Does anyone here have a corporate policy for social media at work? If so, how did you implement it?

18.8k views5 Upvotes6 Comments

Director of Information Security Operations in Consumer Goods, 1,001 - 5,000 employees
We are using our Palo alto web filtering to align with that policy
Assistant Director IT Auditor in Education, 10,001+ employees
Companies are beginning to implement cloud access security broker (CASB) to enforce corporate policy, as many social medias are cloud services (SaaS).
Senior Security and Compliance Auditor in Software, 1,001 - 5,000 employees
We have well publicized and comprehensive policies on what is appropriate for social media. However, we do not have technical controls in place preventing users from breaking those rules.
Assistant Director IT Auditor in Education, 10,001+ employees
CASB tools (MCAfee, Symantec, Netscope, etc.,) offers advanced threat prevention and granular data protection controls across all cloud services and applications to secure network traffic, workloads, and data cloud-enabled architecture. These tool sits between the users and their applications to provide full inline threat protection, data loss prevention, and cloud application control. It enables the organization to gain a deeper understanding of cloud usage and to enforce governance policies, following users on or off network. The solution protects against data exfiltration via risky cloud applications; detects insider threats, compromised accounts, and malware; and enforces data security controls, such as encryption and contextual access. The solution provides deep discovery and visibility capabilities—(thousands of cloud services) and across registry security attributes, and assesses the risks associated with each cloud service. The tool cloud governance capabilities help organizations enforce granular cloud usage policies using multiple parameters: category, risk, attribute, or compliance.

VP of IT in Software, 1,001 - 5,000 employees
Technology without supplementing with process and people is inadequate. A Social Media Policy is still required. A holistic security awareness programme including quizzes are needed to test their awareness eg not posting any corporate-sensitive materials into social media.
Director of Legal in Software, Self-employed
Social media platforms benefits and limitations are based largely on what you do on these platforms and don't do on them. For example, I am very clear that anything I say online would be the same words I would use face to face. I also am very clear that anything I say online are things I am comfortable being online, forever. These are some of the basic principles I think are useful to include as part of a social media usage policy. 

Content you might like

Reviewing hiring/onboarding practices34%

Instituting maternity and paternity leave45%

Setting targets or goals for diversity in leadership52%

Providing support in the form of mentors, sponsors and resource networks44%

Scheduling inclusive networking events17%

Other (please share below!)4%


2.3k views1 Upvote1 Comment

Director of IT, Self-employed
Morning Warren, we're going through an ERP upgrade. Happy to trade notes and insights if you're interested? Thanks, Louis (Technology Director at Loaf).

1.6k views2 Upvotes1 Comment

Isolated IT assets12%

Limited remediation ability23%

Phishing attacks31%

Password sharing8%

Unsecure networks12%

Using personal devices for work8%

Using work devices for personal3%


2.3k views2 Upvotes2 Comments