Popular social networking sites, such as Facebook, Twitter, and LinkedIn, are causing a stir in the financial services community as well as other highly regulated industries as companies seek ways to control how the sites are used to communicate with potential clients and colleagues.
Social networking sites have proved valuable for sales-lead generation, marketing and general broker-client relations, but regulators have been quick to take notice and to offer the same warnings they did more than a decade ago when email and instant messaging (IM) became common.
[ A study found half of all social networkers post risky information. | Stay ahead of the key tech business news with InfoWorld's Today's Headlines: First Look newsletter. ]
However, controlling communications on social networking Web sites is far more complex for corporations because they're attempting to control communications on Web sites that are outside their IT systems and that are almost continuously changing or adding to the number of applications that can be used to network.
"It is a big issue. In fact, I think it's a bigger issue [than email and IM]," said Ted Ritter, an analyst with Nemertes Research. "For IM and email, you pretty much use standard port and protocols. You just have to be in the right spot in the network to capture it and monitor it."
Social networks are more akin to webmail, where there are many different ways to access the sites, which makes it more complicated from a technology standpoint, Ritter said.
"For instance, what do you do about people who have mobile updates to Facebook?" he said. "From an audit standpoint, as auditors become more aware of the issues, they are going to look for controls."
Ritter said businesses will not only have to monitor social networking communications, but they will have to capture the traffic, audit it, and log it.
Issue first cropped up with email, IM
Around the turn of the century, the financial services industry grappled with controlling IM and email traffic. Soon after the electronic messaging mediums became popular, a pattern emerged in the business community where financial firms would first block all electronic communications external to the company, then they would adopt proprietary email applications for corporate wide communications or restrict the ports over which IM traffic could travel in order to monitor and capture the communications.
The same patterns are emerging with social networking, experts say, and seeding a cottage industry of vendors offering software and services to control and capture corporate social networking traffic. Some of those vendors include enterprise instant messaging security vendor FaceTime Communications, firewall provider PaloAlto Networks, IM and mobile text messaging archiving firm DexRex Gear and SaaS middleware provider Socialware.
Today, many businesses are attempting to simply block all access to social networking sites for employees who would fall under regulatory scrutiny, such as broker-dealers and sales and marketing representatives, even though these employee are finding the sites invaluable.