Tuesday at Gartner’s Security and Risk Management Summit, research director Andrew Walls told attendees that although infosec pros may worry that social networking will lead to uncontrolled malware outbreaks, phishing, breaches of confidentiality and trade secrets, and even damage to the corporate reputation, trying to take control or even block its use is akin to monitoring employees’ home phone calls and rifling through their postal mail.
“All this message traffic is not in your infrastructure,” Walls said. “It all takes place out there in the cloud,” plus it can be accessed from anywhere, and users’ privacy settings can make monitoring nearly impossible. “At the root of it is staff productivity, and security isn’t responsible for monitoring and managing the productivity of the organization.”
Some believe social media represents a growing platform for malware distribution, but Walls countered that argument, noting that antimalware vendors he’s spoken with say social networks are being victimized by the same malware plaguing email and websites. “So if I’m going to block social media on the basis of malware distribution,” Walls asked hypothetically, “why not block email?”
The article goes on at some length to chronicle Walls’ arguments against blocking social media in the workplace, even making a vital point that has been at the heart of my argument: Organizations will, he said, come to realize the value of hiring someone who possesses a vast social network. “The most valuable people,” he told the audience, “are going to be the ones who demand social media the most.”
The entire post is well worth your time particularly if you’re trying to make the case against blocking in your organization.