Believe it or not, people can be stupid and lazy. Even your employees. You don’t want to be a jerk about it, but the potential for compromise of your company’s data and interests is great enough that you have a good case for blocking and/or monitoring use of social networking sites
Goofing off is as old as work itself, but the more interesting problem with social networking is the potential for confidential data loss. Rapid-fire and almost competitive communications with outsiders drives many users of social networking services to spill more data than they should. Nobody’s going to accidentally divulge 50 credit card numbers, the classic example of the sort of data looked for by DLP (Data Loss Prevention) products. But they do say stupid things.
Everyone feels they can tell the world what’s going on these days. Not everyone is a lawyer or has even the common sense to know when they’re violating a confidence. Take the example of the jurors who used Twitter and Facebook, in at least one case on their cell phone, to post messages about cases on which they were sitting. “I just gave away TWELVE MILLION DOLLARS of somebody else’s money” tweeted one such dope. Another posted status messages about the corruption trial of former Pennsylvania state Senator Vincent Fumo on Twitter and their Facebook page: “Stay tuned for a big announcement on Monday everyone!”
In another case, a New York City police officer wrote about his mood on his MySpace page. This called his judgement into question in a trial the next day in which he testified, and the defendant won. Did the defendant win because Officer Ettienne called his own mood the day before “Devious”? It didn’t help.
As an employer you need to be concerned that some of what they’re discussing is confidential company material, perhaps private data of third parties, and we may be at the stage where you need to do something to stop it. If you don’t, you may find yourself being accused in the legal system some day of failing to take reasonable measures to protect data. How would you react if one of your people tweeted “Really close to closing the big deal!”? That alone could compromise negotiations.
How do you allow for legitimate use of social networking services while blocking improper use of them?
If you’re going to allow them, then monitor their use so that you know how much they are being used. Just because you know that employees are using these systems is not a direct reason to cut them off; it’s just when they’re using them too much.
You also need to have clear and stern policies about employees revealing company information outside of proper channels.