Businesses Struggle To Control Social Networking 131
Lucas123 writes "Businesses in highly regulated industries are trying to strike a balance between workers who use social networking sites such as Twitter, Facebook, and LinkedIn to communicate, and trying to satisfy federal requirements to monitor, capture, and audit all forms of electronic communications. As with instant messaging a decade ago, corporations are first blocking all access to the applications, and then considering what tools may be available to control them in the future. A cottage industry is being built around software that can not only control access to social networking websites but also ensure conversations over those websites can be stored for electronic discovery purposes."
Why not block them entirely? (Score:3, Insightful)
Aren't these people supposed to be, you know, working?
Re:Why not block them entirely? (Score:4, Insightful)
Exactly, thats what I do. The company pays people to work, not play farmville.
Re:Why not block them entirely? (Score:5, Insightful)
Re: (Score:1)
Shhh... hehe
Re: (Score:2)
if only our raises were based on slashdot karma. I'd be a millionaire!
Re: (Score:2)
if only our raises were based on slashdot karma. I'd be a millionaire!
And your raise would be max $50.
Re: (Score:3, Interesting)
Slashdot has saved the place I worked more time than I've wasted reading it. I've learned how to do stuff that I would never find reading Tech Manuals and taking classes.
Practical application of practical experience is way better than theoretical classes on optimal situations.
Re: (Score:2)
How so?
I've not thought of Slashdot as a tech-learning/tech-howto site for years.
I say this in all seriousness. Most everything I read on Slashdot comes from another site I've visited earlier.
I suppose there's the "Ask Slashdot" section, but let's take a look at the last few entries in that section:
- Can We Legislate Past the
Re: (Score:1)
Re: (Score:2)
One that has helped me at my work was the announcement of Microsoft dropping the requirement for hardware support of the XP mode in windows 7.
It doesn't have to be a how to or such, it just has to be informative.
It just has to be News for Nerds.
Re: (Score:2)
Was Slashdot really the first place you read about it? And did it really save your place of work?
The exaggeration in the post to which I replied was my point.
Re: (Score:2)
You seem to be imaging a whole lot more excitement in my post than what it contains.
And where did that "save ones place of work" qualifier come in? Only needed to be useful, and yes I read about the change on Slashdot first.
I ain't exaggerating jack shit, that's just you adding more to my post than what it contains.
Oh, wait nm, the "save ones place of work" qualifier came from a post from someone else, not mine, so get things straight and bitch at someone else.
Re: (Score:3, Interesting)
Things I've learned about on Slashdot, while waiting for old style shit to get done ....
I learned of RIS (WDS) on /. and was getting ready to deploy it when I heard about DriverPacks on /. and then about using MSI based silent installers, and combined them all to now set up a workstation from scratch.
Before I read about such things on Slashdot, I used to run around and use Windows XP CD to install XP by hand, manually typing in Product keys and what not. Four to six hours of babysitting installs. Per comput
For what it's worth... (Score:2)
Back in 2004/2005 when I was working on Linux-based clusters for a company, I got to wondering if this could be done with Win-based PCs - my curiosity came from the fact that I could easily do this with individual Linux nodes when they went bad due to hardware failure, or whatever other reason for the failure.
So I went searchin
Benefit of the doubt... (Score:2)
There are a couple of examples, though my me
Re: (Score:2)
Microsoft tells you how to add DriverPacks to RIS images?
I don't think so.
Re: (Score:2)
Re: (Score:3, Informative)
It's usually in the comments that I find gems of knowledge (or stupidity), not the stories.
For gems of stupidity I just wait until kdawson's shift.
Re: (Score:2)
Re: (Score:2)
OP wrote:
Slashdot has saved the place I worked more time than I've wasted reading it.
In this sentence, the thing that has been saved is time.You stopped reading after:
Slashdot has saved the place I work
Which is why you're so incredulous, why you were whipped up into too much of a frenzy to re-read the OP's post, and why you wrote:
Do any of those qualify for saving a workplace?
His point was that the time saved as a result of reading Slashdot has exceeded the amount of time spent reading Slashdot.
i.e. there is a net benefit t
Re: (Score:1)
Re:Why not block them entirely? (Score:5, Insightful)
Then the company is stupid. We have decades' worth of scientific and anecdotal evidence that putting human monkeys in tight little boxes is Not A Good Thing, both for the monkey and the maker of the box.
My employees have two rules to follow: 1. Get the job done. 2. Don't embarrass the company. Compliance with them ensure a wide variety of perks and other 'human' touches which both they and I appreciate. Anything not covered by the two rules is already small potatoes and not worth pulling your hair out. Everybody wins.
Disclaimer: This management method looks like it would be a bitch to scale. Not my fucking problem, thank Cthulu.
Re: (Score:1, Flamebait)
Other than the typical slashdot self-entitlement 'research' you're going to have to give some sort of citation to backup your claim.
I would have to say that the exact opposite has been shown.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Why, because won't provide a link or proof of your statement and you expect to be taken at your word?
Actually, the last statement by you makes me think your original statement should be modded down. You offer no supporting evidence of your claim. Even when you have been asked for it
Re: (Score:2)
No, because both of you fail at reading comprehension and basic debating skills, LOL. Try again, see if you can go for a more nuanced and less lazy response this time.
Re: (Score:1, Troll)
No one did. Now do you understand why you fail at reading comprehension?
My problem with you fuck wad is you think you should be taken at your word with out any supporting evidence.
Fuckwad is one word, not two.
I completely understood your original post and agreed, but I still think your a flame bate just from your attitude.
Well, knock me over with a feather! Maybe if you had spent a little more time on your original comment, inste
Re: (Score:1, Flamebait)
Show me where that slang/cuss word is spelled specifically that way.
YHBT. YHL. HAND.
Re: (Score:2)
I knew you coldn't back up your posts.
Your a liar. Plain and simple.
Re: (Score:2)
Re: (Score:3, Interesting)
My employees have two rules to follow: 1. Get the job done. 2. Don't embarrass the company.
Seems reasonable, but Number 2 may be harder than you think [inc.com].
Re: (Score:2)
There is only one moral in there: Never, ever, ever give out your real info on places you don't want linked to you.
Re: (Score:2)
Re: (Score:2)
Re:Why not block them entirely? (Score:5, Interesting)
Disclaimer: This management method looks like it would be a bitch to scale.
Good point; it may be worth considering that if your company is so big that treating people like human beings doesn't scale, it's time to break up into smaller, more manageable units.
I read somewhere that 3M Corp actually does that, breaking off independent business units for each product line. As soon as a particular unit gets to be above 300 people, they figure, they can safely be split in two. If one of the two parts can't survive on its own, they let it die, as it was probably a drain on the bottom line anyway.
Re:Why not block them entirely? (Score:5, Insightful)
Re: (Score:3, Interesting)
See Dunbar's number [wikipedia.org]. This is a concept covered, as my Anonymous sibling is correct to believe, in The Tipping Point by Malcolm Gladwell.
Re: (Score:1)
Re: (Score:1)
"My employees have two rules to follow: 1. Get the job done. 2. Don't embarrass the company."
Generally a good thing, but this indicates that you're not in one of the "highly regulated" industries to which the article refers. It's a very different game.
Re: (Score:3, Interesting)
But another one of the things I do "different" is that I hire people based on brains, not skills or experience. Not that the latter two aren't important, but that having brains will get you skills and experience, but skills and experience don't get you brains.
I also pay more than everybody else. The point: Compliance is easy. Trust is hard. Guess which one I've decided to concentrate my energies and money on?
Re: (Score:3, Interesting)
Amen.
The only thing we need to do to get a proper perspective on this problem to change the headline slightly:
Businesses Struggle to Control Their Staff
Suddenly, it becomes crystal clear that this is an administrative issue more than it is a technical one. Yes, compliance with federal regulation is a daunt
Re: (Score:2)
Disclaimer: This management method looks like it would be a bitch to scale. Not my fucking problem, thank Cthulu.
Best. Disclaimer. Ever.
You managed to get profanity, apathy and your undying love for the Great Old Ones combined into one golden nugget. Hats off to you, sir!
Re: (Score:2)
Disclaimer: This management method looks like it would be a bitch to scale.
Why?
Re: (Score:2)
IDK, it's pretty much how academia works. Maybe without #2, even (depends on just how embarrassing and in what direction). Some schools only have a couple hundred faculty, but the largest state schools can have a couple thousand, plus other research staff. And all that matters is getting your job done - other than the time you're actually teaching a class, nobody cares where you are or what yo
Re: (Score:2)
hehe that's kind of what what I posted 2 hours ago but thanks to a /. error my post ended up in the wrong thread. This summary was scheduled to be posted at 1:27 PM eastern time for a while instead of 3:09 PM...
Short story: I agree with you but I went a little farther and my concern wasn't really if people were working or not but if information leaked through those sites. Bear in mind that people can still leak clues about sensitive information at night, when off their working hours...
My solution might seem
Re: (Score:2)
Yes, you can view your front page but that's it. Once you go there though, FB hammers you with requests for all the junk on the page with it's regular http address.
I monitor employee surfing and they figured out the https thing. Fortunately, (or unfortunately) FB hammers you so bad that it always puts itself in the top 10 web sites visited so spotting people trying to bypass the block is easy.
We've always had an open internet policy and I'm just asked to monitor the top 10 websites everyone visits for abuse
Re:Why not block them entirely? (Score:5, Insightful)
Aren't these people supposed to be, you know, working?
There exist lines of work that both require access to social media sites, and require capture/reporting of said access.
RFTA. It is quite interesting.
Re:Why not block them entirely? (Score:4, Informative)
Pretty much any company that produces a product has a justification for having at least some of their employees involved in social networking. I work for an organization that lives and dies by public perception and participation. A portion of our communications department is devoted to social networking.
As the person in charge of IT policy, I fought against giving people access for the longest time. I based my argument on the security considerations of social networking sites (Flash exploits, Javascript vulnerabilities, etc.) I eventually lost the battle because I can see the compelling reasons to allow access. The pros outweigh the cons in my particular organization. I had to setup an extra layer of redundency including up to date workstation images and additional security software (proxy / webfilter, etc). I'd rather block the sites entirely but in the end it wasn't my call.
Re: (Score:1)
So you're talking about the marketing types. Yes. Anything to keep them the hell away from the rest of us. Go log on Facebook, marketing dude.
Re: (Score:2)
Citation needed.
Other than someone working at facebook please show me the line of work that requires you to have a facebook account?
Anyone involved in SEO, advertising, hiring, market research, trending, product branding, et al. Facebook has 350 million users...pretty foolish to disregard this as a mere nuisance.
Re: (Score:2)
Re: (Score:2)
A friend of mine is a marketing and business consultant. I'm not sure of exact numbers, but something like half his business comes from either Facebook or Twitter.
Re: (Score:2)
There are those who not only like the idea of turning every waking second (and sleeping, if they can manage it) of your life into an opportunity for you to absorb advertising and propaganda, but have contracted with others to be paid very large amounts of money to ensure such a world becomes inevitable.
Re: (Score:2)
We are.
What's the matter? Doesn't your job revolve around social networking sites and virtual worlds? No? Maybe you should get a cooler job.. :)
Re: (Score:2)
First, the only social networking site you're allowed to have a profi
Re: (Score:2)
For some people, posting on social networking sites is their work. Three quarters of the users here are Microsoft shills, and the other two thirds are Applostles.
Re: (Score:2)
ssh -D 1080 me@myhouse
Firefox, socks proxy, localhost 1080.
Done. :P For extra credit, set Firefox to resolve DNS across the sock proxy, and exclude your work internal LAN.
marketing! (Score:2)
marketing there are lot of people on face book that they can sell to.
Re: (Score:2)
Why not block them entirely?
Well, for one thing, because between iphones, blackberries, androids, and windows mobiles, pretty much everyone and their dog can trivially bypass any corporate controls.
What's the solution? Prevent employees from bringing their cellphone to work? Except in isolated scenarios that just isn't going to be enforceable, or even practical.
Re: (Score:2)
This is what they did for us. Except the forgot to think the plan thru and when our department (WEB) had three clients needing FB and Twitter integration, we had to get an firewall exception.
Re: (Score:2)
You've obviously never monitored employee web usage. FB sucks an extraordinary amount of employee time. In my RL experience, not many people can log on and only spent 10 or 15 minutes there like they would on any other site, myspace included. Something about FB makes people stupid and gets them to waste hours of company time.
Facebook is blocked in my company for that reason. Yahoo mail, myspace, ebay, avon, horoscopes, whatever, I constantly see employees visit those sites but they don't spend enough time t
Re: (Score:2)
Then, HR, comes along, and sifts through these same social networks looking for activities that are not in line with Company Policy, and start terminations of users doing things within these same networks on their own time.
Yea, I remember Whole Foods doing this and I even remember a Slashdot article about Social Sentry. I commented on that article that in most such cases, it is better for HR to do a direct response instead. It would be cool for HR to publicly directly respond to complaints by employees on Twitter, for example, and even address some of them.
I already saw this (Score:1)
WTF?!? (Score:3, Interesting)
From TFA:
Seriously. What idiot wants his financial transactions posted on FaceBook?
Re: (Score:1, Funny)
Someone hoping to manipulate the market in some small way? Even if its a few percent you can make loads
like I did with P&G the other day.
zOMG!!! This stock is PONIES! (Score:2)
The problem with that is that you're only scamming the people who have already "friended" you.
And you're scam has to be visible to them. So if they "friend" anyone who asks, your message will probably be lost in the regular flood of messages.
I think this article is just badly written.
Re:WTF?!? (Score:4, Interesting)
There's rules about what financial advisers can and can't advertise with. Basically, everything they put out to the customers usually has to be put through their broker dealer's compliance department. "Offering the same warning they did more than a decade ago" just means reminding them that if you're using Facebook or Twitter to communicate with your clients you better be putting it through compliance first.
Re: (Score:1)
Twitter is clearly the place for all of your financial transactions [blippy.com].
Seems like a game you can only lose. (Score:3, Insightful)
I mean there are enough almost trivial ways to hide information in pretty much any channel when the 2 parties get to meet up before hand to agree a protocol.
I'd almost ask why the even try.
"hi, mike, what time's the meeting today" or "Morning,how're the kids" can carry enough information to let someone game the system.
Social networking just adds a few bands.
Re:Gaming the System (Score:2)
20 degree tangent here, but speaking of gaming the system, some marketers are wheeling out the line "Hi, I have $Boss 's cell number but I just don't have it with me. Can you give it to me?" They're trying to game the "OMG you blocked a call to $Boss" pressure.
However, I drill back the reply "Great, so you can look his number up in your records can call him on his cell. Have a nice day."
Re: (Score:2)
I've been getting the same thing but "oops, I misdialed your extension instead of $whomever. Could you just transfer me?"
Considering my extension is the same digit 3 times, I can't see how they possibly misdialed.
Re: (Score:2)
I agree it wouldn't be th
Re: (Score:2)
I'd almost ask why [they] even try.
Thus implying coding beyond interpretation must be really common.
What about Slashdot? (Score:2)
Actually, that reminds me... I have paperwork I should be doing.
Good old personal responsibility... sigh.
Old tangible vs. intangible model. (Score:5, Insightful)
In a modern world, some electronic documents (PDFs, word processor documents, emails, etc.) have taken the place of "official paper documents", and other electronic communications (instant messaging, social networking sites, etc.) have taken the place of the less-formal communication modes. (Obviously phones and face-to-face conversations still exist, also.)
On the one hand, it seems like the more documentation we can retain in regulated industries, the better off we are. (In case of negligence or malfeasance, it makes it possible to assign blame, bring people to justice, avoid repeating mistakes, etc.) On the other hand, as long as we are allowing some communication modes to be informal or undocumented, then allowing other modes that are also undocumented doesn't seem to change much. (People who want to have secret conversations will surely find a way to do it.)
I'm not sure what the right answer is. But I'm not convinced that making all electronic modes of communication subject to the same level of recording/documentation/archiving really makes sense.
Re: (Score:3, Insightful)
The problem is that in a regulated industry (in all industries, actually), there is no such thing as a communication that is not "official." If one of your agents makes a representation, and one of your stakeholders acts on that representation, then you are responsible for it. It doesn't matter how that representation was communicated. Whether or not the document was stamped "official" or not is irrelevant.
What's happening now is that firms are given the tools for rapid and wide communication, and they a
Re: (Score:2, Insightful)
The issue is that with an actual in person conversation, there is no ongoing record of that conversation and the content of that conversation are heresay. It's one person's word against the other, and without a tape recorder, no way to know what was actually said. With the various forms of new communication (of which I'll even include The Web), there are varying degrees of permanence. I can post a bad share price to my website for 15 minutes, and then correct the error, if someone buys a share of m
Re: (Score:2)
Of course this isn't so. If you decide to sue the company I work for based on something I said on Sla
Re: (Score:2)
I can't help but be reminded of the whole, "we had lots of valuable meetings" followed by "What was captured from those meetings?" from a consultant, followed by (blank stare) from workers the consultant was brought in to help.
Moving stuff onto social networks is actually a leap forward in this regard. It's a lot easier to parse logs from social networks than it is to search audio-visual records of meetings, at least with present technology. Perhaps in the future, you'll be able to enter a simple text sea
Re: (Score:2)
Re: (Score:2)
iPhones and Androids and HTC Heros, Oh My (Score:3, Insightful)
Stockbrokers with smartphones. Ain't going to stop 'em.
You cannot control it, merely hope to harness it. (Score:2, Insightful)
To paraphrase Process Leia, The more you tighten your grip, the more slips thru your fingers.
Where I work (the stuff I do when not commenting on Slashdot), they're in the process of trying to harness LinkedIn to increase sales, however, alot of people have difficulty with the concept. The old model consisted of cold calls and "walking the streets". The new hustle is e-mails and add me as your friend.
Trying to teach a fifty year old salesman what his granddaughter does with ease is almost baffling.
Ma
Until the first lawsuit. (Score:4, Insightful)
The reason for the documention (and control that such requires) is to keep the company on the right side of the law.
Being able to show the EXACT communication that took place can save a lot of money in fines.
Re: (Score:2)
Trying to teach a fifty year old salesman what his granddaughter does with ease is almost baffling.
I'm fifty years old you insensitive clod. But I'm a software developer, not a sales drone.
I'm sure there some 50 year olds out there with grandchildren. I'm not one of them. Yes, I'm sure.
I had a laugh the other day when I told my daughter (recent uni. grad), and her friends who she was skyping with, about snakes, baby chicks, and chatroulette.
Go figure.
Re: (Score:2)
Oh, please tell me that it involved feeding one of those animals to the other and and thus horrifying chatroulette users in a way that won't put you on an offender list.
Re: (Score:2)
tell you? Or don't tell you?
Yes, it involves the threat of feeding the chick to the snake.
No, I don't know this from firsthand experience.
It is alleged to be an effective tactic.
I hope I don't need to explain any more than I already have.
HTTP over SOCKS over SSH over SSL thankyouverymuch (Score:3, Interesting)
Websense can suck it.
Re:HTTP over SOCKS over SSH over SSL thankyouverym (Score:4, Insightful)
If you think you're special because you can do that to get around a block then you are confused. If you can use this sort of workaround then your admins are either idiots or don't actually want to stop you, they just want you to go out of your way enough that its obvious you were breaking the rules.
Either way, you aren't special.
Re: (Score:2)
He might not be special, but there's really no way to prevent tunneling short of blocking all potential addresses and protocols, which is pretty much all of them in either case. So there's really no way. Hell, I've used www-over-email. Is that an administrative oversight too?
Re: (Score:3, Interesting)
Meh, when done right, it just looks like a long ssl and/or vpn tunnel session.
You really cannot do much to filter/firewall this sort of bypass for the technical user. Unless you allow whitelist-only access to https/ssl sites and/or force corporate-only machine access with corporate-installed SSL CAs that decrypt SSL traffic and re-encrypted (putting the corporate proxy as a man-in-the-middle) you have no way to stop this.
The real trick is blocking all "leaking" dns and apps. Socks leaks badly, as does fla
Department of Defense is struggling with this also (Score:5, Interesting)
The DoD has been struggling with this same issues as well, they recently issued guidance that opened up social media on their networks.
http://socialmedia.defense.gov/index.php/2010/02/26/dod-official-policy-on-newsocial-media/ [defense.gov]
Re: (Score:2)
That's just a statement that the DoD unclassified Internet won't block social networking sites. Anybody on there can already send email, etc., so it's not really a security issue.
Interestingly, DoD has a policy that all email with attachments on the unclassified net must be digitally signed by the sender. This doesn't guarantee that the attachments don't contain hostile code, but it makes it easy to track where the hostile code came from. DoD already has a large-scale public key infrastructure, and th
One print page! (Score:3)
http://www.computerworld.com/s/article/print/9176439/Social_networking_boosts_legal_regulatory_compliance_headaches?taxonomyName=Financial+Services&taxonomyId=130 [computerworld.com]
Only Marketing/PR (Score:2)
Only Marketing/PR has access to Facebook and Twitter. Even our public wireless access points don't have it. What's funny is that every once in a while they have a drawing or promotion to get employees to follow or friend the company's accounts. The links to the Facebook and Twitter accounts are on the default home page for all the internal browsers.
Social Networks are Auto Archiving (Score:2)
What with the library of congress archiving every twit and facebook allowing private data access to 3rd party companies, it seems like data retention is already being done for you.
Monetization opportunity (Score:1)
FaceBook Enterprise Edition
Twitter Pro
Slashdot Corp Subscription
A service where your company opens an account with the social networking site, you submit the IP addresses of your DNS servers, or reconfigure your proxy to point to their 'corporate access IP'.
All Employees accessing the site through the enterprise intranet get a special version of the site that archives exactly all activities that are performed from the enterprise.
A flag controls what type of access they have to the medium at
Re: (Score:2)
You poor, deluded fool.
One day you'll wake up and see how different the real world is from this fantasy world you live in. Business owns your ass, and government owns your ass. In exchange you are allowed a mediocre existence and a placebo called a "vote".
Re: (Score:1)
Business doesn't own me.
One business has negotiated to pay a fee for a portion of my time, from which it makes a small profit and I make a large one.
The rest of businesses are my bitches. Even the cable company, which for now provides only my 30-mbps internet connection but soon won't even do that, since fiber is coming to my 'hood.
And my vote is used wisely, not thrown away as no doubt yours is. I interact with the political animals in my purview, and ensure they nod their heads when they are listening t