5 Steps To Google+ Compliance - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Software // Social

5 Steps To Google+ Compliance

Your business can gain the benefits of social media marketing and collaboration without risking a compliance nightmare. Here's how.

10 Crowdsourcing Success Stories
Slideshow: 10 Crowdsourcing Success Stories
(click image for larger view and for slideshow)
Social networks have proven their value to businesses in the form of better customer communications and increased brand recognition. However, once social networking is used for the dissemination of information between employees, vendors, teams, and external personnel, concerns about compliance should become a major issue. After all, compliance regulations are meant to keep information secure and control the distribution of information that is deemed sensitive.

Compliance concerns affect businesses in many different ways--depending of course on the regulation that a business is subject to. For public companies there are regulations set forth in Sarbanes-Oxley (SOX) legislation, while healthcare organizations are bound by Health Insurance Portability and Accountability Act regulations, retail establishments have to follow Payment Card Industry regulation, and other professions--such as law, financial services, and others--have their own sets of rules to follow.

Now that Google is looking to launch a social networking solution for businesses, based upon its newly minted Google+ offering, compliance concerns are going to grow exponentially for many businesses, simply because any technology that makes it easier to share information makes information that much easier to share.

Therein lies the problem--how does an IT manager control that information and make sure that the information does not violate compliance rules, expose proprietary intellectual property, or potentially reveal trade secrets?

Here are five tips on how to remain compliant in a world driven by social networking:

1. Block Access: The most obvious way to protect a company and its data from compliance violations is to simply block access to social networking sites. It is an easy concept, but also proves difficult to execute. Blocking access requires advanced firewall settings, or possibly purchasing security appliances. However, the simplest way to build an effective blocking technique may be by incorporating Web-filtering software or hardware. Here, policies can be implemented that will block access to those sites.

2. Deploy Data Leakage Protection Technologies: For some, the answer may be to simply control the content that enters and leaves the network. With DLP, data is examined during transit to make sure it does not contain information that violates compliance policies. DLP is one step above filtering, because it allows access, yet examines inbound and outbound traffic.

3. Education: Perhaps one of the most basic methods to protect data is to educate the end users. By informing users of company policy, compliance requirements, and having them sign an agreement to protect data, most, if not all, compliance issues can be prevented. However, education usually proves to be the hardest solution to pull off.

4. Control Access: Limit access to social networking sites to those who only need it as part of their job function and define clear-cut policies on what is and what is not acceptable communications. To enforce limited access, you may have to rely on implementing the first three steps above to make controlled access possible.

5. Define Policies: A majority of companies lack comprehensive policies for social networking. Although policies tie into employee education, the fact is that most policies do not target the rules and regulations surrounding social networking and legislative compliance requirements. Clear-cut policies help to educate employees, define acceptable behavior, and ease auditing--all of which are key components of effective compliance enforcement.

With a little forethought and a bit of planning, the benefits offered by business social networking can be realized by most businesses, without risking a compliance nightmare.

At the 2011 InformationWeek 500 Conference, C-level executives from leading global companies will gather to discuss how their organizations are turbo-charging business execution and growth--how their accelerated enterprises manage cash more effectively, invest more wisely, delight customers more consistently, manage risk more profitably. The conference will feature a range of keynote, panel, and workshop sessions. St. Regis Monarch Beach, Calif., Sept. 11-13. Find out more and register.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

Commentary
New Storage Trends Promise to Help Enterprises Handle a Data Avalanche
John Edwards, Technology Journalist & Author,  4/1/2021
Slideshows
11 Things IT Professionals Wish They Knew Earlier in Their Careers
Lisa Morgan, Freelance Writer,  4/6/2021
Commentary
How to Submit a Column to InformationWeek
InformationWeek Staff 4/9/2021
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
Successful Strategies for Digital Transformation
Download this report to learn about the latest technologies and best practices or ensuring a successful transition from outdated business transformation tactics.
Slideshows
Flash Poll