Philip J. Favro, discovery attorney, Symantec Corporation (www.symantec.com), says:

Just as organizations faced regulatory and legal pressures to archive and discover emails over the last decade, they now face those same pressures to preserve their social media communications. Most, however, are not doing so. As a result, they are suffering damaged relationships and lost dollars, according to a recent Symantec survey. That survey examined how enterprises worldwide are using social media tools and what preparations they are making as part of their information management plan to address eDiscovery requests for social media content.

Symantec’s 2011 Social Media Protection Flash Poll found the typical enterprise experienced nine social media incidents over the past year, such as employees sharing too much information in public forum. The vast majority suffered negative consequences including damage to their reputations and loss of customer trust, data loss and lost revenue.

According to Gartner [1], “by year-end 2013, 50 percent of all companies will have been asked to produce material from social media websites for eDiscovery.” As organizations increasingly share business related information on social networks to communicate with customers, partners and employees, the risk of disclosing confidential information also increases. Given these risks, organizations must develop a social media strategy that ensures both supervision and retention of social media content. Not only will this likely prevent reputations from being tarnished, it will also better ensure compliance with open records requests, legal demands and regulatory requirements, such as the supervision and retention provisions from Financial Industry Regulatory Authority (FINRA) Regulatory Notice 10-06.

The Symantec survey found the top three social media incidents the typical enterprise experienced over the last year were:

  • employees sharing too much information in public forums (46 percent)
  • the loss or exposure of confidential information (41 percent)
  • increased exposure to litigation (37 percent)

More than 90 percent of respondents who experienced a social media incident also suffered resulting negative consequences, including:

  • reduced stock price (average cost: $1,038,401 USD)
  • litigation costs (average cost: $650,361 USD)
  • direct financial costs (average cost: $641,993 USD)
  • damaged brand reputation/loss of customer trust (average cost: $638,496 USD)
  • lost revenue (average cost: $619,360 USD)

All is not lost, though. There are steps any organization can immediately take to avoid these consequences.

First, IT and legal need to work together to define how to use social media and train employees regarding what types of information are appropriate to post to social media sites.

An organization should also identify and understand industry-specific legal or regulatory requirements. After doing so, it ought to implement policies that facilitate retention of social media content and thereby ensure compliance with those requirements.

A particularly important aspect of this process is deploying technology tools, such as archiving software, to enable the automatic capture and retention of social media content. An archiving solution is especially important for organizations whose industries are highly regulated. Archiving software can help organizations monitor employee use of social media for business purposes, enable its preservation for legal and regulatory requirements and even facilitate the search and retrieval of specific content.

Finally, an organization’s social media plan should also include a data loss prevention solution. Data loss prevention software provides another layer of protection to prevent sensitive company information from leaking on to social networks.

Symantec’s Social Media Protection Flash Poll is the result of research conducted by Applied Research, which surveyed IT and C-level professionals responsible for computers, networks and technology resources at small, medium, and large enterprises (defined as 1,000-2,400, 2,500-4,999, and 5,000+ employees). The report was designed to gauge how organizations protect themselves from negative consequences of using social media. The survey included 1,225 respondents in 33 countries in North America, EMEA (Europe, Middle East and Africa), Asia Pacific, and Latin America. For more information, visit www.symantec.com.
_____________________________
[1] “Gartner, Inc., Social Media Governance: An Ounce of Prevention,” Debra Logan, Gartner, December 17, 2010