How Your Employee's Twitter Posts Can Ruin Your Business.

The other day I received an invitation to partake of dowloading a MessageLabs whitepaper, the email titled as above, promising to uncover the business issues associated with web (mis) use in the workplace". Lucky me, it was part of an IT Compliance Bulletin and also included the tempting "Free 10-page Guide to Achieving ISO 27001 Certification", "Dangerous Things You Didn't Know About Outbound Emails" (and I don't think they just mean the ones you send to ex-boyfriends after a few glasses of wine and get yourself in a 'situation') and - my personal favourite - "A Masterclass In Threat Detection And Prevention!". I haven't read any of them yet. In fact, I've only just downloaded the first one, "Is Social Networking Really Bad For Business?". So, anyway, can employee's Twitter posts really ruin your business? The same, or even more so than, say, posting semi-clad photos of themselves on Facebook, or slagging you off down the pub to all and sundry, or taking out an advert in The Times to let middle England read all about it? Are they even talking about the posts in a content way, or do they mean the time spent posting rather than working? I'd rather the more scandalous and salacious reasons, such as posting photos of you in bed with the MD, for example. I am prepared to be disappointed though. So how DOES the evil Twitter go about destroying businesses and lives? The mind boggles. But let it boggle no more, dear reader - because I am happy to share with you the secrets of the MessageLabs report. It's probably stuff we all know anyway. We can read through it together. Let's start on Page 1, shall we?

It all seems to stem from the changed nature of internet use in the workplace, put in motion by those pesky young Generation Y-ers. Rather than just using t'interweb for emails, research and buying shoes in the Brand Alley sale in your lunch hour, you can now have a chat with your mates, upload photos from your mobile phone, share a video or song, and update your relationship status. All in the space it takes your colleague to make a cup of tea ready and bring in the digestives. With Facebook growing 228% in the 12 months since Feb 2008, and Twitter a massive 1382%, it doesn't take a mathematical genius to work out that there must be a hell of a lot of people using these social networking sites whilst on the clock. Next up is the blending of work and personal life, with people expecting to be able to access the internet for personal use whilst at work, for various reasons. Gambling, checking personal emails (Hotmail, Yahoo! etc), downloading music and so on. Over two thirds of online porn traffic occurs during office hours, according to http://www.getsafeonline.org/. And of course, Tweeting and sheep throwing are also very popular. Hearteningly, some of us are good little boys and girls and use the net to download work relevant software, and are harnessing social networking sites for the good - to build contacts for networking, lead generation and to keep up with industry developments. We are known as "committed employees", don't you know. Blogs and forums are now used as important business tools, especially for marketing or recruitment led companies.

So what's the problem? Well, apparently there are web risks to business. Duh, like we didn't already know that. Everyone knows that. So are MessageLabs telling us anything new? The first consideration is of direct, measurable costs. Reduced productivity and wasted bandwidth are cited as examples of this. Security is an issue - malicious websites, accidental loss of data and new threats from cybercriminals. Legal compliance is also a problem, as are employee/HR issues and unauthorised software downloads. All these can lead to businesses being sued, fined and generally getting into lots of trouble. Right down at the bottom of the pile is brand and reputation risk. Personally, I think that this last one is the largest issue for any SME, who rely more heavily on word of mouth than larger companies who can exercise damage control in most cases should their reputation be threatened. Most companies already have a AUP - Acceptable Use Policy - in place to minimise these risks. If yours hasn't, then as an owner/boss, get one - as an employee, enjoy surfing while you can!

Interesting stuff, if not exactly groundbreaking. Yes, it's obvious we shouldn't post confidential documents or information pertaining to work on Facebook. Or look at porn, or Tweet and blog when were are pretending to be typing up the minutes of last week's AGM. But whilst the report concentrates the obviously quantifiable risks to business, especially security (not surprisingly, being produced by MessageLabs, Symantec Hosted Services TM) it doesn't mention any of the sorts of things that people do on social networking sites that could affect the reputation/brand adversely.
Things like writing on your friend's wall about how much you hate your job and boss, using four letter words exclusively. Things like slagging off a client and naming them. Things like posting dirty pictures of yourself on your Facebook page and inviting professional contacts to look. Maybe stuff like generally being foul mouthed and chavvy when you post on Twitter, or updating your Facebook status every time you get drunk, dumped, or laid. In themselves, all these things could be seen as pretty harmless (except the dirty pics one... unless you know that your contacts will be happy to see you in a PVC nurse's uniform and won't mention it to your boss). Unfortunately, all these things are probably an extremely stupid idea if you have lots of colleagues following you on Twitter or as Facebook friends, and a bloody ridiculous idea if you actually have your boss/manager/HR director etc as a contact able to access everything you write or upload.

You know what? I don't think your employee's Twitter posts CAN ruin your business. If you run the company properly, and treat people well, they won't need to write nasty things about you. If they are fulfilled and interested in their jobs, they won't have to spend all day Tweeting for something to do. And, at the end of the day, you're responsible for the hiring (even if indirectly) of your staff... so if they end up twisting the internet to use it for pure evil, then you need to ask yourself how they ever got through the first stage interview.

Mind you, when I got my job I hadn't even heard of Twitter, so my poor boss never stood a chance...

For more free whitepapers on web security and the like, see www.messagelabs.co.uk