If you don’t read anything else about data management and protection as we enter the New Year, there’s one resource that should be at the top of every organization’s list, in every industry. It’s a brand-new Osterman Research Report that shares Best Practices for Archiving and Securing Social Media and Collaboration Platforms.
The reason that this report is so important to your organization’s plans for 2018 from a business, legal, compliance, and IT perspective is revealed by one of the white paper’s primary findings: the vast majority of organizations of all sizes are severely lacking in their data management and governance policies when it comes to social media and other cloud collaboration platforms.
This is a major omission, especially when we recognize that most organizations do have well-established archiving policies in place for corporate email and file shares. While securing email is a great start, it’s certainly not enough in today’s world, where countless organizations have found themselves caught in a compromising position caused by a malware infection that infiltrated via a social media channel or collaboration system — most commonly Facebook.
While some companies may feel secure using non-enterprise social media tools without retaining social media content from their non-enterprise accounts, this is foolish, since such tools are unlikely to protect account access and content beyond the degree required to satisfy corporate security policies. Yet even though fewer than three in five organizations retain social media content from their enterprise accounts, these social platforms often contain important business information, just like corporate emails do.
With this in mind, I suggest that every company put the following item at the top of their list of New Year’s resolutions this year: Consider and implement the five best practices below in the context of proper management of social media and collaboration tools.
Ask Questions To Learn Why Social Tools Are Used
IT administrators and other decision makers can’t determine how to properly manage their company’s social media without first gaining a full and complete understanding of exactly how social media and collaboration tools are being used throughout the organization. Ask the questions below as a starting point to gather intelligence from key stakeholders that will illuminate corporate usage of social platforms and collaboration tools. The answers to these questions are what should drive decisions about the level, policy, and technology implementation required to manage these tools:
Develop Detailed Social Policies
Armed with the answers to the usage questions above, decision makers next need to consider developing a thorough, written social media policy—regardless of whether the company uses non-enterprise tools like Facebook or an enterprise-grade social media solution. When developing the policy, ensure that it is integrated with the company’s overall communications policies, clearly defines the acceptable use of social media, and also states the right to monitor social media communications. Additionally, make social media policies granular so that different roles can be subject to different policies. The policy should also:
Continuously Manage How Staff Use Social Tools
Even after communicating social media policy, it’s important for organizations to deploy the right technologies for help monitoring social media posts for policy violations. Technology solutions can also help on the front end when it comes to malware, providing proactive protection. Three best practices in this arena include:
Archive Business Content From Social Tools
It’s important for IT to maintain an archive and log of all critical content in social media and collaboration tools. If in doubt, it may be smart to archive all social content rather than risk that some vital content could be missed. Each organization’s strategy, though, should largely depend on the industry in which it operates, as well as management’s risk tolerance and the advice of legal counsel.
When archiving and logging, it’s key to use a solution that ensures transparency into the identity of the people who use social media tools in the company, and that content can be tied back to each employee’s corporate identity. Also remember to retain the context of social media posts rather than just monitoring them. And don’t forget to archive business information in text messages, since regulatory bodies like FINRA have determined that information sent via text must be retained like other electronic communications.
Use Enterprise-Grade Solutions
At the end of the day, many of the organizational problems that come from social media are a result of employees using non-enterprise tools in the workplace, like Facebook. As a safer alternative to safeguard corporate data, decision makers should think about changing this form of social out with an enterprise-grade social media or collaboration solution. It’s nothing against Facebook, it’s just that enterprise-grade tools offer features and functions that can address many of the security and archiving concerns that are raised by consumer-focused tools.
As you ponder adding these five best practices to your New Year’s resolutions, I’ll leave you with this thought: social media usage—both from “official” corporate accounts and employees’ personal ones—is on the rise. As organizations grapple with how to manage and monitor these various forms of social media and the content that flows through it, IT decision makers must consider the value of a solution that can archive multiple content types, not just email or just social media. A single archive managed via a single interface will blow a set of siloed solutions out of the water from an efficiency standpoint, as well as a security one.
Bill Tolson is Vice President of Marketing for Archive360.