Social Media Opportunities and Risks A Lifecycle Approach for the Enterprise

Transcription

1 Social Media Opportunities and Risks A Lifecycle Approach for the Enterprise The program will begin shortly. Please listen to the webinar through your computer audio. Make sure your speakers are turned on.

2 Some Reminders... During the call you can ask questions by clicking on the questions link at the top of your screen. We will address these questions following the presentation. If for some reason we are not able to get to your question(s) in the time allotted, our presenters would be happy to have a separate discussion to answer your inquiries. After the webinar, all attendees will receive a link to a copy of the presentation and recording 2

3 Discussion Topics The Social Media Landscape The Social Media Lifecycle Risk Management Questions and Answers 3

4 Discussion Topics The Social Media Landscape The Social Media Lifecycle Risk Management Questions and Answers 4

5 5

6 Top External (or Customer-Facing) Social Strategy Objectives 2011 Social website integration is the top external priority in 2011 for 47% of corporate Social Strategists 6 Source: corporateventuringconference.com Base: 140 Global Corporate Social Strategists

7 Adoption and Spending Forecast Reveals Key Trends for 2011 Three major social business spending areas Internal Soft Costs: This includes Staff to Manage the program, Education and Training, and Research and Development Customer-Facing Initiatives: This includes Ad/Marketing Spend on social networks, Traditional Agencies (deploying social media), Boutique Agencies (specializing in social media), and Influencer/Blogger Programs Technology Investments: This includes Brand Monitoring, Community Platform, Custom Technology Development, Social CRM (SCRM), and Social Media Management Systems (SMMS) Key Trends In 2011, corporations will increase spending on staff to manage social business though team sizes will remain small 78% of social strategists will invest in training and education this year, yet it will be underfunded Corporations will invest heavily in ad and marketing on social networks, though fail to truly engage or leverage the social graph More corporations will adopt brand monitoring, increasing their investment by 56% over last year, but return on investment (ROI) problem will persist Advanced corporations will invest in custom technology development, including integration of social networks on the corporate website To scale, more mature programs will invest in nascent systems, such as social media management systems (SMMS) and social CRM (SCRM) 7 Source: corporateventuringconference.com

8 Social Media Technologies by Function Archiving & Compliance Content Management Monitoring & Analytics Tools to facilitate capturing and storing social communications for regulatory compliance Tools to control and prevent violations Integration with existing archive platforms Tools to facilitate centralized and robust user interaction on social networks Implements workflow to allow review and moderation of content Central library for pre-reviewed and approved content. Listen, monitor, and engage in conversations in the social space Identify PR issues/negative events Platform to respond and engage in customer relationship management (CRM) Perform analysis on monitored social conversations Capture and measure brand sentiment Calculate ROI and track metrics Identify social trends and activities Example Vendors Example Vendors Example Vendors 8

9 Security Concerns Social Network Users More Vulnerable To Security Risks 21% accept contact offerings from members they don't recognize More than half let acquaintances or roommates access social networks on their machines 64% click on links offered by community members or contacts 26% share files within social networks 20% have experienced identity theft 47% have been victims of malware infections Facebook has been hit with malicious applications and new version of the Koobface virus, which allows hackers to steal information from personal profiles 9

10 Social Media Hacking Example 10

11 Another Risk Social Widgets 11

12 Discussion Topics The Social Media Landscape The Social Media Lifecycle Risk Management Questions and Answers 12

13 The Social Media Lifecycle STRATEGY Establish linkage to corporate objectives MEASURING THE RESULTS Collect data and validate against goals and adjust approach as needed Business Strategies CREATING THE PLAN Putting the plan into the corporate development process IMPLEMENTATION AND MONITORING Obtain final sign-offs and monitor the activity in a production mode DEVELOPMENT AND CHANGE MANAGEMENT Developing the product and testing in a nonproduction mode 13

14 The Social Media Lifecycle Strategy Activities Specifically scope the intended use and expected outcomes Assess the competitive landscape to determine if social media intentions are groundbreaking or already in existence from others Align the goals for social media usage with company business objectives STRATEGY Establish linkage to corporate objectives Determine potential social media functional options and align with existing marketing/communications processes MEASURING THE RESULTS Collect data and validate against goals and adjust approach as needed Business Strategies CREATING THE PLAN Putting the plan into the corporate development process Develop an inventory of risks that will be assessed and managed Develop methods and metrics for measuring intended results Identify high-level schedule and intended delivery of capabilities Determine appropriate gates for go/no-go decisions on rolling out the capabilities IMPLEMENTATION AND MONITORING Obtain final sign-offs and monitor the activity in a production mode DEVELOPMENT AND CHANGE MANAGEMENT Developing the product and testing in a nonproduction mode 14

15 The Social Media Lifecycle Creating the Plan Activities Identify executive sponsorship for the work Identify the stakeholders for implementing the social media capabilities and assign appropriate ownership Begin training of stakeholders STRATEGY Establish linkage to corporate objectives Define functional requirements and prioritize them Determine impact on existing technical standards/patterns and potential implications of new capabilities MEASURING THE RESULTS Collect data and validate against goals and adjust approach as needed Business Strategies CREATING THE PLAN Putting the plan into the corporate development process Select products/tools and implementation scheme (SaaS, selfmanaged) Review the skills needed to deliver the social media capabilities and identify gaps that may need to be addressed between those that currently exist in the company Develop a detailed project plan to include timeline requirements, resource needs, and dependencies on other initiatives Review company social media policies and revise as necessary IMPLEMENTATION AND MONITORING Obtain final sign-offs and monitor the activity in a production mode DEVELOPMENT AND CHANGE MANAGEMENT Developing the product and testing in a nonproduction mode 15

16 The Social Media Lifecycle Development and Change Management Activities Identify potential pilot and proof-of-concept needs Define the development environment design, and implement necessary technical capabilities and tools support Review infrastructure management procedures and confirm adherence to them Validate appropriate solution design and signoff procedures. Confirm testing requirements and overall design Confirm implementation requirements and coordination Define training requirements for pilot participants Design training curriculum and timing Develop communication plan for impacted internal and external personnel Define necessary monitoring capabilities and procure necessary tools MEASURING THE RESULTS Collect data and validate against goals and adjust approach as needed IMPLEMENTATION AND MONITORING Obtain final sign-offs and monitor the activity in a production mode STRATEGY Establish linkage to corporate objectives Business Strategies CREATING THE PLAN Putting the plan into the corporate development process DEVELOPMENT AND CHANGE MANAGEMENT Developing the product and testing in a nonproduction mode 16

17 The Social Media Lifecycle Implementation and Monitoring Activities Review final go/no-go requirements and determine appropriate actions STRATEGY Establish linkage to corporate objectives Conduct training with applicable personnel Create implementation checklist Distribute final communications to necessary internal and external personnel MEASURING THE RESULTS Collect data and validate against goals and adjust approach as needed Business Strategies CREATING THE PLAN Putting the plan into the corporate development process Implement monitoring capabilities Monitor production activities and create accountability for issues IMPLEMENTATION AND MONITORING Obtain final sign-offs and monitor the activity in a production mode DEVELOPMENT AND CHANGE MANAGEMENT Developing the product and testing in a nonproduction mode 17

18 The Social Media Lifecycle Measuring the Results Activities Collect key measurements and analyze results STRATEGY Establish linkage to corporate objectives Create reports to track results and comparison to intended metrics Identify gaps and determine ongoing expectations for results Determine next-phase (from pilot exit to full implementation) capabilities and ongoing enhancements to the social media capabilities MEASURING THE RESULTS Collect data and validate against goals and adjust approach as needed Business Strategies CREATING THE PLAN Putting the plan into the corporate development process Execute communications plan to socialize pilot results and define next steps IMPLEMENTATION AND MONITORING Obtain final sign-offs and monitor the activity in a production mode DEVELOPMENT AND CHANGE MANAGEMENT Developing the product and testing in a nonproduction mode 18

19 The Social Media Lifecycle Guiding Principles Governance Ensure that the social media capabilities have appropriate oversight and ownership Coordinate/integrate social media efforts with other marketing activities Monitor market developments with emerging social media offerings Establish appropriate review and quality assurance steps Capabilities Review current skill sets within the organization and validate what may be needed to deliver social media efforts. Introductory and expert usage training is essential. Make sure that the IT organization is appropriately involved for evaluation and consideration of social media designs Integrity Establish an environment where capabilities can be developed with appropriate oversight and security. Reinforce with clear policies and procedures. Design appropriate monitoring oversight for development and production environments Review interaction of social media capabilities with existing systems and business processes Validate risks and ongoing monitoring steps Security Validate security design Ensure appropriate access to development and production environments Review and implement automated tools to support security monitoring Integrate with your existing security and privacy practices 19

20 Discussion Topics The Social Media Landscape The Social Media Lifecycle Risk Management Questions and Answers 20

21 Regulatory/Legal Environment Three Italian Google executives are convicted of privacy violations The EU Article 29 Working party provided Opinion 5/2009 on social networking Increasing pressure is applied to Facebook to give its users more control over their personal information The U.S. Federal Trade Commission (FTC) has created guidelines on Internet privacy to protect consumers Senator McCain and Senator Kerry introduced a privacy bill that would require companies to clearly inform customers when their data is being collected and indicate how the information will be protected Canada has the Personal Information Protection and Electronic Documents Act (PIPEDA). Office of the Privacy Commissioner has been investigating Facebook. The U.S. HITECH act requires immediate disclosure to individuals and to media outlets when 500 or more individual records have been compromised. 21

22 Regulatory/Legal Environment (cont.) Google Inc. has agreed to settle Federal Trade Commission charges that it used deceptive tactics and violated its own privacy promises to consumers when it launched its social network, Google Buzz, in The agency alleges the practices violate the FTC Act. The proposed settlement bars the company from future privacy misrepresentations, requires it to implement a comprehensive privacy program, and calls for regular, independent privacy audits for the next 20 years. This is the first time an FTC settlement order has required a company to implement a comprehensive privacy program to protect the privacy of consumers information. California has tried to pass a bill that would force Facebook and other social networking sites to allow parents to police their children s pages or face fines up to $10,000. The bill, known as the Social Networking Privacy Act, would require sites to carefully monitor information on those pages of users younger than 18. It would also allow the parents to demand the site take down whatever they deem unsuitable for their child. Maryland's proposed User Name and Password Privacy Protection Bill is intended to protect the personal privacy of job applicants and employees in the State of Maryland. The bill was drafted because a Maryland Corrections Officer was asked to turn over his Facebook user name and password during an interview. U.S. Representatives Ed Markey and Joe Barton introduced a bill that would make it very difficult for anyone to go online and track young American children. The new bill would also prevent marketers from gathering information concerning teenagers personal information and location. 22

23 Results from UK Survey 39% No Policy 61% Have Policy Although policies may exist... 24% employees don t know policy exists 16% receive guidance on what to say 8% receive guidance on what to upload Social media policy Did you know? 51% of workers surveyed claim to engage in social media during work 14% of workers know of somebody disciplined for inappropriate social media activity Workers aged are most regular users 1 in 5 engage several times an hour 35% UK employees say social media activity is not allowed in workplace Source: Protiviti web article click here 23

24 Results from other recent studies 81% 69% 64% 46% Improve customer relations and build brands Value in recruitment Value in customer service Improves employee morale Gartner predictions for % 80% Enterprises will have a corporate face book Discretionary consumer spending influenced Sources: Russell Herder and Ethos Business Law Study Gartner 24

25 What s the Risk? Regulatory Risk Statements or other shared media could violate regulatory and compliance requirements. ( Famous person A just visited our healthcare facility and was treated for ) IP Loss Information that is strategic to a company could be inappropriately released. ( Company A whom I work for is working on this cool new project to ) Sensitive Data Loss Data that potentially violates regulatory/compliance requirements could be communicated. ( Celebrity A just came to the hospital to have this treatment done ) Reputation Risk Slanderous remarks and comments from a disgruntled employee could created damaging perceptions. ( If you work for Company B, you will be mistreated and not respected... ) 25

26 What s the Risk? (cont.) Financial Risk Remarks about company performance could impact stock price and performance. ( The strategic plan for Company C is not going to work and results are not going to be good ) Safety Risk Release of information about what someone is doing or where someone is traveling. ( Our executive team is meeting at Location Z ) Personal Reputation Loss Remarks made by an individual or friends of an individual could be viewed by others ( I can t believe what happened the other night when I was out for dinner ) Lack of Governance Appropriate involvement of stakeholders and executive oversight do not correlate social media activities to company objectives and culture. 26

27 What s the Risk? (cont.) Metrics Integrity Risk Metrics used to measure results of social media efforts may be invalid or inappropriately measured leading to poor decisions and investments. Litigation Risk What is said on social media sites can, and will, be used against individuals and companies in a court of law. Infrastructure Stability Risk The rich content and enormous traffic loads of social media communication will consume network (bandwidth) and storage resources. Knowing what to plan for is difficult. Information Security Risk Access to social media sites opens the door to unauthorized disclosure of information as well as in-bound malware and phishing attacks. 27

28 Social Media Policies An Opportunity Don t Start From Scratch Leverage your existing policies (acceptable use, communications, HR, etc.) and use the topic to reinforce what you have in place Many companies are sharing their work Use new technologies to raise awareness of security, privacy and your organization s focus on risk management Reinforce enterprise commitment and why it exists Make sure employees understand how the technologies will be used (Acceptable Use) Communicate the business need and the risks Socialize your decision and the criteria Use the opportunity to educate your employees on personal use Create process to gather feedback and incorporate changes into future versions of the policies 28

29 Where Organizations Typically Seek Assistance Refining the scope of the effort Help with defining what the intended benefits will be and linkage to other strategic initiatives Building meaningful and measurable metrics of merit Identify data sources for gathering metrics Develop scorecards showing trends and support for intended benefits Product selection and implementation Organizing a pilot and plan to scale Develop an appropriate timeline Identify appropriate stakeholders Provide perspective on available vendor tools and capabilities Identify and implement risk management capabilities Inventory risks based on the initiative Information security policy refinement 29

30 Discussion Topics The Social Media Landscape The Social Media Lifecycle Risk Management Questions and Answers 30

31 Contacts Tom Andreesen Managing Director t: m: Ryan Rubin Director t: m: Cal Slemp Managing Director t: m: John Hollyoak Senior Manager t: m:

32 Join Protiviti at Gartner Symposium ITxpo 2011 Orlando, Florida, USA October 16 20, 2011 Join 7,500 senior IT executives including 2,000 CIOs Continue the discussion on social media and a host of other topics meet with Protiviti and Gartner experts Need more info? Visit 32

33 Appendix Live Poll Results 33

34 Appendix Live Poll Results 34

35