The presentation delivered to the ARMA Dallas Chapter by Jesse Wilkins, AIIM Director, Systems of Engagement. The presentation looks at methods of managing web 2.0 records, such as Facebook, Twitter and everything in between.
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Managing Web 2.0 Records.
1. Managing Web 2.0 Records: Facebook, Twitter and Everything in Between Jesse Wilkins, CRM AIIM International January 11, 2011
2. About AIIM International - Members in 146 countries Independent - Unbiased and vendor neutral Implementation Focused - Processes, not just technology Industry Intermediary - users, suppliers, consultants, analysts, and the channel http://www.aiim.org
3. Jesse Wilkins, CRM Director, Systems of Engagement, AIIM Background in electronic records management, email management, ECM, and social technologies Director, ARMA International Board of Directors (2007-2010) Frequent industry speaker and author AIIM ERM Expert Blogger Instructor for AIIM Certificate Programs 3
4. Agenda Use cases for social technologies Commercial vs. enterprise social technologies Managing social content as records
19. Identity management - commercial Need separate accounts for most sites Many sites leveraging identity management Facebook Connect Twitter OAuth
20. Identity management - enterprise Integration into identity infrastructure Ensure security and confidentiality Provide accountability Support for groups and ethical walls Access to other resources inside the organization 20
21. Archiving - commercial Doesn’t exist for most sites Available for Facebook since Oct 2010 Some third-party services available
23. Integration with other systems - commercial Some using FB Connect, Oauth Very little integration into line of business systems - today
24. Integration with other systems - enterprise Allow import from other systems Allow export to other systems 24
25. Auditing and reporting - commercial Most commercial services offer very little in the way of analytics and auditing Some third-party services available, especially for Twitter Social “listening platforms” and CRM (sCRM)
26. Auditing and report - enterprise Significant amounts of information available for reporting Who has done what What has been done to a particular article/item/etc. Any changes made to the system, security, etc. 26
34. Is it a record? Is the information unique and not available anywhere else? Does it contain evidence of an agency’s policies, business, mission, etc.? Is the tool being used in relation to an agency’s work? Is there a business need for the information? Does it document a transaction or decision?
35. What is the record? Individual social network status updates or Tweets? The entire stream over a given period? Many of these tools do not lend themselves to metadata…. Policy and consistency are key
36. Duplication Determine whether content is unique If it’s already being captured elsewhere, treat as a duplicate record or as a non-record A note about co-creation
39. Records management in brief Archive selected items locally Use search queries and monitoring Store selected items locally using search queries or RSS
40. Use the native backup to store locally Store locally using built-in tools
41. Use a third-party service to store locally Store locally using third-party service
46. Conclusion Web 2.0 is here Prohibition is not a realistic option Web 2.0 tools can add significant value to the organization And they can be managed as records Lead your organization to use them effectively
47. For more information Jesse Wilkins, CRM, CDIA+ Director, Systems of Engagement AIIM International +1 (303) 574-0749 direct jwilkins@aiim.org http://www.twitter.com/jessewilkins http://www.linkedin.com/in/jessewilkins http://www.facebook.com/jessewilkins http://www.slideshare.net/jessewilkins
48. Additional Resources “How Federal Agencies Can Effectively Manage Records Created Using New Social Media Tools”, Patricia Franks, Ph.D., IBM Center for The Business of Government, 2010 Guideline for Outsourcing Records Storage to the Cloud, ARMA International, 2010 “Electronic Records Management: Blogs, Wikis, Facebook, Twitter, & Managing Public Records”, Washington State Archives, September 2009
49. Additional Resources “Managing Social Media Records”, U.S. Department of Energy, September 2010 http://cio.energy.gov/documents/Social_Media_Records_and_You_v2_JD.pdf “Guidance on Social Networking”, Arizona State Library, Archives, and Public Records, June 2010 http://www.lib.az.us/records/documents/pdf/Social_Networking.pdf
50. Additional Resources NARA Bulletin 2011-02, “Guidance on Managing Records in Web 2.0/Social Media Platforms”, October 2010 http://www.archives.gov/records-mgmt/bulletins/2011/2011-02.html “A Report on Federal Web 2.0 Use and Value”, National Archives and Records Administration, 2010 http://www.archives.gov/records-mgmt/resources/web2.0-use.pdf
51. Florida Social Media Toolkit http://sites.google.com/site/flsocmed/ “Friends, Followers, and Feeds: A National Survey of Social Media Use in Government”, NASCIO, September 2010 http://www.nascio.org/publications/documents/NASCIO-SocialMedia.pdf Texas Dept of Information Resources Social Media Policy http://www.texas.gov/en/about/Pages/social-media-policy.aspx
52. Additional resources Compliance Building Social Media Policies Database http://www.compliancebuilding.com/about/publications/social-media-policies/ 57 Social Media Policy Examples and Resources http://www.socialmediatoday.com/davefleet/151761/57-social-media-policy-examples-and-resources Web 2.0 Governance Policies and Best Practices http://govsocmed.pbworks.com/w/page/15060450/Web-2-0-Governance-Policies-and-Best-Practices
53. Social Media Governance policy database http://socialmediagovernance.com/policies.php “Analysis of Social Media Policies: Lessons and Best Practices”, Chris Boudreaux, December 2009 http://socialmediagovernance.com
Editor's Notes
Keep in touch with remote offices, colleagues, and even familyNetworking - personal, professional, career
Learn new things. Lots of what folks post day-in and day-out is trivial. Then again, so is the RECMGMT-L listserv – and yet how many of you are on that and swear by the value you receive from it?
80% of companies use social media for recruitment – 95% use LinkedIn. And every recruiter and HR manager does due diligence on candidates using Google – and the top links for many are their profiles on LinkedIn, Facebook, etc.
Because information can be easily augmented with photos, videos, and links
[twitter] Web 2.0 considerations and issues[/twitter]
[twitter] Web 2.0 considerations and issues[/twitter]
The first step many organizations take to manage Web 2.0 is to try to block them. This is unrealistic for a number of reasons.
The first step is to determine whether or not something is in fact a record. Just as we know that most email messages are not records, for most organizations their Facebook fan page updates will not be records either. In other words, we have to ask the same questions about these tools that we’d ask about any other type of information:Does it document a transaction or a decision? If it does, it’s probably a record. Is it captured in another form? This is the biggest reason why most social networking sites like Facebook and Twitter wouldn’t need to be captured as records – in most cases they are being used as another transmission mechanism for information stored elsewhere. Now, just because it isn’t a record doesn’t mean it couldn’t be discoverable or a public record and subject to FOIA-type laws. Again, same considerations here as for other types of information. [twitter]Determine whether something is a record or not according to its content and context.[/twitter]
The next step is to determine exactly what is the record and must therefore be retained. Again, this will likely vary not just by content, but also by the nature of the tool. An individual social network status update or Tweet could rise to the level of a record, though I suspect this will be uncommon; in the case of a protracted discussion on someone’s wall or via Twitter, it might be the entire stream of updates on a particular topic or over a given period. This is analogous to determining when an instant message is a record. Many of these tools don’t really have metadata in the traditional sense. Twitter, for example, has the following public metadata: SenderMentions (the @ or DM it is addressed to, and could be more than one)A unique Twitter IDAn in-response-to Twitter ID if it uses the Twitter Reply capabilityA ReTweet ID if it was ReTweetedDate and time sentThe client used to send the update, if knownAny hashtags could be considered metadataBut note what there isn’t: No subject line or topic, no mechanism for filing it, no keywords (except maybe the hashtag). Other systems may offer more or less metadata but it is difficult to access some of that, even if it is retained by the system or commercial provider. The key is to have a records policy that is broad enough to encompass all of these tools and that stresses the content and context of information rather than its format. And as we noted earlier, just because it exists does not make it a record per se.[twitter] The next step is to determine exactly what is the record and must therefore be retained. [/twitter]
Finally, there are enterprise versions of every Web 2.0 application. These enterprise versions are often available to be hosted inside the firewall, meaning that security is much more robust. Access can be secured to them much more effectively. They can be integrated into the organization’s identity infrastructure – whether Active Directory or something else – such that any change, post, comment, edit, update, etc. can all be tracked and, more importantly, tracked to a specific named user. No anonymous postings here. Of course, you have to pay for an enterprise version, but what you’re really paying for is a level of peace of mind. And you still get many of the same benefits – ease of use, familiarity with the type of tool, rapid and agile collaboration across geographical and time boundaries, etc. You’re just getting a more secure and robust version of it. [twitter]Consider implementing enterprise versions. FB is FB, but internal tools might be more appropriate.[/twitter]
At this point I’d be pleased to entertain your questions.
In conclusion, Web 2.0 is not something coming down the road or over the horizon – it’s here today and is probably in your organization, whether you know about it or not. It is all but impossible to effectively prohibit them – and the tools can significantly improve an organization’s collaboration and knowledge sharing, thereby adding value to the organization. It is incumbent on records management professionals to step up and lead your organizations in the effective use and management of these tools.