employees know that they need to issue a disclaimer stating that opinions expressed in blogs, Twitter, Facebook etc are the employee’s own opinions, and do not necessarily reflect the opinions held by the company. This is now common practice, and serves to protect the brand and reputation of the organisation.

Read Part 1: Is social media really a risky business. Read Social media - Part 2: The benefits of social media.

Performance management and review should not be discounted as a means of reducing risk. Social media codes of conduct can be built into employees’ key performance indicators, and compliance with company policies is also a valid measure. Any inappropriate use of social media to the detriment of the organisation should immediately invoke a performance management meeting with the employee’s manager, and disciplinary action taken, as outlined in the social media policy.

We need to make sure that managers understand that this level of performance management is required of them as part of their own performance measure, and they cannot be negligent in this area. I know of organisations that won’t allow access to social media and adopt a ‘parental style’ approach to management, rather than have the hard conversation with the minority who may abuse the use of social media. Finally, one clear risk is the organisation not acknowledging the inevitability of the role social media is playing in our lives, both at home and at work. If we as employers don’t acknowledge and embrace social media, we are already on the back foot. The sooner we accept it, see the benefits, and put a social media Policy in place, the lower the risk to the organisation.

What Next?

Allow your staff to learn as much as they can via social media. Don’t just give one person the privilege; it limits the reach and the perspective. When you allow your staff to use social media, understand that they will use it sometimes to take a break from whatever they are concentrating on. If you do not allow it, they will find other means of getting ‘down time’, they will not be more productive, and they will definitely not be more engaged! We all need to feel trusted to do our jobs.

Focus on the results, not on the activities. Remember, you employed adults — so let them take responsibility for their own means of delivering the end result (within company policies of course).

Let them tell others what a great place it is to work, and how they can be creative and resourceful with the latest means of communicating and information gathering at their fingertips. You will end up the winner.

Join the CSO newsletter!

Error: Please check your email address.

Tags social media policyrisk managementproductivitybusinesssocial media

More about Facebook

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Breed Lewis

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts