In the following blog post, I will summarize one approach of how to allow your internal users use Facebook and protecting your business at the same time. I came across this approach by Lawrence C. Miller and I thought of sharing it with you.
- Find out who’s using Facebook
- Develop a corporate Facebook policy
- Use technology to monitor and enforce policy
The best approach would be to follow a systematic process that develops, enables and enforces appropriate Facebook usage policies that do not conflict with the organizations’ network security objectives and policies. The first step is to find out which social networking applications are in use, who is using them, and the associated business objectives. Once, you get the overall picture develop a corporate Facebook policy. Such as, what should and should not be posted about the company, who is responsible to post this or that, plus educating users of the risks associated with it. The last step is to use the appropriate technology to monitor and enforce the corporate policy. This would include how IT will apply all policies in terms of security controls that truly reflect the corporate policy and vision.