Who amongst us isn’t engaged in a social network?  Look above this first line and you will see the icons for the predominant English language social networks (Facebook, Twitter, Google+, LinkedIn, etc.) and with a click of one of those buttons you have shared with those in your social network(s) the content of this message.  In 2013, you can assume the majority of your employees are on social media sites.

While individuals engage with social networks, so do companies and services.  Again, just look to the lower right corner of the footer of this page and you note how ClearanceJobs invites you to follow them on a host of social sites.  Social networks allow business to consumer and consumer to consumer interaction to occur with extraordinary ease.

And it’s not just personal information that’s shared online. Individuals have the ability to share details about their employer online, as well. The question of whether or not the employer’s information is authorized for sharing in this manner is a matter worth discussing and sorting with your employees.

How do we do this?

If you are the employer, you no doubt have already had your employee sign a non-disclosure agreement, which no doubt covers the unauthorized disclosure of company information.  If the company engages in classified work, then there are further restrictions.  But is the NDA sufficient?  In my opinion, it isn’t near enough, and leaves too many unasked questions.

That last sentence is a bit mealy-mouth, “unasked questions,” what does that mean?  What it means is it is in you – the employer’s – best interest to guide your employees through the social media journey as it applies to your company and clients.  And you the employee – you, too, need to get your arms around your company’s expectations on what should and shouldn’t be shared within your networks.

What can the employer do?  Have a dynamic social media policy and guide for your employees.  Why dynamic, social networks are here to stay, and who they are and how they operate change on a regular basis. Having a dynamic guide ensures you are guiding your employees based on current iterations.  Yes it does require an investment of time and energy.  Wouldn’t it be easier to just say, “no social networks?” Maybe, but do you really think it would be effective?  Better to guide with the “how” and expunge the “no.”  You can see a great many examples of social media guides at Chris Boudreaux’s Social Media Governance, where he has provided the content of over 200 social media guides/policies.  Having a guide, coupled with your information security policy, your NDA and your employee conduct policies, allow you to have your bases covered from an employer’s perspective.  It also ensures you are sharing with your employees your expectations.

As an employee you have an obligation to your employer to protect their information, and that of their clients/customers in accordance with their directives.  I submit that should the “directives” encumber you and get between your being able to perform your job and not, that you may wish to point out these issues. And what works for one company or industry sector may not work for the next, so the saying, your mileage may vary is apropos.

In sum, employers, you should have no expectation of your employees knowing how you wish them to engage as employees on social networks if you don’t provide them a guide/policy to help them understand your expectations.

Related News

Christopher Burgess (@burgessct) is an author and speaker on the topic of security strategy. Christopher, served 30+ years within the Central Intelligence Agency. He lived and worked in South Asia, Southeast Asia, the Middle East, Central Europe, and Latin America. Upon his retirement, the CIA awarded him the Career Distinguished Intelligence Medal, the highest level of career recognition. Christopher co-authored the book, “Secrets Stolen, Fortunes Lost, Preventing Intellectual Property Theft and Economic Espionage in the 21st Century” (Syngress, March 2008). He is the founder of securelytravel.com