Social media is pervasive in the workplace, not only by employees for their personal use, but also for business purposes. For example, 73% of the organizations surveyed for a white paper that we recently published employ Facebook for business reasons, 64% use LinkedIn, and 56% use Twitter, in addition to a variety of other social media platforms. Moreover, a large and growing proportion of organizations use enterprise social media platforms, such Microsoft SharePoint, various Cisco social media tools, Microsoft Yammer, Salesforce Chatter and IBM Connections, among many others.

The use of social media provides a number of important benefits that help organizations to become more efficient, that help users speed the decision-making process, and that allow information sharing in a way that is not possible or practical otherwise. However, the use of social media – whether consumer-focused or enterprise-grade – comes with several risks and costs:

• The increased likelihood that malicious content can enter an organization through a social media channel. Our research found that 18% of organizations have experienced malware infiltration through social media, although a substantially larger proportion simply don’t know how malware entered.
• The greater likelihood of breaching sensitive or confidential data, either through inadvertent actions on the part of employees, such as unmanaged sharing of geolocation data, or malicious employee activities.
• The inability to retain the relevant business records and other information that organizations are obligated to preserve. Our research found that 43% of organizations that have deployed an enterprise social platform do not archive information from it, yet 26% have had to produce content for eDiscovery from the platform.

To address these issues and mitigate the risks associated with the use of social media, every organization that permits social media use (as well as those that permit it but don’t block it) should implement a variety of best practices:

• Conduct an internal audit of social media use to determine which tools are being used, why they are in use, and the business value that organizations are deriving or potentially can derive from them. The analysis that flows from this audit should also consider the consequences of forbidding certain social media tools, if they decide that’s warranted, including the impact it will have on customer relationships and employee morale.
• Implement appropriate policies that will address employees’ acceptable use of social media tools, identify which roles in the organization should have rights to specific social media features and functions, and clearly spell out the rights of the organization to monitor, manage and archive social media use and content.
• Ensure that employees are trained on corporate social media policies and that they are kept up-to-date on policy changes.
• Deploy the appropriate technologies that will mitigate risks from malware and other threats delivered through social media and corporate social networks.
• Deploy solutions that will archive business records and other content contained in social media and corporate social networks.
• Implement an enterprise social media solution that will not only mitigate the risks associated with use of consumer-focused social media tools, but that will also provide enhanced communication, collaboration and information-sharing capabilities.

You can download our most recent white paper on enterprise social media here.