Social Networking Risks
Social networking is going corporate. The popular technology used by millions of people to share ideas and photos on MySpace, Facebook, LinkedIn and others is catching on at companies to improve productivity and communication among workers. Private, internal social networks make sense as companies grapple with a slumping economy that has made travel cost-prohibitive even as workforces are spread out as never before.
Risks enterprises face from social networking by employees:
- Indiscretion - Inadvertent disclosure of confidential information is also a risk. You wouldn't publish your organization chart and phone directory on the internet; but a head-hunter or identity thief can use information on social networking sites to reconstruct this kind of information.
- Broken privacy and identity theft - Some sites also allow third parties to run applications that have access to user profiles. This is a potential privacy risk. People publish a wealth of personal information in their profiles. This makes social networking sites a happy hunting ground for identity thieves and conmen.
- Cyber-slacking - Social networking sites can be addictive and time-consuming. Cyber-slacking is a genuine concern.
- Reputation risk - There is also a risk to your company's reputation. Social networking is more public and less formal than company email. It is also easier to use than blog software. It's easy to imagine employees posting pictures or text that would embarrass the company.
- Viruses and spyware - Social Networking sites have links and cookies that can do harm. In addition they often display advertisements.
The policies have just been updated to comply with all mandated requirements and include electronic forms that can be Emailed, filled out completely on the computer, routed and stored electronically -- a total solution.
We have just completed a major update of most of the individual polices and almost all of the electronic forms.
- CIO IT Infrastructure Policy Bundle (All of the policies below are included as individual MS Word files and a single PDF file. Electronic forms are all individual documents that are easily modifiable)
- Backup and Backup Retention Policy
- Blog and Personal Web Site Policy (Includes electronic Blog Compliance Agreement Form)
- BYOD Policy Template (Includes electronic BYOD Access and Use Agreement Form)
- Google Glass Policy (Includes Google Glass Access and Use Agreement Form)
- Incident Communication Plan Policy (Updated to include social networks as a communication path)
- Internet, e-Mail, Social Networking, Mobile Device, Electronic Communications, and Record Retention Policy(Includes 5 electronic forms to aid in the quick deployment of this policy)
- Mobile Device Access and Use Policy
- Patch Management Policy
- Outsourcing and Cloud Based File Sharing Policy
- Physical and Virtual Server Security Policy
- Privacy Compliance Policy - California Privacy Act
- Record Classification, Management, Retention, and Destruction Policy
- Safety Program (Includes mandated OSHA electronic forms)
- Sensitive Information Policy (CCPA, GDPR & HIPAA Compliant and includes electronic Sensitive Information Policy Compliance Agreement Form)
- Service Level Agreement (SLA) Policy Template with KPI Metrics
- Social Networking Policy (includes electronic form)
- Technology Acquisition Policy
- Telecommuting Policy (includes 8 electronic forms to effectively manage work at home staff)
- Text Messaging Sensitive and Confidential Information (includes electronic form)
- Travel, Electronic Meeting, and Off-Site Meeting Policy
- Wearable Device Policy
- IT Infrastructure Electronic Forms