Randy wrote a little while ago in a blog called You’re So Vain… (now that takes me back...) about a new ESET-commissioned survey by CERC about social networking.
Along somewhat similar but rather more minimal lines, you might find the results of a 60-second survey carried out by HealthGuard of interest. The survey asked just two questions:
- Does your organization have a formal/written social media acceptable use policy?
- What level of access does your organization allow to each of the following social media sites: Twitter, Facebook, YouTube, LinkedIn, Blogs, and Other?
The relatively few responses received mean the survey can't be regarded as statistically bulletproof, but both the demographics and the general trend of the responses are interesting, suggesting (but by no means proving) that while the generalist computer press is still telling us either that businesses need to embrace the social media or that on no account should businesses accept the risks of social media, a surprising number of organizations already allow reasonable access to sites in all those categories.
If you find this of any interest at all, by all means go and inspect the breakdown: however, I was most struck by this. The responses to the second question were categorized as No Access, Very Limited Access, General Access, or Unrestricted Access. In one category, no-one reported "no access" or "very limited access". That category was LinkedIn. Does that mean that LinkedIn is seen as safer than the other categories, even the catch-all "blogs"? Does that also mean that organizations don't care about staff accessing LinkedIn in working hours, even though its primary role is usually seen as being jobseeking-related? (Yes, there's more to LinkedIn nowadays than resume-swapping, but still...)
David Harley CITP FBCS CISSP
ESET Senior Research Fellow
