Monday January 7, 2008

Tools Don't Hurt Companies

On Dec. 19th, Michael Krigsman wrote an article entitled Twitter is Dangerous. The reason? Krigsman says that Twitter "is rapidly becoming a serious threat to corporate information protection".

Uhuh. Not.

From Krigsman's article:

Imagine this scenario: 20 people are in a confidential meeting, one of them using Twitter. This attendee broadcasts an off-hand “tweet” (Twitter comment) to his or her “followers” (Twitter friends). With traditional instant messaging, that message would be received by perhaps one or two others. With Twitter, that comment may be seen by 10, 100, 1000, or more followers.

With "traditional instant messaging", even those one or two others could then share with their friends, who might tell someone else and... The problem here isn't Twitter (or IM, or email, or an employee's weblog, or the phone call to a buddy or the after-work beer with friends). The problem is the broadcasting (sharing) of confidential information beyond appropriate boundaries.

Technology isn't to blame. If company management hasn't defined a Confidential Information Policy (and explained it clearly at new-hire orientation, and kept it up to date), that's where to lay the blame.

Did your employees sign a non-disclosure agreement? Did you talk to them about what "confidentiality" means? Do they understand what you told them?

Needless to say, Krigsman's article received a lot of feedback.

Dennis Howlett takes Krigsman to task:

It’s not often I call out my fellow Irregulars (we usually have those arguments in our Google Group) but on this occasion, Mike Krigsman has got this notion that ‘Twitter is dangerous’ wrong to the point of scaremongering.

Mike uses the example of confidential information leaking out. C’mon, that can happen anytime, anywhere. Twitter is only another channel through which that might arise. What I can say is that in the seven months I’ve been using Twitter, I’ve never seen anyone use it as a way of disclosing the kind of information Mike describes - or even coming remotely close.

Robyn Tippins adds

I’d get away with leaking much easier if I just told one person in conversation via my text message, and then another later over drinks, than I would for tweeting a secret to 20 people. Twitter *is* like the watercooler, only this watercooler has a history of all conversations that are public. Leaks happen, and Twitter won’t make that any more possible that anything else.
and Ed Yourden points out what should be obvious:
Sure, Twitter is potentially dangerous — in the same way that any other form of instant messaging, e-mail, and blogging could be dangerous. Hey, while we’re at it, telephones are dangerous! So are letters mailed through the U.S. Post Office (assuming that any of them actually get delivered.) So is talking to other people...

Mark (ProBloggers Matrix) provides a different slant

Internet technology is moving so fast that NO ONE can ever hope to keep up! ...

Just accept the inevitable. Become a totally transparent company and win new customers through total transparency and Twitter will become your greatest friend and asset.

while Andrew Baron focuses on the logical fallacy
...the construction involves a logical fallacy called Ad Hominem. This happened when the writer Michael Krigsman attempted to discredit Twitter by drawing attention to the characteristics of the people who are using it.

This same kind of reasoning in the office place is often considered paternalistic and leads people to make statements like “Coffee makers are bad because employees can burn themselves or even burn down the office!”

Finally, Stephen Collins puts the real problem in a nutshell

Taking the approach of blocking and banning does organisations with staff wanting to implement and use social tools no favors at all. What inevitably ends up happening is a variant on Gilmore’s Law and these organisations end up with unauthorised implementations of tools so that staff can do their jobs properly.

...organisations need to rethink their information and systems security policies. These policies need to be reimagined in a way that allows staff open and easy access to the tools they need to do their jobs properly while also considering the fact that not all corporate data is appropriate to disseminate or store on such platforms.

A well thought out policy will more than adequately address issues of appropriateness, consideration before release, when and when not to use a particular channel and related matters. IBM’s blogging guidelines are a great example of a well-considered policy that deals with these matters appropriately.

So Michael, no, Twitter isn’t dangerous. What’s dangerous are inadequate policies around using these tools.

And it seems that Michael Krigsman does understand this. Although he proposes two possible, sub-optimal solutions:

  1. Pretend the problem doesn’t exist. ...
  2. Block, or monitor, Twitter...
His recommendation is for companies to "acknowledge the inevitable and establish clear information sharing policies and guidelines."
The solution: be prepared to strongly enforce information-sharing policies. If confidential information is being shared, even innocently, question the judgment of the sharer.

By the way, if you think Twitter isn’t mainstream enough to matter, think again. It’s currently got almost 700,000 users, many of them influential early adopters. Twitter isn’t going away, and like all tools, it can be used for both good and evil. Balancing Twitter’s dangers and benefits may not be easy, but you’d better start thinking about it today.

I just wish he'd written an article entitled "The Dangers of Not Having a Strong Information-sharing Policy" That's the real issue. There's no reason to get riled up over Twitter.


Gilmore's Law: The Net interprets censorship as damage and routes around it. -- John Gilmore

Rich and I are proud to call John a personal friend. :-)

Tools Don't Hurt Companies ( in category WebTech ) - posted at Mon, 07 Jan, 21:49 Pacific | «e»


Post a comment

Any posted comments will be viewable by all visitors. Please try to stay relevant ;-) If you simply want to say something to me, please send me email.

Comments from authenticated visitors (with a TypeKey ID), will appear immediately. Otherwise, all comments must wait for approval. Thank you for your consideration.