IT managers must engage with social media sites and encourage its use in the workplace if its security risks are to be minimised, a Gartner analyst has warned.
In Sydney for next week’s Gartner Symposium, Computerworld Australia spoke to Gartner analyst, Andrew Walls, who said using social media was vital for IT managers.
“They need to actually be using the stuff itself,” he said. “You can not manage something that you don’t have experience in. Security personnel and CIOs need to be involved in social networks, just so they know how it works.”
With IT managers being warned that restricting access to social media can seriously damage their business, Walls said he discourages a flat-out block “unless there is a massive risk issue”.
“Simply blocking it does nothing,” Walls said. “What has to happen is that we have to work with our personnel so they self-censor, self filter [so] they are aware when it is appropriate or inappropriate to have certain conversations.”
Building an appropriate conversation among staff about the use of social networking sites includes shifting the focus away from technology, Walls said.
“Stop focusing on technology, technology is not going to secure your organisation,” he said. “The issue with social media is that at the end of the day, security is always about human behaviour and we can try and control it with technology.”
Maintaining a positive reputation online was equally important to Walls, who said monitoring Twitter feeds and other forms of social networking news feeds was vital.
“You need to control social media through a combination of policy, technology [and] education…you also need to monitor certain clients,” he said. “You need to look out there into the social media world and look to see what people talking about”
With recent debate arising around whether or not IT managers should be responsible for formulating a social media policy, Walls said this any kind of policy was not a solution.
“I discourage the creation of policies [because] they’re specific to a piece of technology,” Walls said. “At the end of the day, this is a communications policy.”