Post written by: Cassandra Luppens, Controls & Risk Compliance Expert
Here we are in the 21st century. We monitor our trading, we monitor our friends, we get real time information (or as real time as we can), yet big brother is still trying to hold us back. Why is it that so many of corporate america can’t seem to catch up to the trends? Are they going to miss out on the best and brightest because of their hesitation? Seems to me that every time a new technology starts to take roots the people who should be embracing it tend to dismiss or defend against why we shouldn’t have or use the new technology. I know information directors that don’t have computers at home and believe it or not there are still executives that have all their email correspondence printed for them and they dictate or write the responses for their administrative assistance (I know, seems like a cliché from 9 to 5 with Dolly Parton). Ok, so lets get down to brass knuckles, why is it that adaptation comes so easy to some and so hard to others? It’s a risk perception whether it be personally or professionally. People innately evaluate the cost benefit to themselves and or their company.
On a personal level the risks are minimal to the population. If I were to get hacked my identity might get stolen and I would be in a world of hurt, and may even face some public retribution, but overall the impact would be isolated. Even so, some people choose not to assume this risk and choose not to participate in social media which is an individual preference. Now let’s talk about corporate risk. Many people would argue that the number one risk associated to social media is reputation. The thought is that if you allow your employees to access these sites, it could pose a reputational risk that you are unable to address. Funny, when I write reviews about a company or service I receive it isn’t as though I work for that company, rather I received their service. I would say that the inability to receive or view that feedback could lead to more negative connotations vs. the ability to receive that information and prepare an appropriate response. Another difficulty to companies limiting their employees is the lack of control of those employees when away from the office. This is why I argue that the number one risk associated to social media is ignoring it. The lack of accepting social media as a successful form of communication could really hurt your company through lack of your participation in the conversation. And believe me, the conversation is already going.
Another interesting standpoint to social media is the freedom of the information. When people post public information, it is very difficult to remove it from every source possible on the internet. This allows people and companies to view their information without any risk of invasion of privacy because most the sites with the exception of Facebook are open communities. There are all sorts of tools that you can use to monitor traffic as it pertains to your company, brand, and even industry. If you haven’t already started, just set up some google alerts to see what is being circulated about your company.
Other risks associated to social media are the liability risks and enterprise security risk which each have their own subcategories such as personal information, financial information, legal liabilities, network risk etc. These are the risks that any company has regardless of their stated participation level or acceptance of social media. Someone somewhere in your employee population is participating, therefore your company is as well. Guilty by association. The best way to address these risks is to address the population with training and policy. Note that training was first on my list because of the trust factor that seems to be imbedded with all users of the internet, people need to understand the risks associated — how many times have you clicked a link that you didn’t really know where it was going to send you? Most employees don’t understand that clicking that link is risky business.