Agenda About Actiance, why am I here? The Communications Revolution isn’t new It’s being led by end users Numerating social Why people want to say no to it… General Regulation Specific Regulation – FINRA, FSA, IIROC, SEBI What happens when you don’t address the risk? Consider what you should enable and control Further reading
About Actiance Enable the New Internet – 4,500+ Web 2.0 apps, Unified Communications, Social Networks Global operations – USA, EMEA, India, Asia/Pacific Market Leader – 9 of the top 10 US banks – Top 5 Canadian banks – 3 of the top 5 energy companies Broadest Partner Ecosystem – Technology alliances
It’s a communications revolution • Public IM • P2P • Anonymizers • VoIP • Financial IM • Social Networks • Unified Communications • Games • Web Conferencing • Virtual Worlds • VoIP • IPTV • Remote Admin Tools Source: Actiance Annual Greynets Surveys 2008 – 2011 & Projected
The charge is led by the end usersActual customer traffic history (~155 organizations)Representing all Internet activity from over 150K end users (Actiance Internet Survey 2009) Source: Actiance Annual Internet Survey 2010
But there are a series of risks.. Data Leakage Incoming Threats Compliance & eDiscovery User BehaviorPersonal SEC, FINRA,IIROC EmployeeInformation Malware, Spyware Productivity HIPAA, FISMA, SEBIIntellectual Property Viruses, Trojans Bandwidth SOX, PCI, FSACredit Card, Explosion InappropriateSSN FRCP- eDiscovery Content Every employee isClient Records FERC, NERC the face of business
FINRA Regulatory Notice 10-06:Guidelines for Social Networks Regulation Social Network and Web 2.0 ImpactSEC Rules 17a-3 and 17a-4 andNASD Rule 3110 Retain records of communications related to business Electronic forum & chat rooms, content posted to social media may constitutePublic Appearances a public appearancePrior Approvals Wall postings require prior approvalsParticipation Real-time participation on social networks equals participation For instance communications between research and investment bankingFINRA Regulatory Notice 07-59 departments should be restricted Only those subject to firms supervision should have access, provide trainingRestrict Personnel prior to engagement, prohibit or restrict those who pose a compliance risk. Restrict access with technology.
What Can Go Wrong? Matrixx stock price– The nasal spray form of cold remedy Zicam, produced by Matrixx Initiatives, has potentially been found to damage some peoples’ sense of smell. Stock price drop from $19.24 that day to $5.78 on June 16th. Its $5.21 now. Do your Research on Fedex & Ketchum Nestle & Greenpeace
Ensuring regulation is met, reducing risk Issue Control RequirementsIdentity management Ensure that all the different logins of an individual link back to corporate identityActivity control Posting of content allowed for marketing but read-only for everyone elseGranular application control Employees can access Facebook, but not Facebook Chat or Facebook GamesAnti-malware Protect network against hidden phishing or Trojan attacksData leak prevention Protect organization from employees disclosing sensitive informationModeration Messages posted only upon approval by designated officerLogging and archiving Log all content posted to social networksExport of data Export stored data to any email archive or WORM storage