20150916 ARMA Pittsburgh Do's and Don'ts of Managing Social Media
•Download as PPTX, PDF•
2 likes•593 views
This session was delivered as the Carl. E. Weise Memorial Seminar for ARMA Pittsburgh on Sept 16, 2015.
Recommended
Recommended
More Related Content
What's hot
What's hot (20)
Similar to 20150916 ARMA Pittsburgh Do's and Don'ts of Managing Social Media
Similar to 20150916 ARMA Pittsburgh Do's and Don'ts of Managing Social Media (20)
More from Jesse Wilkins
More from Jesse Wilkins (20)
Recently uploaded
Recently uploaded (20)
20150916 ARMA Pittsburgh Do's and Don'ts of Managing Social Media
- 1. Copyright © AIIM | All rights reserved. #AIIM The Global Community of Information Professionals aiim.org The Carl E. Weise Memorial Seminar: The Do’s and Don’ts of Managing Social Media Jesse Wilkins, CIP, CRM, IGP AIIM International September 16, 2015
- 2. Copyright © AIIM | All rights reserved.2 In Memoriam: Carl E. Weise, CRM
- 3. Copyright © AIIM | All rights reserved.3 "Despite the euphoria of Internet enthusiasts and the hyped-up selling palaver of some web services providers, we remain uncertain as to the long-run substantive benefits the Internet will bring to businesses and to individual users.…until the webmeisters persuade us otherwise, we'll hang on to our CDs and floppies, along with the aperture cards and other imaging artifacts that have served our corporate and personal purposes so cost-effectively in the past."
- 4. Copyright © AIIM | All rights reserved.4 Social everywhere 1,350+ years worth of time spent every day on Facebook. 1.5B Facebook users. 65% log in on any day - and post 4.5B likes/day. 300M photos uploaded per day. And… Twitter and LinkedIn and Pinterest and Google+ and Tumblr and Flickr and Instagram and Myspace(!) and Livejournal and Orkut and Yammer and blogs and millions of private social
- 5. Copyright © AIIM | All rights reserved.5 Agenda Information governance and social media The social media governance framework Using social media safely and effectively
- 6. Copyright © AIIM | All rights reserved. #AIIM The Global Community of Information Professionals aiim.org Information governance and social media
- 7. Copyright © AIIM | All rights reserved.7 Information governance defined “…Specification of decision rights and an accountability framework to encourage desirable behavior in the valuation, creation, storage, use, archival and deletion of information.” Source: Gartner
- 8. Copyright © AIIM | All rights reserved.8 Information governance framework Organizational structures Stewardship Policy Value creation Data risk management & compliance Information security & privacy Data architecture Data quality management Classification & metadata Information lifecycle management Audit information, logging & reporting
- 9. Copyright © AIIM | All rights reserved.9 Governance?
- 10. Copyright © AIIM | All rights reserved.10 Governance!
- 11. Copyright © AIIM | All rights reserved.11 New types of content
- 12. Copyright © AIIM | All rights reserved.12 Third party content creation
- 13. Copyright © AIIM | All rights reserved.13 Third party hosting & physical control
- 14. Copyright © AIIM | All rights reserved.14 Professional vs. personal Devices Accounts Who owns your content? Your contacts? Who can speak for the organization? Transparency Services Internal vs. commercial Work vs. personal
- 15. Copyright © AIIM | All rights reserved. #AIIM The Global Community of Information Professionals aiim.org The social media governance framework
- 16. Copyright © AIIM | All rights reserved.16 Neither is denial. Prohibition is not realistic.
- 17. Copyright © AIIM | All rights reserved.17 “A new class of company is emerging—one that uses collaborative Web 2.0 technologies intensively to connect the internal efforts of employees and to extend the organization’s reach to customers, partners, and suppliers. We call this new kind of company the networked enterprise.” The rise of the networked enterprise
- 18. Copyright © AIIM | All rights reserved.18 Why a governance framework? Ensures that employees know what is expected of them Provides guidelines for being more effective Reduces risk of someone posting inappropriate content Addresses legal and operational concerns
- 19. Copyright © AIIM | All rights reserved.19 The governance framework Management Strategic roles and responsibilities Organization Groups and structures required to manage information Policy and procedures Processes and standards for managing information
- 20. Copyright © AIIM | All rights reserved.20 Roles and responsibilities Records management Legal HR Communications IT Etc.
- 21. Copyright © AIIM | All rights reserved.21 Check the service level agreements
- 22. Copyright © AIIM | All rights reserved.22 The social media policy Social content is just another form of content Policy should provide a framework applicable to most or all social media tools – and to other content/communication-related technologies as well DON’T write a Facebook policy, a Twitter policy, etc.
- 23. Copyright © AIIM | All rights reserved.23 Identify security issues Privacy and confidentiality E.g. third party photos, personal information Intellectual property Other sensitive topics or resources
- 24. Copyright © AIIM | All rights reserved.24 Responding to third party posts Image source: Social Media Influence
- 25. Copyright © AIIM | All rights reserved.25 What to keep? Determine whether social media content needs to be kept: Is it legally required? Is it business-related? Does it add value? Is it unique? Does it have unique comments?
- 26. Copyright © AIIM | All rights reserved.26 How should it be kept? In the native service Snapshots? Archived periodically Archived/captured on the fly In bulk By keyword/query/account Captured prior to publication Review
- 27. Copyright © AIIM | All rights reserved.27 Social media migration Between services When a service shuts down
- 28. Copyright © AIIM | All rights reserved. #AIIM The Global Community of Information Professionals aiim.org Using Social Media Safely and Effectively
- 29. Copyright © AIIM | All rights reserved.29 Figure out where you are
- 30. Copyright © AIIM | All rights reserved.30 Develop a plan
- 31. Copyright © AIIM | All rights reserved.31 Apply, extrapolate, create
- 32. Copyright © AIIM | All rights reserved.32 Training, training, training
- 33. Copyright © AIIM | All rights reserved.33 Consider enterprise versions
- 34. Copyright © AIIM | All rights reserved.34 Implement a compliance solution • And many others
- 35. Copyright © AIIM | All rights reserved.35 Sense and sensibility No single policy can cover every: Tool Process Situation Contingency Encourage users to be smart 35
- 36. Copyright © AIIM | All rights reserved.36 Questions?
- 37. Copyright © AIIM | All rights reserved.37 Additional resources Social Media Policy Database http://socialmediagovernance.com/policies/ SHRM Social Media Policy Template http://www.shrm.org/templatestools/samples/policies/pages/social mediapolicy.aspx NARA Best Practices for Capture of Social Media Records http://www.archives.gov/records- mgmt/resources/socialmediacapture.pdf AIIM Social Business Assessment http://info.aiim.org/how-to-conduct-a-social-business-assessment AIIM Social Business Roadmap http://www.aiim.org/Social-Business-Roadmap
- 38. Copyright © AIIM | All rights reserved.38 For more information Jesse Wilkins, CIP, CRM, IGP Director, Professional Development AIIM International +1 (720) 232-9638 direct jwilkins@aiim.org http://www.twitter.com/jessewilkins http://www.linkedin.com/in/jessewilkins
Editor's Notes
- Copyright AIIM
- Good information governance requires a framework. IBM defines an information governance framework as including the following eleven elements. We have tried to condense down the definitions for each category. Organizational Structures and Awareness – understanding of the need for governance and the roles required to do it Stewardship – ownership of the responsibility for governance for given information assets Policy – the “what to do” Value Creation – Analysis of the value of the organization’s information Data Risk Management & Compliance – Risk assessment, analysis, and mitigation Information Security & Privacy – Policies and practices for protecting information Data Architecture – Tools for creating, sharing, and managing information Data Quality Management – Methods to ensure and improve data quality Classification & Metadata – as the name suggests. Information Lifecycle Management – Policies and processes for collecting, using, and ultimately deleting information Audit Information, Logging & Reporting – Processes for monitoring the overall governance effort. Source: IBM, http://www.infogovcommunity.com/resources
- So for this Tweet, where do any of these elements apply? It’s a personal account, so organizational structures and stewardship aren’t applicable and policy is difficult to enforce, especially in the age of the smart phone. Not a lot of value being created here – and therefore not a lot of concern with data risk management, compliance, information security, or privacy. It’s a hosted service, so not much to do with data architecture. Data quality management and metadata? As long as it’s on Twitter it’s Twitter’s problem; if it were stored locally it would depend on how it was captured to understand what metadata is even available. There certainly isn’t a ready mechanism for classifying it. It’s a pretty ephemeral Tweet from a data lifecycle management perspective – and again, Twitter controls that as long as it’s stored out there. And therefore there isn’t a lot of need for auditing and logging for this Tweet.
- On the other hand this one pretty clearly needs some governance attention, at least in most jurisdictions, and offers more things to apply governance against including the stock ticker, the link, and the pricing. The date certainly becomes much more important here as well. And if this comes from an official account or one affiliated with the organization there is definitely a governance issue here. ~ In other words, on the one hand governance processes and practices are certainly relevant in the social media era; on the other hand, there are some unique issues based on both the nature of particular tools and on the nature of social media more broadly that warrant some additional considerations. Over the rest of this course we will identify and explore some of those issues and considerations to provide a foundation for the rest of the Social Media Governance Certificate Program.
- Consider the following types of content: ~ A Facebook like; A Twitter retweet; Geolocational data provided through a service like Foursquare, perhaps with a comment about the quality of the food or service at a particular place; An edit to a wiki article; A comment to a blog post; A video, perhaps with annotation, often with comments, likes, etc.; And all the other “breadcrumbs of attention” that we leave behind as we create, consume, and share content on external sites as well as internal ones. ~ All of these have metadata, and many of them have quite a lot of it. But much of this metadata is either not directly visible or accessible or isn’t germane to the way users would look for this type of content in the future. ~ And many of them are quite fragmentary – the Facebook Like for example, or a conversation carried on as part of a Twitter stream or other activity stream. They tend to be even more informal and even more ephemeral compared to other types of content. Yet as we’ll see later these issues don’t eliminate the need to manage this content effectively. ~ Finally, it should go without saying that volume presents an issue here. More video is uploaded to YouTube every month than the “big 3” U.S. networks (ABC, NBC, CBS) created in their first 60 years of existence combined. Facebook stores more than 100 petabytes of data and receives more than 250 million photos a day, or more than 5 billion photos a month. There simply isn’t an analogue for all but the largest enterprises and database applications.
- Another significant difference in the way content is created today is how much of it is done by third parties. For most organizations most of their content is created internally; where there is substantial interaction with outside parties it’s often in the form of fairly standardized things like invoices, checks, and the like. ~ But social media is, well, social. A wiki with one author is just Microsoft Word with a bad user interface. Social tools work when and because they provide a mechanism to interact with other content creators. In many cases this is through the same tool or page – your wiki with their edits, your Twitter stream when they include you by mention, your blog and their comments. But it’s not always so – someone could comment on your blog post with a post of their own on their own blog (and with comments at neither, one, or both).
- And all of this content creation happens on a website that in all likelihood is not under your control. That is, you can set up your Facebook page, and decide whether to allow comments to your blog; but the content is stored outside the firewall in a datacenter that might not be in the same country you are. ~ This has profound information governance implications. If Facebook decides to keep everything posted to it forever, disposition policies become somewhat of a moot point. On the other hand, if Facebook decides to keep content posted for only 30 days, retention becomes a critical issue. ~ It also complicates the ability to demonstrate compliance with regulatory requirements and requests to produce information in response to litigation or audits – what is “native format” for Twitter? It’s *not* screenshots, at least in most jurisdictions. How do you authenticate the content outside of Twitter.com or a Twitter client? And so forth.
- All of this also contributes to a blurring of professional and personal lives. Consider two cases. First, Rick Sanchez was a journalist working for CNN. As part of his professional life he developed contacts and created and developed a pretty impressive Twitter presence, @ricksanchezcnn, with some 140,000 followers at one point. He was subsequently fired, which raises some interesting governance questions: Who owns the account? It says CNN in the title, but Twitter, like most social media sites, assigns ownership of the account and all content related to it to the individual who created the account. Who owns the contacts? The individual followers can’t be forced to stop following Rick’s account (since renamed to @ricksancheznews); if this were a Facebook account could Rick be forced to stop following other people? Who owns the content? The internet doesn’t forget…. ~ Now consider another case. An individual employee gets a smart phone paid for by the organization and is expected to be available after hours. The organization is smart and allows flexible working hours. The employee uses the smart phone to check into a bar at 11 am (but through his personal Foursquare account) and then uses his personal iPad and the bar’s Wi-Fi to log into Facebook and post some unflattering remarks about the bar, the meal, and his (unspecified) job. Some of the questions raised: Could his remarks reflect badly on the organization, or even contradict its acceptable usage policy? Is that policy applicable to any, some, or all of the content he created? If the bar decides to sue, is there any liability for the organization? And probably lots more. ~ The broader point here is that as the lines between professional and personal lives continue to blur and overlap, so do many of the elements of the governane framework so carefully crafted and implemented in many organizations. It’s not always easy to tell who has the right to speak on behalf of the organization. And many commercial social media services forbid users from creating multiple accounts (such as a personal and professional account). ~ Organizations have to be smart and balance the legitimate concerns of the organization with those of the individual employees and take into account how the tools actually work.
- The first step many organizations take to manage Web 2.0 is to try to block them. This is unrealistic for a number of reasons.
- Moving into mainstream
- Roles and responsibilities are still required to manage social content in the context of the governance program – whether in the enterprise or using commercial services. Proliferation of SharePoint collaboration sites or uncoordinated Twitter accounts is no better for the organization than proliferation of file shares or content repositories. ~ In other words, employees still need training on governance concerns. If using enterprise solutions IT still has to deploy and maintain them. For any business use of social media records, legal, compliance, risk, etc. should be involved. HR needs to consider how employment law affects the use of social media services for hiring – and for disciplinary actions. Senior management needs to consider how to measure the effectiveness of the organization’s usage of social media, which services best support its goals, and whether to use commercial sites or enterprise solutions.
- Technology changes much faster than the law or policies can keep up with. That’s why it’s better to use a comprehensive policy that can cover new technologies as they appear.
- Governance exists but needs to be tweaked. Apply what can be applied: roles & responsibilities (inc. new ones); general policy framework; training as we discuss shortly Extrapolate from what has worked: job aids & guidelines; managing wikis instead of email for collab and the relative ease of managing wikis for compliance; use the tools appropriately (e.g. not for business if can’t manage it) Create new stuff where required: classification, declaring as record (managing in place?), etc.
- The dell model we already mentioned; demographic considerations (it will be used), SM 101, how to use the tools, how to use the tools well, how to use the tools in support of the business, how to keep the business safe
- Finally, there are enterprise versions of every Web 2.0 application. These enterprise versions are often available to be hosted inside the firewall, meaning that security is much more robust. Access can be secured to them much more effectively. They can be integrated into the organization’s identity infrastructure – whether Active Directory or something else – such that any change, post, comment, edit, update, etc. can all be tracked and, more importantly, tracked to a specific named user. No anonymous postings here. Of course, you have to pay for an enterprise version, but what you’re really paying for is a level of peace of mind. And you still get many of the same benefits – ease of use, familiarity with the type of tool, rapid and agile collaboration across geographical and time boundaries, etc. You’re just getting a more secure and robust version of it. [twitter]Consider implementing enterprise versions. FB is FB, but internal tools might be more appropriate.[/twitter]
- One final point. No single policy can cover every possible circumstance. There are simply too many tools, processes, and situations that could pop up. Different organizations will treat things differently in different contexts. So perhaps the most important thing to teach employees about social media is to be smart. The Internet doesn’t forget. Best Buy’s policy is an excellent example, and one that can be boiled down to its tagline, “Be smart. Be respectful. Be human.”
- At this point I’d be pleased to entertain your questions.