I called out Michael Krigsman via Twitter when he posted Twitter is dangerous yesterday. His statements are pandering to the security industry “leaky network” fearmongers and the naysayers who feel threatened by the changes that can be brought about in more open corporate communication.
I am far more inclined to agree with Ed Yourdon’s position.
The introduction of tools that facilitate open communication channels inside the wall, between business elements and more perhaps importantly between business and consumer are a risk, but they are a risk that should be mitigated through the implementation of adequate and appropriate information and systems security policies (I feel qualified to speak on this, at least a little, as I’ve spent some time as a frustrated corporate network policeman working in an organisation who felt the need to block pretty much everything at the firewall — it’s not surprising I didn’t last much more than a year in that job).
Taking the approach of blocking and banning does organisations with staff wanting to implement and use social tools no favors at all. What inevitably ends up happening is a variant on Gilmore’s Law and these organisations end up with unauthorised implementations of tools so that staff can do their jobs properly.
Faced with users wanting to implement and use tools like wikis, blogs, Twitter, Facebook, Ma.gnolia and del.icio.us or any other “2.0″ variant where the communication channel is far more open — whether that tool is implemented fully within or extends through the wall — organisations need to rethink their information and systems security policies. These policies need to be reimagined in a way that allows staff open and easy access to the tools they need to do their jobs properly while also considering the fact that not all corporate data is appropriate to disseminate or store on such platforms.
A well thought out policy will more than adequately address issues of appropriateness, consideration before release, when and when not to use a particular channel and related matters. IBM’s blogging guidelines are a great example of a well-considered policy that deals with these matters appropriately.
So Michael, no, Twitter isn’t dangerous. What’s dangerous are inadequate policies around using these tools.