I called out Michael Krigs­man via Twit­ter when he posted Twit­ter is dan­ger­ous yes­ter­day. His state­ments are pan­der­ing to the secu­rity indus­try “leaky net­work” fear­mon­gers and the naysay­ers who feel threat­ened by the changes that can be brought about in more open cor­po­rate communication.

I am far more inclined to agree with Ed Yourdon’s posi­tion.

The intro­duc­tion of tools that facil­i­tate open com­mu­ni­ca­tion chan­nels inside the wall, between busi­ness ele­ments and more per­haps impor­tantly between busi­ness and con­sumer are a risk, but they are a risk that should be mit­i­gated through the imple­men­ta­tion of ade­quate and appro­pri­ate infor­ma­tion and sys­tems secu­rity poli­cies (I feel qual­i­fied to speak on this, at least a lit­tle, as I’ve spent some time as a frus­trated cor­po­rate net­work police­man work­ing in an organ­i­sa­tion who felt the need to block pretty much every­thing at the fire­wall — it’s not sur­pris­ing I didn’t last much more than a year in that job).

Tak­ing the approach of block­ing and ban­ning does organ­i­sa­tions with staff want­ing to imple­ment and use social tools no favors at all. What inevitably ends up hap­pen­ing is a vari­ant on Gilmore’s Law and these organ­i­sa­tions end up with unau­tho­rised imple­men­ta­tions of tools so that staff can do their jobs properly.

Faced with users want­ing to imple­ment and use tools like wikis, blogs, Twit­ter, Face­book, Ma.gnolia and del​.icio​.us or any other “2.0″ vari­ant where the com­mu­ni­ca­tion chan­nel is far more open — whether that tool is imple­mented fully within or extends through the wall — organ­i­sa­tions need to rethink their infor­ma­tion and sys­tems secu­rity poli­cies. These poli­cies need to be reimag­ined in a way that allows staff open and easy access to the tools they need to do their jobs prop­erly while also con­sid­er­ing the fact that not all cor­po­rate data is appro­pri­ate to dis­sem­i­nate or store on such platforms.

A well thought out pol­icy will more than ade­quately address issues of appro­pri­ate­ness, con­sid­er­a­tion before release, when and when not to use a par­tic­u­lar chan­nel and related mat­ters. IBM’s blog­ging guide­lines are a great exam­ple of a well-​​considered pol­icy that deals with these mat­ters appropriately.

So Michael, no, Twit­ter isn’t dan­ger­ous. What’s dan­ger­ous are inad­e­quate poli­cies around using these tools.