Software // Social
News
7/14/2011
11:07 AM
Connect Directly
RSS
E-Mail
50%
50%

5 Steps To Google+ Compliance

Your business can gain the benefits of social media marketing and collaboration without risking a compliance nightmare. Here's how.

10 Crowdsourcing Success Stories
Slideshow: 10 Crowdsourcing Success Stories
(click image for larger view and for slideshow)
Social networks have proven their value to businesses in the form of better customer communications and increased brand recognition. However, once social networking is used for the dissemination of information between employees, vendors, teams, and external personnel, concerns about compliance should become a major issue. After all, compliance regulations are meant to keep information secure and control the distribution of information that is deemed sensitive.

Compliance concerns affect businesses in many different ways--depending of course on the regulation that a business is subject to. For public companies there are regulations set forth in Sarbanes-Oxley (SOX) legislation, while healthcare organizations are bound by Health Insurance Portability and Accountability Act regulations, retail establishments have to follow Payment Card Industry regulation, and other professions--such as law, financial services, and others--have their own sets of rules to follow.

Now that Google is looking to launch a social networking solution for businesses, based upon its newly minted Google+ offering, compliance concerns are going to grow exponentially for many businesses, simply because any technology that makes it easier to share information makes information that much easier to share.

Therein lies the problem--how does an IT manager control that information and make sure that the information does not violate compliance rules, expose proprietary intellectual property, or potentially reveal trade secrets?

Here are five tips on how to remain compliant in a world driven by social networking:

1. Block Access: The most obvious way to protect a company and its data from compliance violations is to simply block access to social networking sites. It is an easy concept, but also proves difficult to execute. Blocking access requires advanced firewall settings, or possibly purchasing security appliances. However, the simplest way to build an effective blocking technique may be by incorporating Web-filtering software or hardware. Here, policies can be implemented that will block access to those sites.

2. Deploy Data Leakage Protection Technologies: For some, the answer may be to simply control the content that enters and leaves the network. With DLP, data is examined during transit to make sure it does not contain information that violates compliance policies. DLP is one step above filtering, because it allows access, yet examines inbound and outbound traffic.

3. Education: Perhaps one of the most basic methods to protect data is to educate the end users. By informing users of company policy, compliance requirements, and having them sign an agreement to protect data, most, if not all, compliance issues can be prevented. However, education usually proves to be the hardest solution to pull off.

4. Control Access: Limit access to social networking sites to those who only need it as part of their job function and define clear-cut policies on what is and what is not acceptable communications. To enforce limited access, you may have to rely on implementing the first three steps above to make controlled access possible.

5. Define Policies: A majority of companies lack comprehensive policies for social networking. Although policies tie into employee education, the fact is that most policies do not target the rules and regulations surrounding social networking and legislative compliance requirements. Clear-cut policies help to educate employees, define acceptable behavior, and ease auditing--all of which are key components of effective compliance enforcement.

With a little forethought and a bit of planning, the benefits offered by business social networking can be realized by most businesses, without risking a compliance nightmare.

At the 2011 InformationWeek 500 Conference, C-level executives from leading global companies will gather to discuss how their organizations are turbo-charging business execution and growth--how their accelerated enterprises manage cash more effectively, invest more wisely, delight customers more consistently, manage risk more profitably. The conference will feature a range of keynote, panel, and workshop sessions. St. Regis Monarch Beach, Calif., Sept. 11-13. Find out more and register.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Deb Donston-Miller
50%
50%
Deb Donston-Miller,
User Rank: Apprentice
7/15/2011 | 6:18:07 PM
re: 5 Steps To Google+ Compliance
I would agree that #s 3 and 5 are huge. It's pretty amazing (and disturbing) what people *don't* know about social networking, in terms of reach and potential pitfalls. I think this is one of the reasons Google+ may eventually overtake Facebook (if not in number of users then in businesses using it). The ability to easily wall off your friends from your family from your professional contacts, and so on, is huge in terms of protecting data and privacy.

Deb Donston-Miller
Contributing Editor, The BrainYard
FritzNelson
50%
50%
FritzNelson,
User Rank: Apprentice
7/14/2011 | 7:44:31 PM
re: 5 Steps To Google+ Compliance
Personally, I think # 3 and # 5 are the only reasonable ones. Saying that you're just going to technologically block people from doing damage is the equivalent of saying that you're going to stop them from handing out confidential documents in AA's Admiral's Club, or tape their mouths so that they can't say inflammatory or liability-ridden things. People are going to do what they're going to do (meaning if they want to cause harm), even if they have to go to Starbucks and do it. If you can educate them and talk about it, that's the best thing.
Social is a Business Imperative
Social is a Business Imperative
The use of social media for a host of business purposes is rising. Indeed, social is quickly moving from cutting edge to business basic. Organizations that have so far ignored social - either because they thought it was a passing fad or just didnít have the resources to properly evaluate potential use cases and products - must start giving it serious consideration.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest September 24, 2014
Start improving branch office support by tapping public and private cloud resources to boost performance, increase worker productivity, and cut costs.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.