Social Media at Work: Balancing Risks and Rewards
Joe, a sales executive at a professional services firm, decided to walk back to the office after a meeting. The meeting with his target client went well -- so well he felt sure that he had secured the business. He pulled out his mobile device to update his social networking status. "Walking down 5th Ave. On my way back to the office. Great meeting with potential client."
Across town, Martin, who works at a competing professional services firm, was taking a break from his busy morning and logged into a social networking site on his laptop. Seeing the post, Martin knew exactly who Joe had been meeting with that morning. Martin picked up the phone and scheduled a meeting of his own. Soon after, Martin had secured the new business, leaving Joe to wonder how such a good opportunity had slipped through his fingers.
Assessing the dangers
As technologies advance and converge, they provide an increasingly mobile workforce with seemingly endless ways to connect and interact with colleagues, customers and clients. But at what risk?
Companies recognize that anywhere/anytime access presents enormous opportunities to improve customer relationships, boost sales and accelerate growth. But there are also risks in terms of data access and data leakage. The rise of social media heightens the risk that corporate strategies, new product development or other sensitive information could be inadvertently -- or intentionally -- shared with competitors or other inappropriate counterparties. Employees may also harm the business and its brand though simple association, uploading inappropriate comments or other content in their personal lives that is perceived to reflect on the company.
Ernst & Young's 2010 Global Information Security Survey found that 60% of organizations perceive an increase in the level of risk they face due to social networking, cloud computing and the use of personal devices. In truth, given these new technologies and practices, such risks can include "Joe's"minor lapse in judgment or a truly severe enterprise security breach.