/* Style Definitions */
mso-padding-alt:0cm 5.4pt 0cm 5.4pt;
font-family:”Times New Roman”;
Today’s guest blogger is Ajay Madan. Ajay heads the Quality Assurance division of FaceTime.
He has several years of experience working on products related to Network
Security and Compliance. He is actively involved in working with the product and
support engineering teams in devising and implementing processes and
methodologies that ensure a high degree of quality for FaceTime’s products. He
has been closely tracking the developments in the social media space, the
business impact due to the same and shares some of his thoughts in this
Take it away Ajay.
In recent months, there has been an increasing media attention
on social networking sites; and how this impacts business, compliance, security
and so on. Some staggering statistics (which I reference later in this article)
have been thrown in to demonstrate the crazy adoption rates of the social media.
Social media, it appears, is here to stay and companies are now understanding
that it’s not about blocking access now, but realizing that controlling and
enabling access is the way forward.. It would sound naive to assume leadership
teams in companies haven’t yet begun this process, some still block access,
others are engaging with vendors that help manage and control the use of social
media, and some are just giving it some more time. So in this post, I don’t
focus too much on the statistics or impact of social media but look at the next
steps for companies who understand the need to manage social media.
There are several aspects for CIOs/Head of IT departments to
consider while evaluating policies for social media as well as for evaluating solutions
to manage social media usage in the network.
FINRA in their recent webinar indicated that companies will
not be given a compliance grace period because Social Media technology is new
and evolving. FINRA has asked companies to not allow usage of Social Media if
they cannot supervise it or the social media site does not support archival.
Bottom line – Companies must retain, archive and retrieve to be compliant.
If you are in a regulated industry, such as the financial
services sector, you need to consider tools that either allow you to block
access to unsanctioned social media and/or invest in a solution that allows you
to monitor, archive and review content posted through social media.
Perhaps another key question in the IT manager’s mind
pertains to security, There can be several concerns in this area –
- Its possible that users may leak sensitive information
about the company through a post on Twitter or Facebook Wall
- Users in a regulated industry sending information -
perhaps patient information via Facebook or Twitter
- Users with, lets say, corporate Facebook accounts using
foul language in their posts.
- The potential for hidden malware, Trojans and the like in
applications, perhaps such as the myriad of games and applets on Facebook.
A solution for Web 2.0 should provide or extend security
controls to social media to address such concerns.
Some industries require a rich policy framework or workflow
that allows the following -
- Ability to be able to moderate posts on social media before
they are allowed to be posted to the actual site
- Ability to capture or moderate content that matches
certain lexicons or pre-configured policy elements.
- Workflow for compliance officers to review the posted
- Workflow to archive content for long term storage by
inter-operating with enterprise archival systems and easy retrieval.
There are certainly organizations and industries that do not
have compliance requirements for social media, but who do need controls on
bandwidth consumption. The common problem today is that companies have no way
to measure the amount of time employees spend on social networking websites and
in the past this has been recognized as a huge problem as it potentially
impacts productivity. Hence this could be a core requirement for many
Consider looking at solutions that allow you to set
bandwidth limits for usage of social media.
Existing Infrastructure Considerations
Many IT departments are wary of having multiple vendors for
different communication modalities and for the ease of management prefer to select
those that provide functionality across all the considerations I referenced -
as well as being able to provide these functionalities across other
communications modalities, like IM and Unified Communications.
Consider an Evolving Market
Social media is new technology and will continue to evolve.
Companies should look at solutions providers who have expertise in real time
communications traffic, at those who adapt quickly to new technologies and who
consider social media as part of a communications strategy, not in isolation.
Finally, I want to plug the solution that I work on. I’ve
been with this product since it’s inception and have seen it grow to become the
first Secure Web Gateway that combines features, functions and controls for
social media alongside other communications modalities. Our Unified Security Gateway is uniquely
positioned to address all the considerations I outlined above and helps
companies manage not just social media across a broad spectrum of requirements
- but web traffic on the whole, and more than 4,000 web and internet
applications, from IM to remote control tools, to P2P tools.
Now, I’ll leave you with some pretty phenomenal statistics
if you know any of those folks who are looking the other way when it comes to
adopting social media.
But do check back on March 2nd when we launch the results of our fifth annual survey – and let me know what YOU’RE doing with social media.