This is the social networking age where most people are hooked onto one or more social networking circles.
The human psyche’s natural intent is to boast of ourselves, and social channels provide an excellent channel for us to blabber on what we do, including the menial tasks of cleaning a car, fixing omelettes and then the trend continues towards work life – giving details of what was done at work. The update could read something like – I create an IT consulting business proposal for ABC company.
It may look like any other update that has come out during the day, but this is confidential company information, meant to be within the company network, and not outside. The leak could be severe – like loss of business for the organization, sharing business intelligence which was gathered over the years or worst, leaking of client privileged information which would tarnish the company and invite plenty of lawsuits from the client organization.
Social media has introduced this risk which has exposed each and every company under the sun, including the defense and space establishments where they download Instagram videos and share them everywhere. There is no easy way to mitigate the risk in the form of technology. Companies can block social network websites at work and jam mobile data networks, but what about the information that employees carry home?
Currently, many organizations are asking their employees to sign a confidentiality agreement which states that company’s confidential data must not be leaked. I am certain that employees would not have read it when they put their autographs across it. This agreement is like putting on a tie pin without wearing a tie. The rule stipulates you put on a tie pin but does not proceed to check if you are actually wearing a tie.
What must organizations do?
It must all start with the preservation of confidential data agreement.
Follow it up with a policy document that provides the boundaries for employees to work within. And then conduct classroom or video training to spread awareness of dos and don’ts.
Organizations must find resources and time to train employees on the importance of retaining confidential data within the organization’s walled network. There should be no excuse to skip this step.
Put up posters and send periodic mails to remind employees of the consequences of leaking confidential information. Yes, listing out consequences is necessary and an important step to undertake. Negative motivation works in this case. Tell your employees that you have eyes everywhere and you are watching them.
To reiterate, social media is a giant risk. It must be addressed and proper amendments be made to nullify it. The risk will stay as long as organizations continue to use human workforce and as long as social media network channels exist – on both counts, the answer is always. It is a repeatable exercise which organizations must cover regularly.
How is your organization fixing this risk?