1 / 34

Chris McClean, Principal Analyst, Research Director

Webinar Embrace Social Media Safely: Effective Methods To Identify And Address The Risks Of Hyperconnectivity. Chris McClean, Principal Analyst, Research Director. Nick Hayes, Researcher November 27, 2012. Call in at 12:55 p.m. Eastern time. Agenda. Enterprise challenges with social media

rtoledo
Télécharger la présentation

Chris McClean, Principal Analyst, Research Director

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. WebinarEmbrace Social Media Safely: Effective Methods To Identify And Address The Risks Of Hyperconnectivity Chris McClean, Principal Analyst, Research Director Nick Hayes, Researcher November 27, 2012. Call in at 12:55 p.m. Eastern time

  2. Agenda • Enterprise challenges with social media • Risk management best practices • Classifying social media risks • Technologies to help monitor and enforce controls

  3. Agenda • Enterprise challenges with social media • Risk management best practices • Classifying social media risks • Technologies to help monitor and enforce controls

  4. Social media is a top concern “How concerned are you with the risk that the following initiatives or technologies could introduce in your firm?" Base: 1,124 North American and European security and risk decision-makers at companies with 1,000 or more employees; Source: Forrsights Security Survey, Q2 2012 5

  5. New challenges for the enterprise SOCIAL MEDIA IS A NEW MEDIA FORMAT WITH NEW RISKS TO THE COMPANY It disseminates information to the general public. It’s available anywhere at any time. It blurs the lines between professional and private lives. Accounts are easy to start and difficult to track. It evolves rapidly. It’s not always static, modifications are easily made — and the data is not always company-owned.

  6. Specifically, data leakage and reputation

  7. Blocking social isn’t practical

  8. Blocking social isn’t practical (cont.) THE BUSINESS OPPORTUNITY IS TOO GREAT The number of new client touchpoints are vast: Over 1 billion active Facebook accounts Over 500 million Twitter accounts (unofficially) Over 175 million LinkedIn members The business opportunity for Twitter alone could reach $1.3 trillion?!? “[Social media] has the potential to be the best lead generation tool in the financial advisor business, ever!”

  9. Blocking social isn’t practical (cont.) THERE ARE TOO MANY BUSINESS USE-CASES

  10. Blocking social isn’t practical (cont.) THERE’S NO EASY APPROACH; OVERSIGHT IS DIFFICULT, BUT CRITICAL 11

  11. Agenda • Enterprise challenges with social media • Risk management best practices • Classifying social media risks • Technologies to help monitor and enforce controls

  12. Incorporate risk mgmt best practices Source: October 12, 2010, “The Risk Manager’s Handbook: How To Explain The Role Of Risk Management” Forrester report

  13. Agenda • Enterprise challenges with social media • Risk management best practices • Classifying social media risks • Technologies to help monitor and enforce controls

  14. Classify the major types of risk Brand and reputational Information security Legal and regulatory Operational Physical security

  15. Classify the major types of risk (cont.) Brand and reputational PR gaffes affect company image. Inappropriate posts, social account sprawl, negative client sentiment, use of profanity

  16. Classify the major types of risk (cont.) Brand and reputational examples They are often slip-ups by employees, and even executives. Can include profanity Result from inexperienced users

  17. Classify the major types of risk (cont.) Information security Information security risks are external and internal. Access control, malware, social account hijacking, data loss, account hacking

  18. Classify the major types of risk (cont.) Information security example

  19. Classify the major types of risk (cont.) Legal and regulatory Regulators look for effective process and controls. Consider government regulations Disclosure and archiving: Financial Industry Regulatory Authority (FINRA), Financial Trade Commission (FTC), Securities and Exchange Commission (SEC) Privacy: Health Insurance Portability and Accountability Act (HIPAA), Gramm Leach Bliley Act (GLBA) Employee rights: National Relations Labor Act (NLRA)

  20. Classify the major types of risk (cont.) Legal and regulatory example

  21. Classify the major types of risk (cont.) Legal and regulatory example Costco’s social media policy was recently found to be in violation of the National Labor Relations Act (NLRA). The NLRB ruled it inhibited employees rights to “engage in protected concerted activities” around collective bargaining and “other mutual aid or protection.”

  22. Classify the major types of risk (cont.) Operational Operational risks diminish efficiency and performance. Service unavailability, productivity losses, process redundancies, gaps in oversight Includes risks of not using social media, competitive disadvantages, ability to recruit and retain talent

  23. Classify the major types of risk (cont.) Physical security Physical security risks expose corporate assets and neglect employee safety. Disclosure of facility locations, corporate datacenters, or personal information Failure to effectively communicate crisis messages or disseminate critical information

  24. Agenda • Enterprise challenges with social media • Risk management best practices • Classifying social media risks • Technologies to help monitor and enforce controls

  25. Determine high priorities and treat them Source: October 12, 2010, “The Risk Manager’s Handbook: How To Explain The Role Of Risk Management” Forrester report

  26. Existing security technology can help Web filtering Block content, block access to sites, allow access with exception request DLP tools Control data, search for leakage via web channels, network analysis and visibility (NAV) Manual web searches Perform ad-hoc web searches, identify policy breaches, inappropriate conduct

  27. Emerging tools offer more support THEY CAN CONNECT THE DOTS AND MANAGE SOCIAL MORE HOLISTICALLY

  28. Social control systems Standalone products that enforce policy controls

  29. Social engagement platforms Engagement suites that cover compliance requirements

  30. Social marketing management platforms Systems to establish and streamline social marketing processes

  31. Social listening platforms Analytics tools and services that monitor activity and develop social intelligence

  32. Recommendations • Technologies are critical, but it starts with establishing the effective processes and policies, and building the right culture. • Try to manage social media risks on your own first; it will help identify issues for your organization and help justify budget. • Piggyback on other team’s budgets where you can. • Don’t become the department of “no.” Use this as an opportunity to demonstrate your value to the business.

  33. Chris McClean cmcclean@forrester.com Nick Hayes nhayes@forrester.com

More Related