Organizations are adopting social media tools within their networks at increasing rates, yet the legal and compliance risks are often not fully understood or addressed. A recent Forrester report noted that more than half of security decision-makers and influencers at enterprises reported that they were “concerned” or “very concerned” about the inability to meet regulatory obligations using social media platforms.
According to the report, critical reliance on third parties for information collection and capture, rapidly rising social media content volume and fast-changing applications, and the difficulty of ensuring authentication all make it difficult for security professionals to keep up with the legal and regulatory compliance associated with social media.
The report suggested that security pros should look to financial services for guidance on social media risks, keeping in mind that retention obligations clearly apply to social media, retention obligations also apply to both corporate- and employee-owned mobile devices, and firms should monitor and provide ongoing training to employees.
Above all, critical steps that security professionals must take in order to respond to the risks that social media poses include the following:
1. Build effective policies governing social media usage in your enterprise.
Your social media policy should cover what your organization will and will not do online, what your employees can and cannot do, and what members of the public can and cannot do on your social media sites.
2. Determine how tools that control social media fit into broader information governance.
Look before you leap when it comes to adopting tools that help enforce social media controls and make sure they’ll integrate with your company’s existing systems.
3. Incorporate flexibility and continuous monitoring in social media.
Social media is constantly innovating end evolving – your organization will need to do so as well.