Social networks are now a part of everyday life, with thousands of midmarket companies using social media for business reasons. Whether it is to share pictures with your loved ones,
Social network providers own all the data they hold. As soon as you place something -- pictures, bios, news items or anything else -- onto a social network, the network provider becomes the owner of the content and can therefore use it however it wants. Removing this information from the social network can be nearly impossible at times.
Is it so bad? It depends. You must be a member to access social networks, but that membership offers little protection for your information since anyone can join. In fact, on networks such as Facebook.com, anyone can create a page for an organization or an entity by saying they have a right to do it , even if they are not members of that social network.
Organizations must ensure that the information on a social network is ready for public consumption and authorized for official release. The best way to do this is to ensure that your social network operators -- the personnel dedicated to the upkeep of your organization's social network presence -- are aware of the key categorizations of your organizational data. At least four categorizations are required:
- Public information: Intended for consumption by the general public. It promotes your organization's products and services and generally encourages the public to work with your organization.
- Internal information: Not designed for public consumption. It generally includes your customs and practices for the operation of your organization.
- Confidential information: Vital to the operation of your organization and can be damaging if released. For example, competitors can gain an advantage over your organization if they obtain this information.
- Secret information: Explicit and required information for running your organization. Releasing this information to the public could seriously damage your organization's effectiveness in achieving its goals and objectives.
Each of these information categories requires different levels of protection within and without your organization (see Figure 1).
Figure 1. When using social media for business, categorize information from within your organization.
Ensure your organization's most vital information will never be out of your control, such as on a social network, by making your social network operators understand these information security levels. Social networks are here to stay. They are such a popular mechanism for information exchange and they are now part of the social fabric for so many Internet users that organizations of all sizes can profit from their wide adoption.
Creating an official social network policy, assigning active personnel with the responsibility of updating and maintaining a presence on the social network and ensuring that this personnel is aware of information that is "Facebook-ready" -- or verboten for the masses -- is the only way to make sure your organization will take advantage of the benefits of these networks without risking its own internal secrets. Be careful how you use them, but use them to your advantage.
Danielle and Nelson Ruest are IT experts focused on virtualization, continuous service availability and infrastructure optimization. They have written multiple books, including Virtualization: A Beginner's Guide for McGraw-Hill Osborne, and MCTS Self-Paced Training Kit (Exam 70-652): Configuring Windows Server Virtualization with Hyper-V for Microsoft Press. Contact them at email@example.com or firstname.lastname@example.org.
This was first published in March 2011