As social networking becomes ubiquitous throughout enterprises -- whether for professional or personal use -- IT
organizations will have to put some teeth into social media governance or risk losing control. But playing Facebook and Twitter police doesn't have to mean that unified communications (UC) managers have to spend their days manually trolling users' status updates and tweets.
"We're starting to see products pop up that monitor what [employees share] on these sites," said Irwin Lazar, vice president of communications and collaboration research at Nemertes Research. "Many IT departments have dealt with this around email and messaging…. It's just a matter of extending it onto public social networks."
Enforcing social media governance may sound like a task for HR, but Lazar said the responsibility is falling on the shoulders of message compliance specialists, who are tasked with making sure employees aren't intentionally or inadvertently breaking policy with their posts and tweets.
About 14% of IT managers surveyed in December 2009 reported having data leaked through social networks, according to the fifth annual Usage Trends, End User Attitudes and IT Impact survey by FaceTime Communications, a UC security and compliance vendor. Another 18% said they have taken disciplinary action over incidents that occurred through employee use of social media.
"[Social media governance] is normally hitting the IT groups. They're getting told to either shut this down or tie it into whatever archiving or compliance policy they have," Lazar said. "I don't think you can put the genie back in the bottle, so it's more about defining acceptable use policy and managing [enforcement]."
If there are any companies out there that haven't let the social networking genie out of the bottle yet, Microsoft will be doing it for them. The new 2010 release of its email application Outlook will integrate with Facebook and MySpace, allowing users to find profiles for people in their contacts as well as view and post updates directly through Outlook.
"The ways in which people communicate and stay in touch have grown far beyond email," said Dev Balasubramanian, Outlook product manager. "All of these relationships start to bleed over … [so] it only makes sense we let you unify your networks."
It's a boon for enriching communication among enterprises, customers and partners, according to Melissa Webster, program vice president at IDC. But it also highlights the need for social media governance as "organizations today pretty much lack [social media] policies," she said.
"We can expect to see social media make its way into every enterprise app we use," Webster said. "[But] organizations are still sort of figuring out how to leverage those social connections without incurring more risk and still get benefits from [them]."
Lazar said he recently worked with a client -- an investment firm under heavy compliance pressures -- which had recently discovered that an employee had set up a Facebook fan page for the company. On the page, employees were answering customer questions about products without any oversight.
"It was happening all outside any compliance or [social media] governance mechanism," he said.
Gateway, archiving products help enforce social media governance
Despite the collision between personal and professional communications on mainstream social media networks, few IT shops are taking action. A recent report published by Cisco Systems found only one in seven companies had social media governance procedures in place.
Meanwhile, 95% of users said they use social media at work for business or personal reasons, according to a FaceTime survey. About 85% of IT managers flagged social networking sites specifically as bringing higher levels of risk to their organizations.
But social media governance should be familiar territory for enterprises that have had to meet instant messaging compliance requirements, Lazar said.
Two vendors focusing specifically on social media governance are FaceTime and Socialware, he said.
FaceTime sells an appliance, Secure Web Gateway, which monitors, controls and records content posted through the corporate network to social networking sites. It can preemptively control social media by setting and banning specific keywords that users try to post on sites such as Facebook and Twitter. Users can also configure the product to prevent the post, notify the user it was against policy, record the incident and alert an administrator.
Socialware launched a cloud-based Social Middleware Platform last month -- setting it up as the middleman between users and social networks, according to the vendor. The application can filter, tag and archive posts originating from the corporate network and posted to social media sites.
Hewlett-Packard is also dipping its toes in the social media governance waters with its records management software, HP TRIM, which it acquired in 2008 from Australian vendor TOWER Software. The latest version of TRIM will enable enterprises to archive any pages, documents and posts to its SharePoint sites.
"[SharePoint] is Microsoft's fastest-growing product, and we are seeing more and more business records being created on SharePoint sites," said Patrick Eitenbichler, director of product marketing for information management at HP. "From a compliance perspective, they need to be captured and retained."
Let us know what you think about the story; email: Jessica Scarpati, News Writer
Dig deeper on Social Networking for Business