White Paper Urges Companies Devise a Social Media Strategy

By Matthew Harwood

Whereas companies in the past may have banned the use of social media in-house because of security concerns, that practice is largely seen as self-defeating these days. Indeed, the social media revolution has even gained traction inside the top Fortune Global 100 companies. According to Burson-Marsteller study from February, "65 percent of the largest 100 international companies have active accounts on Twitter, 54 percent have a Facebook fan page, 50 percent have a YouTube channel, and one-third (33 percent) have corporate blogs."

For a lot of companies these days, the debate isn't "Should we use social media to promote our business?" but "How can we do so securely?" A new white paper from ISACA, an association of IT and information systems professionals, tries to help by walking companies through the process of devising a social media strategy.

(See how social media was used to save lives after Haiti's earthquake by reading Joseph Straw's "Web 2.0 Helps in Disaster" from the June 2010 issue of Security Management.)

"To effectively control social media usage by both the enterprise and employees, a documented strategy (and associated policies and procedures) should be developed with the involvement of all relevant stakeholders," ISACA's white paper—Social Media: Business Benefits and Security, Governance, and Assurance Perspectives (.pdf)—advises.

The white paper addresses three areas of social media use—personal use in the workplace, personal use outside the workplace, and business use— to minimize security vulnerabilities and protect company information and its network from threats like malware and unauthorized disclosure.

♦ Screenshot of ISACA report "Social Media: Business Benefits and Security, Governance, and Assurance Perspectives."


As Web 2.0 becomes more

As Web 2.0 becomes more accepted by enterprise companies we will continue to see the line between personal and business blurring.  Many companies are now encouraging their employees to build their own personal online brand, and in doing so they are asking them to throw the company a bone every so often.  Facebook and Twitter are now a complete blur of business to personal use.  Although LinkedIn is still most widely used as a digital business card, or digital network site, as the company looks to create more revenue I believe we will see the lines blur there as well.  Creating and sharing data has never been easier, whether it is through a Tweet, email or sms blast.  This ease makes everyone, every employee a sounding board and a vocal piece for their company.  Social Media is basically where "websites" were about 15 years ago.  Back then you had to convince a company that being online is important, now we have to convice them that have a social media brand is important.  Who knows what differences we'll see with the onslaught of the semantic web.

Carly S.

View Recent News (by day)


Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.