posted 17 Dec 2009 in Volume 13 Issue 4
Q&A: Social networking habits
Following on from recent research Ė and a subsequent roundtable discussion Ė into social networking habits within the workplace, Craig Carpenter discusses where businesses are going wrong when it comes to implementing the appropriate guidelines and usage policies.
Can you tell me more about the topics discussed at the roundtable?
We focused on how much people are using Web 2.0 tools and what for, which led into what organisations are doing to address this. Many block access Ė so we discussed whether that makes the situation better or worse. Then we delved into the disconnect between IT and legal. Clearly, social networking is a trend, not a flash in the pan, and our research findings showed that IT are tasked with the responsibility of looking after it. But thatís not fair as theyíre not always going to know exactly what theyíre looking for and their view is more focused on facilitating the efficient use of technology Ė ensuring the workforce knows how to use the tools, and so on. That is a very different mandate from that of the legal department, with respect to controlling and monitoring information and ensuring everything goes to plan. IT is just not used to managing this level of risk.
The research suggested that many organisations do not have the appropriate guidelines in place to control the use of Web 2.0 tools?
The overarching issue is the economy. Every company has suffered. At a minimum, businesses havenít been hiring when they otherwise would have, so it may be that there are not enough people around to deal with this.
There is also ignorance with respect to how these tools are being used internally. Those who do realise they are being implemented may not know that there could be potentially harmful effects. There are obvious industries, such as finance, where this is recognised and such businesses are making a choice as to whether to monitor usage, block access, or do nothing. But others are still focused on e-mail and internet management and havenít really caught up yet. Thanks in part to the uncertain economic conditions of recent years, firms don?t see it as being a high enough priority. This survey has confirmed that Web 2.0 has already caught on, so those firms with this viewpoint are now playing catch-up. The organisations that have no policy whatsoever have a long way to go and need to take steps swiftly. Others who have merely tweaked their e-mail policy will not necessarily achieve what theyíre looking for. I understand why they have followed this path; itís quick and fairly easy. But these tools are very different from traditional e-mail in the speed in which they operate and the number of people who are accessing the information. Itís much greater than e-mail or even instant messaging. With Twitter, you may have 400 followers and you donít know exactly who they are all. It really needs a more customised policy, which many organisations havenít rolled out, whether due to ignorance, lack of resources or limited understanding of the tools. You need a collaborative approach where IT approaches the legal department and says: Ďwe have these systems and people are using them Ė we just want to make you aware so we can address any potential concernsí.
How fair is it to say that, similar to email and instant messaging previously, people are slow to cotton on to the level of risk involved with using these systems?
E-mail seemed to really catch on quickly and went from being a novelty to something that people relied on in around three to six years. Twitter as a company didnít exist two and a half years ago and I think itís human nature to take a little time and to assume this instance is going to be the same Ė but itís much faster. Also, people charged with the legal side of things may not use Twitter or Facebook Ė although they will probably have heard of it. There is a lack of understanding, not only of how to use these tools, but also the ramifications. Itís about the speed coupled with fact that by their nature, the tools are different. They are more useful than e-mail but also potentially more harmful because of the sheer speed of communication and the inability to know at all times whoís looking at what youíre positing. Also, there is the truncated nature of the communication vehicle Ė you donít always proof read what you write and because its such a short burst of dialogue, it can often be misinterpreted. People may use abbreviations and itís very easy to misconstrue what someone says, or interpret it in the more Ďinterestingí way Ė which is often the damaging one.
Is this a big problem in the legal profession?
When it comes to the client organisations, yes. It doesnít happen often, but when an organisation has to produce information that was posted on someoneís Facebook or Twitter account, for example, it takes the organisation by surprise, because it didnít anticipate it at all. This is being seen more and more. E-mail is relevant in probably 99 per cent of situations, whereas social software tools are relevant in a far smaller percentage, but the growth rate is pretty significant. In the law firms themselves, itís less of a concern. There will always be people who are at risk, but individuals in law firms Ė be it fee earners, leadership or support staff Ė tend to understand that they deal with sensitive information every day and have been trained for this from the outset. They have been conditioned not to disclose information. Most corporations havenít been trained in the same way.
What advice would you give to organisations working with Web 2.0 technology?
Develop an understanding of the tools themselves and how people are using them. Also, donít assume that because your usage or security policy is in place, it is being used correctly. You need to audit the behaviour of your employees Ė although not in the sense of looking over peopleís shoulders or being Ďbig brotherí. People will tell you how they are using these tools, so ask them. If their behaviour is consistent with the policy and that policy is sound, then youíre in good shape. If the behaviour is inconsistent, then you have to make a choice. These tools can be very helpful and the irony is that many companies are getting the worst of both worlds. Either their employees are not using Web 2.0 to its full capability Ė for example communicating with external parties Ė yet at the same time, the policy isnít being followed. Have your eyes open and ensure your policy makes sense and reflects how you want people to behave. Audit their behaviour and, if you need to, you can take more draconian measures, such as blocking access. For example, I donít see as much business utility in some social networking sites as others. The other important aspect is training. You donít need to put everyone on a week-long course, but it makes sense to have something in place Ė donít assume that people know all the downsides to working in this way. You need to trust your employees to a large degree, but you also need to ensure that people understand the potential positives and negatives of the tools. Individuals may find a certain site fun and easy to use, but donít realise that in the work context it may be deemed as unprofessional or inappropriate in certain circumstances.
How much impact do you think that blocking access has on the transfer of tacit knowledge from departing employees?
It depends on what technology the company has deployed. The irony is that the ability to access tacit knowledge has been around for years. Here, law firms are ahead of the game as itís the lifeblood of their organisation. Rolling out an expertise location system is something theyíve already done, therefore they donít necessarily see a use for something like Facebook. However, in many organisations people are using Facebook for that exact purpose, when a simple expertise location system would take care of it in a much more simple and secure fashion. If the organisation is using a social site for that purpose and you take it away but donít have a expertise system in place, then you really hurting your employees. That is where IT leaders need to understand why people are using those tools and that there other ways to satisfy your users Ė you just need to understand what it is they need. Iím not a big fan of blocking sites, as the majority of the time youíre not going to be 100 per cent effective. In most cases you just canít prevent people from using these resources, so it is much more sensible to provide effective training.
Craig Carpenter is vice president of marketing at Recommind. He can be contacted at firstname.lastname@example.org
For more information about Recommindís research into Web 2.0 and social networking habits, visit: www.recommind.com