Does anyone here have a corporate policy for social media at work? If so, how did you implement it?

Social media platforms benefits and limitations are based largely on what you do on these platforms and don't do on them. For example, I am very clear that anything I say online would be the same words I would use face to face. I also am very clear that anything I say online are things I am comfortable being online, forever. These are some of the basic principles I think are useful to include as part of a social media usage policy. 

Technology without supplementing with process and people is inadequate. A Social Media Policy is still required. A holistic security awareness programme including quizzes are needed to test their awareness eg not posting any corporate-sensitive materials into social media.

CASB tools (MCAfee, Symantec, Netscope, etc.,) offers advanced threat prevention and granular data protection controls across all cloud services and applications to secure network traffic, workloads, and data cloud-enabled architecture. These tool sits between the users and their applications to provide full inline threat protection, data loss prevention, and cloud application control. It enables the organization to gain a deeper understanding of cloud usage and to enforce governance policies, following users on or off network. The solution protects against data exfiltration via risky cloud applications; detects insider threats, compromised accounts, and malware; and enforces data security controls, such as encryption and contextual access. The solution provides deep discovery and visibility capabilities—(thousands of cloud services) and across registry security attributes, and assesses the risks associated with each cloud service. The tool cloud governance capabilities help organizations enforce granular cloud usage policies using multiple parameters: category, risk, attribute, or compliance.

We have well publicized and comprehensive policies on what is appropriate for social media. However, we do not have technical controls in place preventing users from breaking those rules.

Companies are beginning to implement cloud access security broker (CASB) to enforce corporate policy, as many social medias are cloud services (SaaS).