You can provide great benefit to your
employees by educating them on social media security. Train
them on how to keep their identities safe when using social media. There are
many considerations and procedures which should be implemented to ensure protection
from identity thieves, a few of which I have highlighted below.
Additionally, protect your business. Social media policies
are a set of guidelines created by employers to provide employees with the "do’s
and don’ts" of social media use related to the workplace. Be very careful to adhere to the National Labor Relations Board’s recommendations to ensure compliance with labor laws.
Social Media Security
Suggestions for employees (and for yourself):
Don’t accept every
friend request: Only accept requests from people you know. Do not accept
requests from those you don’t know, even if they are friends of your friends.
Don’t share too much
information: “If you aren’t comfortable placing the same information on a
sign in your front yard, don’t put it online” (OPSEC, slide 6).
Adjust your profile
privacy options: Many sites default to less privacy. Choose settings
wisely to protect personal information
Choose Different and
Complex Passwords
Using the same password for each social media account
provides hackers with an increased opportunity for identity theft. Make sure
the passwords you choose are complex and not easily identified from information on your profile (such as a pet’s
name) (Social Networking, n.d.).
(infographic courtesy of bostinno.com, http://bostinno.com/2011/09/26/how-secure-is-your-twitter-password-when-good-twitter-accounts-go-bad-infographic/)
Avoid add ons: They
are generally created by third parties,
and therefore you just don’t know who is able to access your account through them
(OPSEC, slide 14).
Geotagging: Geotagging
allows your location real time to be picked up by anyone who can view your
page. Do you really want people to know where you are at all times (Siciliano,
n.d., para. 9)?
Social media policy
suggestions
Avoid overly broad
clauses that restrict employee’s use of poor language: This can be
interpreted as restricting rights employees lawfully have to criticize an
employer publicly (Halpern & Gardner,
2013, para. 6).
Avoid violating
Section 7 of the National Labor Relations Act: Remember that employees have
a right to “engage in concerted activities for the purpose of mutual aid and
protection”( Collins, n.d., para. 3).
Do not attempt to
require absolute accuracy in employee’s comments: Employees are entitled to
express opinions whether or not they are “factually accurate”(Halpern & Gardner , 2013,
para 8).
Do exercise your
right to limit the use of social media by employees during work time or on
company computers (Halpern & Gardner, 2013, para 10).
In conclusion, advise your employees to treat their social media presence as if an
identity theft is watching every move they make. Remind them to post content under the assumption that it will stay on the internet
forever. Inform them that even though they may only be placing little bits and
pieces of personal information on various sites, a skilled hacker will
find ways to piece their profiles together until he/she has a complete picture with way too much information.
Realize that employees have many rights protected by the
law. The National Labor Relations Board reminds us that employers must exercise
caution when writing social media policies to ensure that they are not
prohibiting employee rights.
References
Collins, J. (n.d.), "NRLB Report: Employers' Social Media Policies Must be Narrow, Must not Restrict Right to Engage in Protected Activities." Retrieved from http://www.natlawreview.com/article/nrlb-report-employers-social-media-policies-must-be-narrow-must-not-restrict-right-t
Halpern, S. J. & Gardner, C.H. (2013). "When is Your Company's Social Media Policy an Unfair Labor Practice? Recent NLRB Decisions Offer Long-Awaited Guidance for Employers." Retrieved from http://www.natlawreview.com/article/when-your-company-s-social-media-policy-unfair-labor-practice-recent-nlrb-decisions-.
Siciliano, R. (n.d.). "15 Social Media Security Tips." Retrieved from http://blogs.mcafee.com/consumer/15-social-media-security-tips.
"Social Networking Security-Information Security Guide." (January 27, 2013). Retrieved from https://wiki.internet2.edu/confluence/display/itsg2/Social+Networking+Security
U.S. Army. (n.d.). "OPSEC and Safe Social Networking." Retrieved from https://ia.signal.army.mil/SocialmediaandOPSECbrief1.pdf .
Kristin, this was a really excellent summation of the key points that go to protecting privacy and security. In the auto industry specifically what are some of the things that can go wrong for the dealer if one of their employees fails to follow sound privacy and security protocol?
ReplyDeleteGeorge, there is a fine line that many dealers walk as to whether or not salespeople should be allowed to communicate with customers on Facebook other than the dealership Facebook page.
ReplyDeleteHere are some things that can happen if policies are not adhered to:
Salespeople might choose to post about inventory or sales when the dealership's social media plan is strictly against using social media to promote products. This will cast a negative light on the dealer reputation.
Salespeople or employees could accidentally post classified information such as the commission they made on a sale on their personal pages.
A dealership employee might inadvertently congratulate a customer by posting a picture of the customer with their new car, without permission from that customer. Perhaps that customer wanted to keep the large purchase private and now feels his/her privacy has not been respected.
A customer may post negative feedback on the dealerships social media site, or on their own site, and an employee may respond in an inappropriate way because policies and guidelines had not been established to outline proper feedback.
In conclusion, employees who are not well informed on social media guidelines or who do not protect their own privacy could end up spilling information out to the public that jeopardizes the reputation of themselves or of the dealership they work for. Further more, they can invade the privacy of their own customers, often unintentionally.
Hi Kristen,
ReplyDeleteThat's a great infographic about Twitter. I did not realize that Twitter has a list of banned passwords. This is important for auto dealers or any other business to follow and make sure that they choose passwords for social media accounts that do not match up closely with anything like the above. It's also interesting to see that several of the top Twitter accounts have been hacked at one point or another.
I also wanted to comment on your thoughts on policy. You said, "Do not attempt to require absolute accuracy in employee’s comments: Employees are entitled to express opinions whether or not they are “factually accurate”(Halpern & Gardner , 2013, para 8)." This is an important point. It is really no businesses' right to say whether or not someone's opinion is fact. We need to be careful not to limit our employees' speech too much, otherwise we are crossing a fine line of violating the first amendment.
Although it would be problematic for an auto dealer employee to post opinions about their cars on the internet, it cannot really be restricted. What do you think auto dealers can do to combat this problem?
-James
James,
DeleteI have been giving thought to your question over the course of this week.
I did find information that eludes to the fact that employees could be fired for negative comments surrounding cars they sell. Read this from www.accountingweb.com and let me know your interpretation:
"In another case involving Facebook, the NLRB ruled that a luxury car dealership illegally fired an employee for posting comments on his Facebook page that criticized a dealership sales event. According to the NLRB, the postings were "part of a course of protected concerted conduct related to employees' concerns over commissions and were not disparaging of the employer's product or so 'egregious' as to lose the Act's protection" (Alaniz, March 13, 2012, para 10).
What caught my eye is the "were not disparaging of the employer's product or so 'egregious' as to lose the Act's protection" (Alaniz, March 13, 2012, para 10). Doesn't this sound as if in fact bad mouthing a car would then be grounds for termination?
References
Alaniz, R. (March 13, 2012). "When Employees Rant Online: The NLRB Weighs in on Workers' Rights." Retrieved from http://www.accountingweb.com/topic/social-networking/when-employees-rant-online-nlrb-weighs-workers-rights.
Kristin,
ReplyDeleteGreat post and I love the title it’s something that catches your eyes and sparks interest!
I cannot believe the list of passwords Twitter banned; I am amazed that people use such common passwords! Until someone is hacked I don’t think the importance of their security is really visible to them.
If you owned a business and had a social media team, who on this team would have direct access to social media passwords?
I also loved the list of social media security suggestions, very helpful and informative. What suggestions would you suggest your social media team follow in addition to the ones you provided? Would you recommend changing your social media passwords every so often?
Christine
Hi Christine,
DeleteIn doing some research about passwords, I found a great article which contained the following information:
"Even if you have a large team working on your social media presence, consolidate management of your social media accounts so that as few people as possible hold the password for your public presences. Use a social media management tool that provides gated access to your social media accounts, so that you can cut off any one employee's access to all your social accounts by severing their access to your system. Make sure that any social media account passwords are held by at least two people (and recorded in a secure company database), and that they are tied to a corporate (rather than personal or independent) email account, so that in a worst-case scenario, your IT department can get access to all passwords"(Samuel, Feb. 8, 2013. para. 9)
I think this is the most excellent recommendation for password management that I have encountered thus far.
In addition, I would answer your question as to whether or not to change passwords every so often with a yes.
You asked what other recommendations could a social media team follow and in response to that I'd like to add another quote:
" Treat the dismissal of any employee with a significant social media following the way you would treat the dismissal of a senior executive: as an internal matter for which you need an external communications plan. No, you don't need to convene the board or draft a 12-point game plan every time you lay off an employee with more than 25 Twitter followers. But you should have a generic communications plan that you have on standby in case any layoff gets social media coverage, as well as a protocol for identifying, escalating and addressing any HR story that gathers momentum online" (Samuel, February 8, 2013. para. 11)
A disgruntled, newly terminated employee may hold a good degree of power in shredding a company's reputation if that individual is active and has a strong following on social media.
References
Samuel, A. (February 8, 2013). "When HR Decisions Become Social Media Scandals." Retrieved from http://blogs.hbr.org/samuel/2013/02/when-hr-decisions-become-socia.html.
Hi Kristin,
DeleteGreat quote from Samuel. Dismissing an employee with a large social media employee is an issue that companies cannot overlook. I am not sure of the best way to deal with this problem but a start would be to treat the employee with respect upon their exit (severance package, etc). This may lesson the blow. Have you heard of the website glassdoor.com? If not, take a look and type in some company names. You'll find reviews of the company from ex-employees or current employees. This is a social media site of sorts where employees can air their frustrations (or positive experiences) with a company to guide people when applying for jobs. It's very interesting and should pose as a reality check for some companies that clearly need a revamped culture.
-James
Kristin,
DeleteThat was a great quote from Samuel. Having a generic communications plan on standby is a great idea. I don’t think many companies think about this when dismissing an employee. That person can take to every social media platform and rip the company apart. Even if the said employee is not one the company thinks would normally do that, it’s shocking what some people are really capable of.
I have never heard of glassdoor.com I would imagine most people comment on the negatives of a company and not the positives. Every company has its pros and cons and both should be listed. The company I work for now is not perfect but the pros out way the cons.
I think many companies need to revamp in the culture department. Every company should have an internal social media platform for employees to “vent” on, but some employees may want to be kept anonymous so this should be an option. Come on now what could be a down fall of having a bunch of happy employees?!
Christine,
DeleteInteresting idea on a forum for employees to "vent" anonymously. This might be nice as something maintained and moderated by human resources. Of course employees would have to keep it respectful but if the company presents solutions to employee concerns, this type of forum would cause employees to overall be more satisfied. I wonder if any companies have something like this set up!
Hi James and Christine,
DeleteI cannot actually name any companies who have an anonymous platform set up for employees to vent, but I do believe I have heard of this before so perhaps it does exist.
I don't know how I feel about it. While employers owe employees a right to provide feedback, providing an anonymous forum seems as though it may actually encourage the escalation of negative feelings. What do you both think?
I think it would have to be monitored by HR. I would think guidelines would have to be set in place. If the company I work for was to do this, I would think of it as like a “suggestion box”, so the feedback I would provide would be to improve the company, while talking to co-workers whom may share the same idea or have similar feelings. The comments could be considered negative but it would be done in a respectful manner, but I can see how it may get out of control. Maybe “vent” is the wrong word we are using here, as I hear the word “vent” I do think of negativity. Then again if you have a bunch of employees’ making nothing but truthful negative comments, then you as an employer are doing something seriously wrong.
DeleteI have mixed feelings. I think it is a great idea but it could easily go wrong. I think it would start as mostly negative but develop into something positive. Sometimes people just need to vent - it's human nature. We should embrace this and then create positive experiences for our employees. If the culture is overall negative, I could see this getting out of control. Therefore, it would not work for everyone.
DeleteHi Kristin,
ReplyDeleteYou really covered all the main points and provided great definitions so auto dealers can understand what you are talking about. I think the biggest problem with social media is that most people and companies don't understand its capabilities therefore they don't understand the threats it poses to them or their company.
I am an government employee and one of the things I like that Mitrano said regarding higher education and social media really stuck with me:
"Depending on how the law and technology, social norms, and the market shape social networking technologies in the very near future, higher education may also choose to develop its own applications and architectures to ensure effective communications within its communities, privacy of personally identifiable information, ownership of posted material as a matter of policy, and sound technical security without the distractions of advertising and commercial manipulations for profit"
I think government employees could benefit from developign its own applications and architectures in order to engage in social networking in a more private way. Do you think the auto dealer industry could benefit from something along those lines?
Kristin,
ReplyDeleteThe suggestion “adjust your profile privacy options” is a great one. Many times these privacy settings are modified and all too often people forget to stay up to date with these modifications. I know in our reading it spoke of Facebook; its privacy settings have changed many times. It is important that individuals stay up-to-date with the social networks privacy settings they are using and keep them modified to their liking. I know from my personal perspective, these privacy options can be a bit tricky, do you agree? If so, why do you think that is? In the case of Facebook I think less privacy serves them well, opens more avenues of revenue.
The more I investigate Facebook throughout this course the scarier the social network giant becomes. Now I understand we definitely cannot believe everything we read on the Internet but much of the detail is consistent throughout many credible sources.
In our readings this week we learned a bit about social networks that own your content and how many are not necessarily aware of this. For example Instagram recently changed their policy and pledge their right to sell your photos. Imagine a relaxing evening with your family when up pops a commercial broadcasting a family photo of you all. Do you get any royalties? Nope. Seriously, that is simply not right in my opinion. How do we lose the right to our content just because we use software? That seems similar to Microsoft owning book rights because an author used Microsoft Word for their writing. Hmmmm
If you have the time though, check this article out: Top Ten Reasons You Should Quit Facebook (I’m curious whether you are shocked at what the reasons are.) (http://gizmodo.com/5530178/top-ten-reasons-you-should-quit-facebook)
As always Kristin, great post! :)
-Krystal
Krystal,
DeleteYou bring up a good point about the difficulty in setting privacy options. I don't know if this is intentional or not, however you are not the only one who's asking that question. Noted in an online WSJ article, NFL referee Brian Stropolo is quoted saying:
"Privacy researchers say that increasing privacy settings may actually produce what they call an "illusion of control" for social-network users. In a series of experiments in 2010, Carnegie Mellon University Associate Professor Alessandro Acquisti found that offering people more privacy settings generated "some form of overconfidence that, paradoxically, makes people overshare more" (Fowler, G, 2012, para 47).
The entire article can be viewed here: http://online.wsj.com/article/SB10000872396390444165804578008740578200224.html.
What are your thoughts about it? Are you inclined to believe Facebook intentionally creates difficulty in privacy setting adjustments?
How interesting, the statement about privacy settings generating a feeling of overconfidence which essentially encourages one to share more. I can relate to this actually being the case. My thoughts on this is that social sites make it difficult for a reason. This reason is a result of profit. The less private our profiles are the more money these sites can make off of the content we provide. If we consider Scott's mention, in our reading, that the Internet is making it increasingly about niche markets then personalization is key. Social sites offer the details for precise personalization more than nearly any other marketing tool available.
DeleteBut then we could argue that privacy doesn't matter as these sites essentially own our content regardless. Consider Instagram: http://abcnews.go.com/Technology/instagate-instagram-claims-display-users-photos-ads-users/story?id=18006012
Good point, Krystal. You have got me wondering now what really goes on behind closed doors at Facebook or Twitter when they discuss privacy issues.
DeleteWe all enjoy the benefits of what the internet offers us. I love the personalization that it offers. I actually like seeing ads pop up that are tailored to my interests. However, all of this cannot be achieved without transparency and sharing of information.
I wonder how many people would vote to lose the benefits that the internet provides in exchange for having complete privacy given back to them. I am guessing not many.
Hi Nia,
ReplyDeleteMy apologies for not responding sooner but I was giving some thought to your question. After taking some time to reflect on this, my opinion is that the auto dealer industry does not really need its own architecture and applications to privatize social networking. I can absolutely see the value in doing this for government or education where mounds of proprietary information may exist, but I cannot envision a reason why the auto dealer industry would benefit.
When you posed this question was there a particular aspect of the relationship of dealers and social networking that you had in mind? I would like to be sure I understood your question correctly.