sarah carter, vice president, actiance, inc....linkedin by the numbers & what? site was launched...
TRANSCRIPT
1
Sarah Carter, Vice President, Actiance, Inc.
Learn the evolving risks of social networking, how educational
institutions are managing those risks and explore ideas for leveraging
this technology to support your compliance efforts
• Learn how to stop saying no to social media in the workplace
• Discover how compliance issues go far beyond data leakage
• Find out how you can moderate posts, filter content and archive
everything
1
2
Agenda
I’ll explain why I’m here
Social media has changed the way we communicate
Who wants to use it?
Why do they want to use it?
Cautions with Social Media
Who’s actually using it?
What are the risks of using social media
Best Practice for Using Social Media
So what can you control with Technology?
Why am I standing here today?
I run social media for Actiance
I have a global remit, with varied experience
– From driving taxi’s, to taking companies through IPO, to training teams on Social Media, to
implementing campaigns, to an officer of the company.
I work with clients in Financial Services, Utilities, Energy on policies, best practice Social Media adoption
I was a late adopter, but now
My name is Sarah and I’m social.
Twitter: @SarahActiance
LinkedIn: http://www.linkedin.com/in/sarahlouisecarter
Facebook: Actiance
3
3
The Internet has Changed
• Financial IM• Unified Communications• Web Conferencing• VoIP• Remote Admin Tools
• Financial IM• Unified Communications• Web Conferencing• VoIP• Remote Admin Tools
• Public IM• P2P• Anonymizers• VoIP• Social Networks• Games• Virtual Worlds• IPTV
• Public IM• P2P• Anonymizers• VoIP• Social Networks• Games• Virtual Worlds• IPTV
Source: FaceTime Annual Greynets Surveys 2007 – 2010 & Projected
Source: Actiance Annual Collaborative Internet Surveys 2008 – 2011 & Projected
The Enterprise and Web 2.0 Are Converging
2008 2009 2010 2011 2010 2009 2008
4
End Users Adopting Web 2.0 Faster Than IT Can Control
Actual customer traffic history (~155 organizations)
Representing all Internet activity from over 150K end users (Actiance Internet Survey 2010)
Source: Actiance Annual Internet Survey 2010
Why Use Social?
The size of the market 600m +90m + 140m
Listen, Learn, Discuss, Share, Collaborate
Our response is tribal
Generate buzz and increase visibility
Engagement for the future
Collaborate Worldwide, like never before
Strengthen Alumni connections
Extend your brand
5
LinkedIn by the Numbers & What?
Site was launched on May 5, 2003
Over 90 million users
2 billion people searches in 2010
All Fortune 500 executives are members
More than one million companies have LinkedIn Company Pages
LinkedIn Profile/Co page
Basic info
Employment history
Education
Summary
Facebook by the Numbers
Born on February 4, 2004
Over 600 million active users
700 billion minutes per month spent on Facebook
30 billion pieces of content shared each month
2.5 million websites have integrated with Facebook
Facebook Pages
Personal
Fan
Group
Community
Basic info
Credentials
Interests, hobbies, etc.
Objective
6
Twitter by the Numbers
Site was launched in July 2006
Over 190 million users
100 million tweets written per day
Over 1,100 tweets written per second
140-character limit for tweets
Twitter Profile
Basic info
Location
Brief description
Find Connections
Engage, Communicate,
Answer
So who’s using Social Media? And Why?
� Sales & Marketing� Promotions
� Advertising� Branding
� HR� Background checks� Recruiting
� Scientists & Researchers� Information exchange� Collaboration
� IT� Investigation of security breaches
� Students and Analysts� Collaboration
7
Social Media Types of Usage
Institution
– LinkedIn Company Pages
– Department Twitter Account
– Facebook Fan Page
– YouTube Channel
Individual Professional
– My LinkedIn Profile
� Groups I belong to
� Questions I answer
� Status updates I place
– My Facebook profile
� Family, friends, colleagues
– My Twitter Account (@SarahActiance)
� Personal commentary
� Professional promotion
What’s personal and what’s professional?Email address? ID as someone who works for the organization?what are the rules?
Presenting Significant Risks When Unmanaged
Data Leakage
Personal Information
Intellectual Property
Credit Card, SSN
Patient Records
Incoming Threats
Malware, Spyware
Viruses, Trojans
Inappropriate Content
User Behavior
Employee Productivity
Bandwidth Explosion
Every employee is the face of the business
9
Best Practices for Social Media Usage
Research social media usage
Draft a social media policy
Identify who needs access
Determine extent of access
Archive
Moderate, if necessary
Research social media usage
Find out if employees/students are already using social media to do work-related tasks
– How many public-facing pages do they have?
– How many Facebook, LinkedIn, and Twitter accounts do they have?
– Are they actively using these social media tools?
10
Draft a social media policy WITH THE STAKEHOLDERS
Be clear on what the policy covers
– Which sites
– Permissible uses
– Ramifications for breach
– Effective date
– Archiving policy
Disseminate the policy company-wide
– Make sure everyone understands it
Inform users of updates to the policy
Identify who needs access
What are the objectives for social media?
Who really needs to use to reach the objectives?
– Marketing
– HR, Admissions
– IT
– Legal
– Alumni / Researchers
11
Ensure your Users are Educated
Risks
Appropriate Actions
Sanctions
Compliance Requirements
Re Educate
Determine extent of use
Read-only?
Write-only?
Which sites?
Which sections/features of specific sites?
Engagement with Colleagues/Students?
Confidential and Proprietary © 2011, Actiance, Inc. All rights reserved.
12
Archiving
Archive everything relevant (what about irrelevance?)
Include posts to all social media sites, including messages that were blocked by the administrator
Log user activities for each site session
Retain data for however long the applicable legislation/regulations says for you to keep it
Moderation
If necessary, moderate or pre approve the content before external publication to ensure compliance (pre-review)
If it’s post-review, take down inappropriate content
Apply lexicons to make the review process more efficient
Use alerts to notify admins of questionable content
Use “warnings” to caution individuals about what they’re posting
13
Review and Revise
February 3, 2004
600 million people
Things change!
Appropriate Technological Controls
14
Appropriate Controls: The Basics
Who’s using social media in the organization?
Which groups or individuals need to be monitored?
What controls need to be applied?
How do I implement and manage the controls?
What can you control through Technology?
Identity management Ensure that all the different logins of an individual link back to corporate identity
Activity control Posting of content allowed for marketing but read-only for everyone else
Granular application control Employees can access Facebook, but not Facebook Chat or Facebook Games
Anti-malware Protect network against hidden phishing or Trojan attacks
Data leak prevention Protect organization from employees disclosing sensitive information
Moderation Messages posted only upon approval by designated officer
Logging and archiving Log all content posted to social networks
Export of data Export stored data to any email archive or WORM storage
Issue Control Requirements
27