Your employees are using social networks at work, whether they're allowed to or not. According to Palo Alto Networks' May 2011 Application Usage and Risk Report, Facebook and Twitter are in use at some 96 percent of organizations.
The problem? According to Panda Software's Social Media Risk Index (PDF)5, one-third of small to midsize businesses have succumbed to malware infections distributed via social networks, while nearly one out of four organizations lost sensitive data when employees spilled the beans online.
"The behavior of people using social media is like their behavior using email 10 years ago," says Rene Bonvanie, vice president of worldwide marketing for Palo Alto Networks. "With email, we've learned to never click on anything. But inside social media, people click on every tiny URL because they trust the sender. That's why botnets we successfully rebuffed five years ago are now coming back via social media. It's a big risk and we see it all the time."
Even organizations that use social media security solutions or data loss prevention tools can't keep Facebook fans or Twitter heads from spilling company secrets or other embarrassing facts to the world, says Sarah Carter, vice president of marketing for Actiance, a maker of Web 2.0 security tools.
"What's most important is education," says Carter. "Educate, re-educate, and educate again. Put technology-coaching solutions in place, where you can remind users of the risks regularly and remind them also of your company policy about visiting sites that are not relevant to business."
It's the dream of every IT department. If they could only get those needy users off their backs they might get some actual work done. But despite investments in online knowledge bases and automated support solutions, the notion that organizations can ditch their help desks is still the stuff of science fiction, says Nathan McNeill, chief strategy officer for Bomgar, a maker of remote support appliances.
"IT can deflect a big chunk of common issues -- like password resets -- with self-service, but it will always be more cost-effective to have humans handle the one-off and more complex issues," he says. "Even if the technology miraculously works 100 percent of the time, users won't be able to figure it out 100 percent of the time. As long as technology keeps evolving, humans need to be around to evolve IT support."
Instead of self-service, organizations would do better to invest in remote assistance solutions, says Chris Stephenson, co-founder of management consulting firm Arryve.
"Many organizations build a database of questions and leverage workflows to help drive end-users to an online answer," he says. "In reality, end-users are more frustrated when they finally talk to a support person. The investment in self-help support would be much better replaced with remote assistance in many situations where the support staff can gain access to the user's computer immediately and solve the problem directly."
Call it Rodney Dangerfield Syndrome: No matter how hard they work or how vital they are to an enterprise's very existence, IT pros shouldn't expect to get a lot of respect outside their own ranks.
"What IT people want is to be appreciated, valued, and understood," says Steve Lowe, founder and CEO of Innovator, a custom software developer. "And they so rarely are."
Depending on the circumstances, IT is usually either perceived as Santa Claus (bringing cool new toys for all the business girls and boys), Dr. No (only interested in keeping users away from the resources they need to do their jobs), or the NSA (monitoring their every Internet move for suspicious activity and cutting them off), Lowe says.
The best way to finally get some respect? Earn it every day, Lowe says.
"The main thing IT leaders can do to counter these misconceptions is to focus on providing extraordinary value to the company in any way they can," says Lowe. "Find a place where a little technology will have a huge payoff, and just do it. Success is very difficult to argue with. If you can show that IT makes a difference, that makes it easier for executives to give IT the respect it deserves."
This story, "10 Hard Truths IT Must Learn to Accept" was originally published by InfoWorld.