This week, two major organizations have made headlines by banning social networking in one way or another. The United States Marines have issued a direct order from the top that all social media is banned on Marine networks and computer devices for a period of one year. At the same time, the NFL has banned players from using Twitter.
Social media hasn’t been banned by all branches of the military. The United States Army has officially embraced Twitter as a means of pseudo-public relations and microblogging the story of their efforts in Afghanistan.
That said, perhaps it should be banned. There have been a number of high profile leaks or breaches of sensitive information via social networking. In February of this year Congressman Pete Hoekstra (R-MI) tweeted sensitive information regarding his movements while in Iraq including “Moved into green zone by helicopter Iraqi flag now over palace. Headed to new US embassy Appears calmer less chaotic than previous here [sic].”
It doesn’t even have to be the individual in question posting the information. A more recent leak occurred when the wife of the head of Britain’s MI6 foreign intelligence service posted details about where they live and work, who their friends are, where they go on vacation, and other sensitive information on her Facebook page.
Contrast those violations of confidential and national security type information with whether or not NFL football players are allowed to tweet from a locker room and it seems like a silly comparison. The justification from the NFL is that players may speak too openly about the conflicts and drama that go on in the locker room or leak injury information that the team would rather their opponents not be aware of.
Certainly NFL injury reports pale in comparison with military troop movements or secret information with national security implications. Put in proper perspective, the risks are not even in the same league. However, relative to the organizations involved these risks are still real and they have their reasons for wanting to control access to social networking.
All enterprises should examine the security risks of allowing employees free access to social networking and weigh them against the potential value. Aside from morale or good will, companies gain little from allowing everyone to use Twitter and Facebook. Social networking has a place as a marketing and communications tool and should be leveraged by those individuals tasked with those responsibilities. But, for average employees social networking invites security risks and saps productivity without adding value for the company. I am not sure at what point social networking became a right or entitlement, but people can still communicate the old-fashioned way--via e-mail or SMS text message.
Tony Bradley is an information security and unified communications expert with more than a decade of enterprise IT experience. He provides tips, advice and reviews on information security and unified communications technologies on his site at tonybradley.com .