Entries Tagged 'Facebook' ↓

Pretty much everyone in the healthcare world is buzzing over a Los Angeles Times story from earlier this week that superficially made a strong case for blocking hospital employee access to Facebook.

The article, by Times reporter Molly Hennessy-Fiske, chronicled the case of 60-year-old William Wells, who died at St. Mary Medical Center in Long Beach, California, where he was brought after suffering severe knife wounds inflicted by a fellow resident of his nursing home.

Instead of focusing on treating him, an employee said, St. Mary nurses and other hospital staff did the unthinkable: They snapped photos of the dying man and posted them on Facebook.

The article chronciles a number of incidents at other hospitals involving staff violating patient privacy (and HIPAA) on Facebook, along with the fates of the nurses who posted the information (several were fired). The article has inspired conversation in the healthcare community about the need to block employee access to Facebook.

It’s a kneejerk reaction. After all, before social media, it was just as easy to share inappropriate, confidential information via email. (And, at one point in the early 1990s, organizations everywhere resisted the use of email for exactly that reason.)

Beth Israel Deaconess Medical Center President and CEO Paul Levy has written perhaps the best analysis of the St. Mary case and the resulting flurry of blocking commentary. Levy’s excellent post concludes:

If you block Facebook on the hospital server, will it nonetheless be used in the wrong way by misguided people? Yes. They will use their iPhones or some other such handheld devices.

I know this sounds like the pro-gun argument, “Guns don’t kill people. People do.” However you might feel about that issue, this one is different. By blocking this medium on your hospital server, you will remove a highly effective communications tool, all because you are fearful that a few misguided people will misuse it. You trade the illusion of security for a loss of community.

In an earlier post dating back to October 2009, Levy also noted that blocking Facebook creates “a generational gap, in that Facebook, in particular, is often the medium of choice for people of a certain age. I often get many useful suggestions from staff in their 20′s and 30′s who tend not to use email.”

I’m currently reading a book, “The 2020 Workplace,” which delves deeply into the work habits and expectations of the Millennial Generation (born between 1977 and 1997); indeed, email is viewed (correctly) as an inefficient means of communication given more effective tools. As your Millennial kids how much they use email.

Blaming Facebook (or MySpace or Twitter or what-have-you) for human behavior that can be practiced with email, Usenet news groups, the telephone or in the elevator is not only misguided; it turns a blind eye to the more effective channels for communication that can actually improve communication in your institution. If you remember policies banning email in your organization in the early 90s, it’s easy to see today’s blocking policies as a failure to learn from mistakes made a mere 20 years ago.

The entire post is worth a careful reading, especially if your organization is on the brink of blocking staff access with the deluded expectation that it’ll solve a problem the roots of which have nothing at all to do with Facebook.

Despite the fact that most companies still block access, and you still routinely read about business leaders who insist that lost productivity is the only conceivable result of employees spending work time on social activities, it is time to move beyond the arguments against blocking. There are eight distinct ways organizations can benefit from their employees’ social connections if only they will develop models and processes to support the extraction of that value.

Recruiting is one of those categories. According to a June 22 article appearing on recruiting site ere.net, several organizations are already figuring out that employees’ networks can prove far richer sources of referrals than traditional recruiting channels.

Article author Todd Raphael lists several companies that have turned to employees’ social networks to identify top-shelf candidates. While my thinking on recruiting has been focused on querying employees about whom they know based on their involvement in online peer groups, Raphael points to the development of widgets employees add to their Facebook pages. The widgets contain lists of open jobs. The vacant positions are seen by employees’ friends visiting their pages. In most cases, if an employees’ Facebook friend applies for and gets the job, the employee earns a referral fee.

The idea of paying an employee for a referral is hardly new, but the analog version of the concept required an employee to tell someone, one-on-one, about the job. That process mostly limited employees to sharing the information with people they knew well and with whom they interacted regularly. A widget on an employee’s Facebook pages exposes the job to those connections with whom employees don’t have strong relationships, expanding the reach of the information to those with whom the employee has weak ties.

Among the examples…

• Staff at Virginia Mason Medical Center can add a widget to their pages that lists jobs like a director of nursing informatics and a range of IT jobs. Developed by recruiting firm Bernard Hodes, the widget has found its way onto a few employees’ pages. Once the Seattle-based organization formalizes a social media policy, it will roll the program out to all employees.
• Some Enterprise Rent-A-Car employees have already received referral payments for jobs filled based on the widgets they added to their Facebook pages.
• Employees from Hyatt will also have the opportunity to list open jobs on their Facebook pages and distribute the information to their friends.
• Using a utility from a company called Referrio, Cisco Systems listed 11 jobs that would each pay $2,500 for the employee who referred a candidate sourced through his or her social networks.

Recruiting agencies — whose business models are threatened as employee networks become better sources of candidates — are shoring up their value by developing the products and services to support employee social network referrals. There’s Hodes, noted above. And a company called Select Minds is developing a service that will notify targeted employees by email of open jobs. For example, writes Raphael:

Let’s say hypothetically we’re talking about a software job at Nationwide, and that the job is in Dayton, Ohio. An automated email about the job opening might go out to 1) Nationwide employees in any region who are in IT jobs, and 2) all Nationwide employees in Dayton. The SelectMinds email allows employees to either email selected contacts on LinkedIn, Facebook, and Twitter to tell them about the job, or update their LinkedIn and Facebook statuses (and soon Twitter, just not on the demo I saw) with info on the job. The chain of link-forwarding gets tracked as it moves around online, and the employee either gets the whole referral kitty, or can share part of it with a second person, depending on how the company sets it all up.

The employee who’s doing the referring can tell their company, via a short form, how well they know their friend, and what they think of them. The referring employee also gets emails notifying them if their contact has expressed interest in the job.

Meanwhile, recruiters view a dashboard listing how many times a job was referred, and how many applications came in for it. A recruiter can drill down and see who’s referring who.

Needless to say, the notion that companies will turn to their employees to help fill important jobs — but expect them to do it only from home — is absurd. In order for employees to help the company recruit needed talent, companies will increasingly turn to their employees’ social networks, which had better be wide open from work if companies are going to derive the greatest possible value from the effort.

Cross-posted from my primary blog, a shel of my former self

In a comment left recently to a post I wrote for Stop Blocking back in October 2007 about malware on Facebook, David Jones with CommerceMicro wrote:

Stupid, out dated information.

We have users that repeatedly get infected with viruses and spyware no matter what level or type of antivirus and antispyware software we install. It’s rather odd that ONLY THOSE particular users get re-infected day after day and that they all have MySpace accounts, FaceBook accounts, or whatever. Their employers have to continually pay us to come and clean these infections.

My reply was a bit terse. I asked Jones if he believed all the companies that don’t block access were lying about not encountering the problems he cited. (And no, I wasn’t snarky enough to point out that “outdated” is one word.)

The security issue does, however, appear to be supplanting productivity concerns as the main reason companies block access to Facebook and other social media sites. Among the dominant social networks, Facebook presents the biggest risk to company security, according to 60% of the respondents to a survey of 500 companies conducted by Sophos, an IT security organization. No other network comes close. MySpace ranks second, with 18% of companies identifying it as a concern, followed by Twitter (17%) and LinkedIn (4%).

The concerns are not illegitimate. The incidents of reported malware and spam attacks through social networks has jumped 70% since April of last year. Social networks have become common launching pads fore a couple of particularly nasty worms. The risk of infection, though, is not the only security issue that keeps IT staff up at night. Employees’ individual behavior represents a risk, particularly as web-unsavvy employees fall prey to phishing and other devious ploys. And then there’s the fear that employees will share information they shouldn’t.

Sarah Perez goes into considerable detail on the Sophos report in her post on ReadWriteWeb. Perez also notes that even Sophos isn’t advocating an outright block, despite the study’s findings:

Unfortunately for those in charge of enforcing corporate security, simply blocking Facebook and other social networks via URL is not a realistic solution anymore. The networks are often a large part of a company’s marketing and sales strategies, notes Sophos, meaning they cannot be blocked outright. Instead, companies are encouraged to use a unified approach for mitigating threats that combines data monitoring, malware protection and granular access for their employees.

A Financial Times article (free registration required) has the same advice, noting that organizations have too much to gain from employee interactions on social networks. The article, penned by the head of an information risk management and e-discovery firm, rightly notes that leetting employees access social networks from work gives them “the ability to locate the right people, information and expertise quickly, but they also greatly aid external networking, sales and marketing activities.”

The article (which I discovered on the Idea Peepshow blog, notes thyat 89% of businesses in the UK have no policies governing employee use of social networks and calls for companies to establish and enforce such policies.

As I’ve noted before, protecting the company is a matter of ensuring the proper network safeguards are in place (such as anti-malware/spyware software and the latest virus definitions) and that employees understand their responsibilities.

It works in a lot of companies that don’t block access. It can work in yours.

Most of the discussion about prohibited employee access to social media has been focused on companies. The kneejerk tendency to insist on these restrictions, though, isn’t limited to management, HR and IT. Even customers can get into the act.

In this case, the “customers” are the citizens of Portsmouth in the UK — or at least those citizens involved in The Taxpayers’ Alliance, which turned the screws on the Portsmouth City Council based on the belief that Council employees accessing Facebook was a “waste of public cash.”

According to a BBC News report, staff was spending 400 hours each month on Facebook, but the math reveals that this comes out to a whopping 5-6 minutes per month per employee. What’s more, the Council allowed staff to use Facebook during breaks and before or after work, and there’s no evidence that any staff members engaged in their social networking outside of those break times.

It also appears that the Council didn’t determine whether any of the time spent on Facebook was dedicated to interacting with Portsmouth citizens, monitoring relevant discussions, vetting possible new hires or engaging in any other activities that would serve the citizens of Portsmouth. Nor, it appears, was there any effort to determine how many hours the average employee spent working on behalf of Portsmouth’s residents, either in the office, at home or on the road.

Citizen taxpayer groups serve a purpose, of course, but given the results of a University of Melbourne study that proves employees with access to social networks are more, not less, productive, the blowhards with The Taxpayers’ Alliance may well have shot themselves in the foot. Rather than energized staff ready to work on their behalf, their misguided actions could well have led many employees to be less motivated. The Melbourne study argues that employees who can take a brief break between tasks and check in on their networks are more energized than those who simply trudge from one task to the next.

The Portsmouth ban will also include Twitter, Bebo and other social sites.

Mark Wallace, speaking for The Taxpayers’ Alliance, is quoted in the BBC article saying, “It is sad that it has reached a point where councils need to ban staff from Facebook. But people are employed to work hard for the taxpayer and this is clearly a waste of public money.”

But with no evidence that the taxpayers are not being well-served by Portsmouth employees, and an average of 5-6 minutes per day on Facebook that could be happening at break time or before or after work, Mr. Wallace’s assertion sounds to me like a solution to a problem that doesn’t exist. As usual, clearly communicated and consistently enforced policies — management by exception — is a better solution that an outright ban, one that ultimately can have more negative consequences than the non-existent problem the ban purports to fix.

Thanks to Neville Hobson for pointing out the article.

Todd Dwyer, Community Liaison/Environment for Dell, posted an item to the Direct2Dell blog announcing another in a series of environmental conversations taking place over at the company’s ReGeneration site. This one’s a contest in which Facebook members use the Graffiti tool to to express their views on what it means to “Go Green.” Dell’s giving away a green Inspiron laptop to the winner.

In his post, Dwyer noted that Dell has unblocked employee access to Facebook so the company’s workers can view and participate in the contest themselves. Dwyer also wrote that other social media sites have been unblocked, as well. Dell continues to display the characteristics of an enlightened company. Must be a heck of a place to work!

Today I was lucky enough to interview Jeremy Burton, the CEO of Serena Software, about his belief that encouraging employees to use Facebook provides clear business advantages. The interview was for For Immediate Release, the regular podcast I co-host with my colleague, Neville Hobson. You can get the Burton interview here.

There seems to be a case of split personality going on in a lot of companies. On the one hand, the blocking of social media sites continues apace. On the other hand, the adoption of social media in the enterprise is also on a growth spurt.

McAfee, the security company, is out with a study that concludes that one-third of bosses block employee access to music downloading sites like iTunes to dating sites. A quarter block access to sites like YouTube. More than half wish they could block access to social networking sites like MySpace and Facebook, but only 20% have taken the step. McAfee suggests the rest have resisted because the sites are actually used for work-related communication. Kudos to McAfee Avert Labs Security Strategist Toralv Dirro, who tossed off this wonderful quote:

The lines between work and play are blurring… but putting fair-usage policies in place and educating people on how to be safe on these sites is the most realistic option.

That’s pretty enlightened for a security software company. It’ll be a cold day in hell before we hear similar quotes from the fearmongers at Websense.

According to surveys from Barracuda Networks, two-thirds of companies plan to restrict access to the Net over the next year, an increase of nearly 23% over this year. About half of the company’s customers already block access to social networking sites (25% block just MySpace, 6.3% block just Facebook, and 19.3% block both).

Meanwhile, the prospects for adoption of social media behind the firewall as part of a company’s intranet seem to be gaining momentum. SocialText secured $9.5 million in venture capital from its existing investors concurrent with the arrival of former Adobe and Cisco exec Eugene Lee as the company’s new CEO. (Founder Ross Mayfield is sticking around as president and chairman.) Ferris Research analyst David Ferris told http://www.internetnews.com/ent-news/article.php/3709511″>InternetNews.com, “There is a strong interest in wikis in corporate environments, and most tools don’t give you the features Socialtext offers, like access controls, which are really important in the corporate space.”

There’s more: The Radicati Group has projected the market for “business social software” at $920 million this year, growing to $3 billion in four short years.

At some point, companies are going to have to come to terms with the fact that networks cross organizational boundaries and that open access — governed by clearly-communicated policies — will produce benefits that far outweigh the costs and risks. Companies that understand this sooner — like Serena Software, which has embraced Facebook as a resource for employees — are likely to gain a competitive edge over those businesses too busy quaking in their boots over the bogus issue of lost productivity.

While many organizations are frantically blocking access to websites, Serena Software, a 900-person company in San Mateo, California, is taking the opposite approach, actively encouraging employees to spend time on Facebook — at least an hour each week — to keep their profiles current, interact with clients and fellow employees, and recruit from among Facebook’s millions of prospects…er…profiles. In addition, the company has set up an employees-only group to act as a rudimentary intranet where employees can share documents and videos and update business information. Heather Green has the full story on BusinessWeek‘s Blogspotting blog.

Thanks to Tony Molloy for pointing me to a post by Ross Dawson pointing out an article in Australia’s Daily Telegraph headlined, “Give staff Facebook or risk losing them.” Here’s a taste of the article (and huge kudos to John Holland for recognizing the anti-access hype for what it is, correcting a mistake, and recognizing some of the value the accrues from open access):

John Holland, which employs approximately 4000 people nationwide, recently locked out its employers from Facebook, but after several weeks decided to restore access.

“It got closed down because there was this fear in the market that it was going to destroy the whole world,” Mr Stewart said.

“Yet, they let people talk on their phones, and let them go out and have a cigarette and talk on their mobile phones, but they closed down what is a fundamental communication tool to probably more than half of our workforce.”

Mr Stewart said issues such as internet access and monitoring were crucial when it comes to attracting employees.

An article in SearchCIO.com asserts that the hoopla over companies banning Facebook access may be overblown. Citing a study by the InfoTech Research Group in Canada, the article by Shamus McGillicuddy contends, “Despite security and bandwidth worries, fewer than half of IT managers recently polled ban employee use of consumer-oriented social networking Web sites such as Facebook and MySpace.”

While it’s great to hear that 54% of companies aren’t blocking, the fact that nearly half are restricting access should cause jaws to drop. Nearly half of employees are kept from these services, resulting in lost business  opportunities and reduced employee engagement. It’s also hardly reassuring to learn that the main reason companies aren’t blocking is because they have other priorities and not out of a recognition that the benefits of providing access outweigh the risks.

The article also cites an American Management Association study that finds:

65% of U.S. businesses block connections to inappropriate Web sites, such as pornographic or sports gambling sites, a practice called URL filtering.The chief reason businesses block access to Web sites is to prevent the spread of spyware and other forms of malware, said Lawrence Orans, an analyst at Gartner Inc. in Stamford, Conn. He estimates that about 20% of commercial organizations block social networking sites.

Hmm. Malware and spyware are of greater concern than the Human Resources issues that could arise from such behaviors. But again, such filtering often inadvertently blocks inoffensive and useful content. Keeping employees away from porn and gambling — and malware and spyware — should be a management issue, not a technical one. (I don’t block anything from myself at home and my reasonably priced anti-spyware and anti-virus packages have kept my computer from becoming infected. )

Some may take comfort from these numbers. I find them alarming.