The majority of UK employees have not been provided with clear guidance on using social media networking sites, according to a new study1 from Protiviti Inc., a global business consulting and internal audit firm.
Of those with access in the workplace, almost 39 percent indicated that there is no policy in place regarding social media networking and a further 24 percent are unaware of any such policies. Companies without adequate social media policies are placing themselves at risk of security breaches and reputational damage, among other issues, warns Protiviti. Social media usage in the workplace has grown enormously in recent years with more than half (51 percent) of workers surveyed now claiming to engage with a social networking site whilst at work. Almost a third (30 percent) of workers use sites such as Twitter, Facebook and LinkedIn on a daily basis, while more than five do so several times an hour.
Jonathan Wyatt, Managing Director, Protiviti UK said, “The global social media landscape has changed so dramatically and so quickly that many companies are struggling to keep up. We’re seeing a growing number of cases where firms have vague or out-of-date social media policies that are unenforceable if inappropriate activity takes place. It’s extremely worrying that only a quarter of workers have been provided with any real guidance regarding the use of social media sites.”
Unsurprisingly, those workers aged 18-24 years are the most regular users of social networking sites, with one in five (21 percent) claiming to engage with them several times an hour. This generational divide in the workplace poses a threat to firms with senior managers often unaware of whether their company’s HR and IT policies are adequate. “Many senior managers assume that their less experienced colleagues would not post inappropriate comments online and that they would think about the risks involved, but time and time again they are proven wrong,” said Wyatt.
Although more than a third (35 percent) of UK employees say that social media activity is not allowed in the workplace, this is an unsustainable policy as staff are still able to access social networks from home, posing the same potential risks to the company’s brand. Wyatt continues, “We recommend that companies have very clear policies targeted at issues specific to social networking. For instance, they should consider providing guidelines regarding the sharing on Facebook of photographs from corporate events and measures to mitigate potential accusations of favouritism resulting from a senior manager ‘linking’ to one employee but not to another. Likewise, guidance should be provided as to when a blog might be perceived to be a corporate forum. Such guidance should take into account the fact that personal blogs can also possibly damage the company’s brand.
“Although companies are already tightening up their social media policies, employees also need to take greater responsibility for their own actions when it comes to using these networks. Our research reveals that 14% of workers know of somebody who has been disciplined for inappropriate social media activity. We expect this number to grow dramatically as companies tighten their policies,” said Wyatt.
“This survey confirms many of the same points we are discussing with Protiviti clients around the globe,” said Kurt Underwood, Protiviti managing director and head of the firm’s global information technology solution group. “The benefits of social media are real, and use of this communications medium will likely only increase. However, for organisations to reap the full benefits, it is critical to take a customised, strategic approach to managing the risk of social media vs. just jumping on the bandwagon. It’s important for companies to determine what fits the purposes and culture of the organisation and its brand, then put in place the necessary policies, processes, technologies and roles to manage the risk. We also view managing the risk as a continual life cycle, not a one-time effort.”
Protiviti experts recommend that companies develop or update not only their social media policies, but they should also review all their HR and IT policies as many have become out-dated in the era of social networking. Wyatt concludes, “As well as the risks that businesses need to manage, there are also many opportunities presented by social media that businesses should be looking to exploit. CIO’s should be thinking strategically about how it is used both internally and externally.”