Forgot your password?
typodupeerror
Businesses Communications Social Networks

Businesses Struggle To Control Social Networking 131

Posted by Soulskill
from the some-struggles-are-doomed-to-failure dept.
Lucas123 writes "Businesses in highly regulated industries are trying to strike a balance between workers who use social networking sites such as Twitter, Facebook, and LinkedIn to communicate, and trying to satisfy federal requirements to monitor, capture, and audit all forms of electronic communications. As with instant messaging a decade ago, corporations are first blocking all access to the applications, and then considering what tools may be available to control them in the future. A cottage industry is being built around software that can not only control access to social networking websites but also ensure conversations over those websites can be stored for electronic discovery purposes."
This discussion has been archived. No new comments can be posted.

Businesses Struggle To Control Social Networking

Comments Filter:
  • by eviloverlordx (99809) on Monday May 10, 2010 @03:13PM (#32160184)

    Aren't these people supposed to be, you know, working?

    • by the1337g33k (1268908) on Monday May 10, 2010 @03:16PM (#32160226)

      Exactly, thats what I do. The company pays people to work, not play farmville.

      • by andrewd18 (989408) on Monday May 10, 2010 @03:17PM (#32160254)
        Or post on Slashdot.
        • Shhh... hehe

        • by poetmatt (793785)

          if only our raises were based on slashdot karma. I'd be a millionaire!

          • if only our raises were based on slashdot karma. I'd be a millionaire!

            And your raise would be max $50.

        • Re: (Score:3, Interesting)

          Slashdot has saved the place I worked more time than I've wasted reading it. I've learned how to do stuff that I would never find reading Tech Manuals and taking classes.

          Practical application of practical experience is way better than theoretical classes on optimal situations.

          In theory, theory and practice are the same, in practice they are not.

          • by IANAAC (692242)

            Slashdot has saved the place I worked more time than I've wasted reading it. I've learned how to do stuff that I would never find reading Tech Manuals and taking classes.

            How so?

            I've not thought of Slashdot as a tech-learning/tech-howto site for years.

            I say this in all seriousness. Most everything I read on Slashdot comes from another site I've visited earlier.

            I suppose there's the "Ask Slashdot" section, but let's take a look at the last few entries in that section:

            - Can We Legislate Past the

            • by BigDXLT (1218924)
              Pssst, dude, shut up! You're gonna blow our cover!
            • by Jeng (926980)

              One that has helped me at my work was the announcement of Microsoft dropping the requirement for hardware support of the XP mode in windows 7.

              It doesn't have to be a how to or such, it just has to be informative.

              It just has to be News for Nerds.

              • by IANAAC (692242)

                One that has helped me at my work was the announcement of Microsoft dropping the requirement for hardware support of the XP mode in windows 7.

                Was Slashdot really the first place you read about it? And did it really save your place of work?

                The exaggeration in the post to which I replied was my point.

                • by Jeng (926980)

                  You seem to be imaging a whole lot more excitement in my post than what it contains.

                  And where did that "save ones place of work" qualifier come in? Only needed to be useful, and yes I read about the change on Slashdot first.

                  I ain't exaggerating jack shit, that's just you adding more to my post than what it contains.

                  Oh, wait nm, the "save ones place of work" qualifier came from a post from someone else, not mine, so get things straight and bitch at someone else.

            • Re: (Score:3, Interesting)

              Things I've learned about on Slashdot, while waiting for old style shit to get done ....

              I learned of RIS (WDS) on /. and was getting ready to deploy it when I heard about DriverPacks on /. and then about using MSI based silent installers, and combined them all to now set up a workstation from scratch.

              Before I read about such things on Slashdot, I used to run around and use Windows XP CD to install XP by hand, manually typing in Product keys and what not. Four to six hours of babysitting installs. Per comput

              • THAT is just one example of a "how to" found within the comments of /. Oh, BTW, this solution cannot be found anywhere in any training for any certification that I've ever seen.

                Back in 2004/2005 when I was working on Linux-based clusters for a company, I got to wondering if this could be done with Win-based PCs - my curiosity came from the fact that I could easily do this with individual Linux nodes when they went bad due to hardware failure, or whatever other reason for the failure.

                So I went searchin

                • Surely, the obvious difference between your two posts, in my view as a third party...is that you knew what you were looking for. The OP sounds like he happened upon a comment that showed him a completely new way of doing things, that he wouldn't otherwise have considered. *I* wouldn't have known about silent windows installs or slipstreaming etc. had I not seen it on Slashdot. Though, admittedly, my workday isn't spent re-installing/re-imaging Windows machines.

                  There are a couple of examples, though my me
                • Microsoft tells you how to add DriverPacks to RIS images?

                  I don't think so.

            • He clearly works at a software company where he makes High quality web cam videos in H.264 for a potentially illegal over encrypted game concept they are pitching about Obama's missing open source advisor for non IT personnel. That dude probably is worried he's going to lose his job TO /.
            • Re: (Score:3, Informative)

              by b4k3d b34nz (900066)

              It's usually in the comments that I find gems of knowledge (or stupidity), not the stories.

              For gems of stupidity I just wait until kdawson's shift.

            • by cynyr (703126)
              who says he read those? maybe it was the one about the new virus and how to clean it up?
            • Ah...I replied further down the thread before I saw exactly why your panties are in such a bunch. Reading comprehension oversight/failure.

              OP wrote:

              Slashdot has saved the place I worked more time than I've wasted reading it.

              In this sentence, the thing that has been saved is time.You stopped reading after:

              Slashdot has saved the place I work

              Which is why you're so incredulous, why you were whipped up into too much of a frenzy to re-read the OP's post, and why you wrote:

              Do any of those qualify for saving a workplace?

              His point was that the time saved as a result of reading Slashdot has exceeded the amount of time spent reading Slashdot.
              i.e. there is a net benefit t

        • My code's compiling.
      • The company pays people to work, not play farmville.

        Then the company is stupid. We have decades' worth of scientific and anecdotal evidence that putting human monkeys in tight little boxes is Not A Good Thing, both for the monkey and the maker of the box.

        My employees have two rules to follow: 1. Get the job done. 2. Don't embarrass the company. Compliance with them ensure a wide variety of perks and other 'human' touches which both they and I appreciate. Anything not covered by the two rules is already small potatoes and not worth pulling your hair out. Everybody wins.

        Disclaimer: This management method looks like it would be a bitch to scale. Not my fucking problem, thank Cthulu.
        • Re: (Score:1, Flamebait)

          by BitZtream (692029)

          Other than the typical slashdot self-entitlement 'research' you're going to have to give some sort of citation to backup your claim.

          I would have to say that the exact opposite has been shown.

          • I have no idea what you're talking about. It may help if you quote the relevant bit of text you are responding to.
        • Re: (Score:3, Interesting)

          by value_added (719364)

          My employees have two rules to follow: 1. Get the job done. 2. Don't embarrass the company.

          Seems reasonable, but Number 2 may be harder than you think [inc.com].

        • by bennomatic (691188) on Monday May 10, 2010 @03:56PM (#32160760) Homepage

          Disclaimer: This management method looks like it would be a bitch to scale.

          Good point; it may be worth considering that if your company is so big that treating people like human beings doesn't scale, it's time to break up into smaller, more manageable units.

          I read somewhere that 3M Corp actually does that, breaking off independent business units for each product line. As soon as a particular unit gets to be above 300 people, they figure, they can safely be split in two. If one of the two parts can't survive on its own, they let it die, as it was probably a drain on the bottom line anyway.

        • by lgarner (694957)

          "My employees have two rules to follow: 1. Get the job done. 2. Don't embarrass the company."

          Generally a good thing, but this indicates that you're not in one of the "highly regulated" industries to which the article refers. It's a very different game.

          • Re: (Score:3, Interesting)

            Actually, I am, since we're a law practice.

            But another one of the things I do "different" is that I hire people based on brains, not skills or experience. Not that the latter two aren't important, but that having brains will get you skills and experience, but skills and experience don't get you brains.

            I also pay more than everybody else. The point: Compliance is easy. Trust is hard. Guess which one I've decided to concentrate my energies and money on?
        • Re: (Score:3, Interesting)

          by grcumb (781340)

          Then the company is stupid. We have decades' worth of scientific and anecdotal evidence that putting human monkeys in tight little boxes is Not A Good Thing, both for the monkey and the maker of the box.

          Amen.

          The only thing we need to do to get a proper perspective on this problem to change the headline slightly:

          Businesses Struggle to Control Their Staff

          Suddenly, it becomes crystal clear that this is an administrative issue more than it is a technical one. Yes, compliance with federal regulation is a daunt

        • Disclaimer: This management method looks like it would be a bitch to scale. Not my fucking problem, thank Cthulu.

          Best. Disclaimer. Ever.

          You managed to get profanity, apathy and your undying love for the Great Old Ones combined into one golden nugget. Hats off to you, sir!

        • by yuhong (1378501)

          Disclaimer: This management method looks like it would be a bitch to scale.

          Why?

        • Disclaimer: This management method looks like it would be a bitch to scale. Not my fucking problem, thank Cthulu.

          IDK, it's pretty much how academia works. Maybe without #2, even (depends on just how embarrassing and in what direction). Some schools only have a couple hundred faculty, but the largest state schools can have a couple thousand, plus other research staff. And all that matters is getting your job done - other than the time you're actually teaching a class, nobody cares where you are or what yo
      • by ls671 (1122017) *

        hehe that's kind of what what I posted 2 hours ago but thanks to a /. error my post ended up in the wrong thread. This summary was scheduled to be posted at 1:27 PM eastern time for a while instead of 3:09 PM...

        Short story: I agree with you but I went a little farther and my concern wasn't really if people were working or not but if information leaked through those sites. Bear in mind that people can still leak clues about sensitive information at night, when off their working hours...

        My solution might seem

    • by swanzilla (1458281) on Monday May 10, 2010 @03:20PM (#32160292) Homepage

      Aren't these people supposed to be, you know, working?

      There exist lines of work that both require access to social media sites, and require capture/reporting of said access.

      RFTA. It is quite interesting.

    • by blair1q (305137)

      There are those who not only like the idea of turning every waking second (and sleeping, if they can manage it) of your life into an opportunity for you to absorb advertising and propaganda, but have contracted with others to be paid very large amounts of money to ensure such a world becomes inevitable.

    • by Danathar (267989)

      We are.

      What's the matter? Doesn't your job revolve around social networking sites and virtual worlds? No? Maybe you should get a cooler job.. :)

    • In some cases, your work is your social network. I work as a sysadmin for an insurance agency, and probably the most important day-to-day function for the insurance agents here is keeping in touch with clients. The ones that are "hip" enough to know about Facebook et al can see the value these things could have in doing business, but nobody has any delusions of being able to use one in any useful fashion because of regulatory compliance.

      First, the only social networking site you're allowed to have a profi

    • For some people, posting on social networking sites is their work. Three quarters of the users here are Microsoft shills, and the other two thirds are Applostles.

    • by numbski (515011)

      ssh -D 1080 me@myhouse

      Firefox, socks proxy, localhost 1080.

      Done. :P For extra credit, set Firefox to resolve DNS across the sock proxy, and exclude your work internal LAN.

    • marketing there are lot of people on face book that they can sell to.

    • by vux984 (928602)

      Why not block them entirely?

      Well, for one thing, because between iphones, blackberries, androids, and windows mobiles, pretty much everyone and their dog can trivially bypass any corporate controls.

      What's the solution? Prevent employees from bringing their cellphone to work? Except in isolated scenarios that just isn't going to be enforceable, or even practical.

    • This is what they did for us. Except the forgot to think the plan thru and when our department (WEB) had three clients needing FB and Twitter integration, we had to get an firewall exception.

  • It was on my friend's Facebook wall.
  • WTF?!? (Score:3, Interesting)

    by khasim (1285) <brandioch.conner@gmail.com> on Monday May 10, 2010 @03:17PM (#32160242)

    From TFA:

    Social networking sites have proved valuable for sales-lead generation, marketing and general broker-client relations, but regulators have been quick to take notice and to offer the same warnings they did more than a decade ago when e-mail and instant messaging (IM) became common.

    Seriously. What idiot wants his financial transactions posted on FaceBook?

    • Re: (Score:1, Funny)

      by Anonymous Coward

      Someone hoping to manipulate the market in some small way? Even if its a few percent you can make loads
      like I did with P&G the other day.

      • Someone hoping to manipulate the market in some small way?

        The problem with that is that you're only scamming the people who have already "friended" you.

        And you're scam has to be visible to them. So if they "friend" anyone who asks, your message will probably be lost in the regular flood of messages.

        I think this article is just badly written.

    • Re:WTF?!? (Score:4, Interesting)

      by MozeeToby (1163751) on Monday May 10, 2010 @03:52PM (#32160706)

      There's rules about what financial advisers can and can't advertise with. Basically, everything they put out to the customers usually has to be put through their broker dealer's compliance department. "Offering the same warning they did more than a decade ago" just means reminding them that if you're using Facebook or Twitter to communicate with your clients you better be putting it through compliance first.

    • Seriously. What idiot wants his financial transactions posted on FaceBook?

      Twitter is clearly the place for all of your financial transactions [blippy.com].

  • by HungryHobo (1314109) on Monday May 10, 2010 @03:19PM (#32160280)

    I mean there are enough almost trivial ways to hide information in pretty much any channel when the 2 parties get to meet up before hand to agree a protocol.

    I'd almost ask why the even try.

    "hi, mike, what time's the meeting today" or "Morning,how're the kids" can carry enough information to let someone game the system.

    Social networking just adds a few bands.

    • 20 degree tangent here, but speaking of gaming the system, some marketers are wheeling out the line "Hi, I have $Boss 's cell number but I just don't have it with me. Can you give it to me?" They're trying to game the "OMG you blocked a call to $Boss" pressure.

      However, I drill back the reply "Great, so you can look his number up in your records can call him on his cell. Have a nice day."

      • by Zerth (26112)

        I've been getting the same thing but "oops, I misdialed your extension instead of $whomever. Could you just transfer me?"

        Considering my extension is the same digit 3 times, I can't see how they possibly misdialed.

    • by T Murphy (1054674)
      If you are correct that most electronic communication is in code and rendered useless, why are email and IM discovery rules still followed after a decade? The article mentions a case that started from one text message, so it seems capturing all electronic communication can be important, as there is real evidence to be found there. Watching people's email and not bothering with facebook would make it far too easy to get through the cracks, so it makes sense to cover all the bases.

      I agree it wouldn't be th
  • Actually, that reminds me... I have paperwork I should be doing.

    Good old personal responsibility... sigh.

  • by JustinOpinion (1246824) on Monday May 10, 2010 @03:22PM (#32160320)
    Hm. I wonder if we perhaps need to rethink the difference between communication and documentation. The current rule seems to be that in regulated industries, any electronic document is subject to documentation/retention requirements. However this comes from an old model, where documents were somehow "official". So things like face-to-face conversations, or telephone calls, were not required to be recorded and archived. But anything written on paper was supposed to be archived to create a paper-trail, and because these were the "official documents".

    In a modern world, some electronic documents (PDFs, word processor documents, emails, etc.) have taken the place of "official paper documents", and other electronic communications (instant messaging, social networking sites, etc.) have taken the place of the less-formal communication modes. (Obviously phones and face-to-face conversations still exist, also.)

    On the one hand, it seems like the more documentation we can retain in regulated industries, the better off we are. (In case of negligence or malfeasance, it makes it possible to assign blame, bring people to justice, avoid repeating mistakes, etc.) On the other hand, as long as we are allowing some communication modes to be informal or undocumented, then allowing other modes that are also undocumented doesn't seem to change much. (People who want to have secret conversations will surely find a way to do it.)

    I'm not sure what the right answer is. But I'm not convinced that making all electronic modes of communication subject to the same level of recording/documentation/archiving really makes sense.
    • Re: (Score:3, Insightful)

      by Anonymous Coward

      The problem is that in a regulated industry (in all industries, actually), there is no such thing as a communication that is not "official." If one of your agents makes a representation, and one of your stakeholders acts on that representation, then you are responsible for it. It doesn't matter how that representation was communicated. Whether or not the document was stamped "official" or not is irrelevant.

      What's happening now is that firms are given the tools for rapid and wide communication, and they a

      • Re: (Score:2, Insightful)

        by BuffaloBandit (955011)
        Agreed.

        The issue is that with an actual in person conversation, there is no ongoing record of that conversation and the content of that conversation are heresay. It's one person's word against the other, and without a tape recorder, no way to know what was actually said. With the various forms of new communication (of which I'll even include The Web), there are varying degrees of permanence. I can post a bad share price to my website for 15 minutes, and then correct the error, if someone buys a share of m
      • by russotto (537200)

        The problem is that in a regulated industry (in all industries, actually), there is no such thing as a communication that is not "official." If one of your agents makes a representation, and one of your stakeholders acts on that representation, then you are responsible for it. It doesn't matter how that representation was communicated. Whether or not the document was stamped "official" or not is irrelevant.

        Of course this isn't so. If you decide to sue the company I work for based on something I said on Sla

    • by istartedi (132515)

      I can't help but be reminded of the whole, "we had lots of valuable meetings" followed by "What was captured from those meetings?" from a consultant, followed by (blank stare) from workers the consultant was brought in to help.

      Moving stuff onto social networks is actually a leap forward in this regard. It's a lot easier to parse logs from social networks than it is to search audio-visual records of meetings, at least with present technology. Perhaps in the future, you'll be able to enter a simple text sea

    • by T Murphy (1054674)
      Turn the problem around: With phone calls and face-to-face conversations, you can have witnesses who noticed the suspects frequently talking in the hall, what they talked about, whether they seemed suspicious, etc. You won't have as many/any witnesses of someone sending emails or posting to facebook, so recording all of this is your best substitute.
    • by Yvanhoe (564877)
      One of the things this model tries to prevent is an agreement on price fixing. However, it has been demonstrated that the sole ability to modify prices is a good enough communication medium to recognize calls for a price-fixing. Maybe it is time that we update these practices ?
  • by Darth Sdlavrot (1614139) on Monday May 10, 2010 @03:22PM (#32160328)

    Stockbrokers with smartphones. Ain't going to stop 'em.

  • by Anonymous Coward

    To paraphrase Process Leia, The more you tighten your grip, the more slips thru your fingers.

    Where I work (the stuff I do when not commenting on Slashdot), they're in the process of trying to harness LinkedIn to increase sales, however, alot of people have difficulty with the concept. The old model consisted of cold calls and "walking the streets". The new hustle is e-mails and add me as your friend.

    Trying to teach a fifty year old salesman what his granddaughter does with ease is almost baffling.

    Ma

    • by khasim (1285) <brandioch.conner@gmail.com> on Monday May 10, 2010 @03:44PM (#32160632)

      The reason for the documention (and control that such requires) is to keep the company on the right side of the law.

      Being able to show the EXACT communication that took place can save a lot of money in fines.

    • Trying to teach a fifty year old salesman what his granddaughter does with ease is almost baffling.

      I'm fifty years old you insensitive clod. But I'm a software developer, not a sales drone.

      I'm sure there some 50 year olds out there with grandchildren. I'm not one of them. Yes, I'm sure.

      I had a laugh the other day when I told my daughter (recent uni. grad), and her friends who she was skyping with, about snakes, baby chicks, and chatroulette.

      Go figure.

      • by Zerth (26112)

        Oh, please tell me that it involved feeding one of those animals to the other and and thus horrifying chatroulette users in a way that won't put you on an offender list.

        • tell you? Or don't tell you?

          Yes, it involves the threat of feeding the chick to the snake.

          No, I don't know this from firsthand experience.

          It is alleged to be an effective tactic.

          I hope I don't need to explain any more than I already have.

  • by Gothmolly (148874) on Monday May 10, 2010 @03:38PM (#32160554)

    Websense can suck it.

    • by BitZtream (692029) on Monday May 10, 2010 @03:51PM (#32160700)

      If you think you're special because you can do that to get around a block then you are confused. If you can use this sort of workaround then your admins are either idiots or don't actually want to stop you, they just want you to go out of your way enough that its obvious you were breaking the rules.

      Either way, you aren't special.

      • by StikyPad (445176)

        He might not be special, but there's really no way to prevent tunneling short of blocking all potential addresses and protocols, which is pretty much all of them in either case. So there's really no way. Hell, I've used www-over-email. Is that an administrative oversight too?

      • Re: (Score:3, Interesting)

        by jroysdon (201893)

        Meh, when done right, it just looks like a long ssl and/or vpn tunnel session.

        You really cannot do much to filter/firewall this sort of bypass for the technical user. Unless you allow whitelist-only access to https/ssl sites and/or force corporate-only machine access with corporate-installed SSL CAs that decrypt SSL traffic and re-encrypted (putting the corporate proxy as a man-in-the-middle) you have no way to stop this.

        The real trick is blocking all "leaking" dns and apps. Socks leaks badly, as does fla

  • by Message (303377) on Monday May 10, 2010 @03:47PM (#32160670)

    The DoD has been struggling with this same issues as well, they recently issued guidance that opened up social media on their networks.

    http://socialmedia.defense.gov/index.php/2010/02/26/dod-official-policy-on-newsocial-media/ [defense.gov]

    • by Animats (122034)

      That's just a statement that the DoD unclassified Internet won't block social networking sites. Anybody on there can already send email, etc., so it's not really a security issue.

      Interestingly, DoD has a policy that all email with attachments on the unclassified net must be digitally signed by the sender. This doesn't guarantee that the attachments don't contain hostile code, but it makes it easy to track where the hostile code came from. DoD already has a large-scale public key infrastructure, and th

  • Only Marketing/PR has access to Facebook and Twitter. Even our public wireless access points don't have it. What's funny is that every once in a while they have a drawing or promotion to get employees to follow or friend the company's accounts. The links to the Facebook and Twitter accounts are on the default home page for all the internal browsers.

  • What with the library of congress archiving every twit and facebook allowing private data access to 3rd party companies, it seems like data retention is already being done for you.

  • FaceBook Enterprise Edition

    Twitter Pro

    Slashdot Corp Subscription

    A service where your company opens an account with the social networking site, you submit the IP addresses of your DNS servers, or reconfigure your proxy to point to their 'corporate access IP'.

    All Employees accessing the site through the enterprise intranet get a special version of the site that archives exactly all activities that are performed from the enterprise.

    A flag controls what type of access they have to the medium at

No skis take rocks like rental skis!

Working...