The times they are a changing, security and proper user policies included. We all know that the user environment will change, but many companies are not reacting quickly enough to address these changes. How we long for the days when devices where physically secure and owned by the company. Consumerisation (no boundaries between personal and work life) and use of employee owned devices, are some of the recent examples of our brave new world. ‘Bring your own device’ and mobility in general altered the paradigm. Likewise, we are seeing changes in how those devices are being used by employees and customers. No longer can we simply prohibit personal use and ignore the violations of this policy.

Indeed, we need to not only understand how our systems are being used today, but also need to anticipate the road ahead. This author need only look to his 15 year old daughter and understand that new applications abound (to her, Facebook is for old people) and that there will be unanticipated uses of existing social networks (which likely will spur the next generation of tools). The lines between personal and business uses are being blurred, the expectation of privacy lines are overlapping into a tangled mess.

So how does a business deal with these complexities? Here, we intend to focus on an important shift: the use of social media. From a policy and education perspective, both start with a general framework. Social media can be addressed separately or in the context of existing policies. The social media component of a policy regime needs to address some basic points regarding use of social media such as requiring that the posts are accurate; do not violate laws; do not infringe on the company’s intellectual property; and do not include defamatory statements. The policy should provide specific examples and avoid legalese.

Jul-Sep 2013 Issue

Faruki Ireland & Cox P.L.L.