Yesterday, I was part of a presentation at NTEN's 501Tech NY monthly gathering. It was an interesting gathering with some good give and take, and I learned a lot from listening to what people had to say. One exchange, in particular reinforced some lessons that I think are really important (and not all of them are technological.)
One person brought up a situation that her organization had just encountered and wanted some thoughts on the matter. A young woman in her organization had been spending a huge amount of time during work hours tweeting very negative things about the organization. It was bed enough that she was fired. What could we offer her in the way of insight?
Nick Pytel, the other presenter, started off with some good advice on how to control access to various web sites on work computers. "Oh, but she wasn't using a computer - she was using her smart phone." And, whose smart phone was she using? Hers. At that point Nick pointed out that there weren't any good technological solutions. In fact, there probably aren't any (legal) technological solutions.
Takeaway: Technological controls on technology generally make sense, when sensibly used, but there are limits to what you can do.
I wanted to discuss that point. I said "Where was her supervisor. Who was her supervisor?" The questioner responded "Me".
Laughter.
OOPS.
At least the laughter was friendly. And it was directed at me, rather than the questioner. Which was fine - she didn't deserve that; I did. Although that's not what I intended, I implied that the supervisor had not been doing her job. That's not a very effective way to move a discussion along.
Takeaway: Be very careful about using one liners and quips to make nuanced points.
How did they discover the problem? The young woman developed an attitude that she showed at work. And, her work started suffering as well. Those were clues that led them to look for, and find her tweets. (They weren't looking for tweets in particular, but they were looking for on-line activity.)
Takeaway: "Old fashioned" people management still works! As noted, there was no way internal technical controls could have prevented, or even caught, the problem. But, paying attention and making reasonable deductions from the clues you get, did catch the problem.
Takeaway: No matter what you do, you can't ignore social media anymore. You may not have an organizational social media presence, and you may decide to just ban the sites from work (often not a terribly good idea.) But, that won't keep you from being mentioned on social media. It will just mean that if you do get mentioned, you won't have any control. So, as an organization, you need to get savvy about social media, and make sure that someone is keeping an eye on your internet presence.
Thursday, August 18, 2011
Monday, February 28, 2011
Someone recently tweeted this link to part of an episode from Grey's Anatomy (http://www.c4lpt.co.uk/blog/2011/02/10/twitter-as-a-learning-tool-for-surgeons/) If you look at the link, you will see it does not point to Grey's anatomy. Rather it's a link to a blog that focuses on educational and communications related technology tools. And, this episode is about using twitter as an educational tool.
Of course, this particular episode is still not quite reality. And, it's going to take time to get social media to get to the point where this kind of collaboration can really happen as a matter of course. I suspect that private networks or sub-nets are going to be necessary for this to really work. But, it's a really thought provoking glimpse of what might be possible.
Of course, this particular episode is still not quite reality. And, it's going to take time to get social media to get to the point where this kind of collaboration can really happen as a matter of course. I suspect that private networks or sub-nets are going to be necessary for this to really work. But, it's a really thought provoking glimpse of what might be possible.
Monday, February 21, 2011
So what if you have a data breach?
Last week I posted about a data breach at the HHC (http://www.phiprivacy.net/?p=5884) in which a tape with data on approximately 1.7 million people was stolen. I want to make another point that this event brings up.
Have you thought about the possible effects of such a data breach on your organization? The HHC got lucky in that it didn't get as much coverage as some other breaches have gotten. Besides, even if it did get lots of bad publicity, the HHC doesn't have to care.
Would you be able to say the same thing if your organization were the one losing all that data? Could you really expect to have the loss fly under the radar? And even if it only hit the local news circuit, could you really afford not to care? Or could it mean that people will stop coming to you for the help you try to give them?
And think about this. The HHC may not need to worry about bad publicity. But they DO need to worry about their budgets. And, they will be taking a financial hit over this. Yes, they intend to sue the vendor who lost the tapes for some of the cost of the measures they now need to take. But, the very best that the HHC can expect is that they will have to extend a large amount of money to deal with the problem and only get paid back in the future. That's not a good thing, financially speaking.
What would it cost your organization to deal with a data breach? Could you afford it? Keep that in mind when yo make decisions about the measures you take to insure that your private date STAYS private.
Have you thought about the possible effects of such a data breach on your organization? The HHC got lucky in that it didn't get as much coverage as some other breaches have gotten. Besides, even if it did get lots of bad publicity, the HHC doesn't have to care.
Would you be able to say the same thing if your organization were the one losing all that data? Could you really expect to have the loss fly under the radar? And even if it only hit the local news circuit, could you really afford not to care? Or could it mean that people will stop coming to you for the help you try to give them?
And think about this. The HHC may not need to worry about bad publicity. But they DO need to worry about their budgets. And, they will be taking a financial hit over this. Yes, they intend to sue the vendor who lost the tapes for some of the cost of the measures they now need to take. But, the very best that the HHC can expect is that they will have to extend a large amount of money to deal with the problem and only get paid back in the future. That's not a good thing, financially speaking.
What would it cost your organization to deal with a data breach? Could you afford it? Keep that in mind when yo make decisions about the measures you take to insure that your private date STAYS private.
Subscribe to:
Posts (Atom)
Posts
