We are about to publish an industry analysis report on corporate use of social media and have completed three large surveys as part of that effort: one on the business aspects of social, one focused on its IT implications, and another with end users. Here is some of what we’ve found:
- Social media use on corporate networks is up significantly. Our research found that 36% of corporate employees are using Facebook at work, up from 28% 12 months ago; Twitter use has gone from 11% to 17%; LinkedIn from 22% to 29%.
- Most organizations have a social media policy—sort of. Only 22% of organizations have a formal, detailed and thorough social media policy, while another 53% have only a general policy.
- Malware is rampant in social media. Among organizations using Facebook, 24% have had malware infiltrate their corporate networks; the figures for Twitter and LinkedIn are 7%. However, a significant proportion of the IT-focused individuals we surveyed are simply not sure if they have been the victims of malware via social media or not.
- Monitoring and screening is minimal. The vast majority of organizations ask their employees to comply with corporate policies, but they do not monitor, screen or otherwise manage content on public social networks.
- Decision makers are concerned about a variety of risks. More than 40% of organizations are concerned or extremely concerned about employees wasting time using social media, employees divulging sensitive or confidential information via social media, and employees using their corporate social media account to say something damaging to their company’s reputation.
- Many employees have been fired because of social media posts. Our research found that one in six organizations have fired an employee because of something they posted on social media.
- Enterprise social media is not widely deployed. Despite all of these problems, fewer than one in five organizations have yet deployed a true enterprise-grade social media platform.
What this research is telling us is that social media in the workplace today is where email was during the mid-1990s: rapidly growing use, but little oversight of or insight into that use. This leaves organizations vulnerable to a wide range of threats, including malware infiltration, data leaks, a failure to archive corporate records posted via social media channels, and other risks that are far more costly than the technologies that could be deployed to protect against them.