Federal Guidelines for Social Media Review

Monday, April 05, 2010

Mike Meikle

49afa3a1bba5280af6c4bf2fb5ea7669

In my last post, I referenced the relatively new (Sept 09) federal guidelines for Social Media security by the federal government.  

I went ahead and put the guidelines in the  online storage widget for anyone to access.

I’m going to discuss my own findings and try to make sense of all the bureaucrat/corporate  speak in the document.

Let’s start from the top shall we?  The document’s executive summary rightly categorizes the decision to move to social media as a risk-based decision.

 The technology behind it all is really no where near as important.  As was discussed in the previous post the “why” is far more important than the “how”.  

The Feds are a huge target for every known and unknown type of malcontent so they include a quite extensive section on risk mitigation, which we’ll get into later.

It is also nice to see that the folks who crafted the document push the fact that the move to implement social media in an organization must be a business decision.  So, a real business case must be crafted as to why the move into social media is necessary.

 Of course IT cannot take the default “no” position on social media.

 This is ingrained in our psyche due to the endless crappy MS Access applications we had to support back in the day.  

These were usually written by a guy who moved to Botswana and the entire department’s budget depended upon (eye twitch).

Once you jump out of the Executive Summary, it’s the usual government hodgepodge of cross-referenced mandates as to why the document came into existence.  

In the next post I’m going to provide links to each supporting document with a small blurb about each.  I’ll also toss them into the storage widget for ease of download.

Possibly Related Articles:
5300
Privacy
Social Media
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.