Blogs

With social media, there are a number of accounts that can be associated with your organization. 

First, there are the official accounts – these are the accounts created by your organization for its particular needs and uses.   Some social media services offer organizations the ability to create specific accounts, such as Facebook Pages and LinkedIn Company accounts.   At least, with the larger commercial services, however, this is still largely the exception rather than the rule.

It is very common for these accounts to use either the name of your organization or a variation of it, for example @DellOutlet on Twitter or your organization’s LinkedIn Company page.   It should be noted that for most commercial services, the account still belongs to the user who created it – when Rick Sanchez left CNN, the @RickSanchezCNN Twitter account and its 140,000 followers left with him.   Of course, CNN was not very happy about that!

The semi-official accounts - these are often accounts under users’ names rather than the organizations’, but the user in question is senior enough in your organization that the connection is clear.   For example, AIIM President John Mancini’s Twitter account is @jmancini77 but there’s no real way to dissociate himself, and that account, from AIIM.   These accounts, strictly speaking, aren’t directly covered by the policy but as a matter of practice should follow it because of the risk to your organization.   

The unofficial account - these are completely personal accounts under user’s own names, nicknames, hobbies, etc. that have nothing to do with the organization, or mention it in passing and in a neutral or positive way.   The primary interaction between these accounts and your organization’s policy should be on inappropriate usage because of the possibility of connecting the user to your organization.   In other words, if one of your junior staffers’ posts patently offensive content through their Facebook account, that doesn’t, otherwise, identify the staffer as a member of your organization, the risk of liability to your organization is reduced – but because the staffer could be identified as a member of your organization, it could still be embarrassing.   

Unauthorized accounts - here we refer specifically to spoof, parody, satire, or other types of accounts that could be misconstrued as official accounts and which could cause real harm to your organization and its reputation.   A great example of this is the @BPGlobalPR Twitter account that was started after the Gulf of Mexico oil spill in 2010.   The account used BP’s logo and posted very insensitive updates about the spill, the people of the Gulf, etc.   I’ll talk about how to find and address these accounts in a moment.   

In LinkedIn’s case, in particular, there is really no simple way to make an unauthorized company account because an email domain has to be provided and verified.   It is unclear to what lengths LinkedIn goes to verify that the domain submitted is the official domain, but regardless, LinkedIn does not allow multiple company accounts for a given domain.  The other major commercial services do not have such a policy in effect.   

Groups are exactly what they sound like – places for like-minded professionals to share content, make contacts, or have discussions on any topic.   Facebook and LinkedIn offer thousands of groups and more are created every day.   Groups can be open or limited to just members of that service – or even to just members of the group who must be added and/or approved by group administrators.   

It’s difficult to describe groups as official or unofficial – according to most services’ terms, groups are created by whoever wants to create them and for whatever purpose as long as they do not run afoul of those terms of the site.   Organizations should certainly be aware of groups that identify themselves directly with your organization – for example, a group called “AIIM Chapter Presidents” or “AIIM Training Partners” would definitely be of interest to AIIM.   

How to you find these accounts

The first step to take to identify organizational accounts is to look for them.   The first two methods will generally be self-directed and involve a single person, or small group.   For the internal review, the team will ask likely individuals what accounts they have created on behalf of the organization.   A simple survey can be created for your organization designed to answer the questions, “Do you use social media on behalf of the organization?  If so, how?”  This is especially critical for senior managers and prominent figures in your organization for whom it would be difficult to dissociate them from your organization, itself.  Likely owners of these types of accounts include sales, marketing, communications, and other outward-facing areas of the organization.

The other question to ask is whether or not employees know of other accounts set up on behalf of your organization.   They may know of a Foursquare account, or a Google+ account, or a Pinterest account that exists.   

Next, your organization should conduct an external review.   In this method, the team will identify the most likely services where accounts might exist and try to uncover any potentially official (and unofficial or negative!) usage.   So someone from AIIM would go to Facebook and Search for, say, “AIIM”, “The Association for Information and Image Management”, “The ECM Association”, “AIIM International”, and so forth.   By simply typing “AIIM” into the Search field, the user would find the main AIIM Page (AIIM Network for Intelligent Information Management), AIIM Certificate Programs Page, The AIIM Conference Page, the AIIM Conference 2013 Group, and a number of individual users’ accounts that presumably have something to do with AIIM.   Notably, however, this search would NOT find the Social Business community Page, which is an AIIM account, nor AIIM Standards, which is listed as a Place and also as a Group.   

The user would then go to Twitter, LinkedIn, FourSquare, MySpace, Digg, YouTube, along with other sites, and do similar searches.   This is, in a real sense, a fishing expedition – and will likely produce a lot of false hits.   

Another method to look for these accounts – particularly for unauthorized or potentially harmful ones – is to set up searches and alerts on the major search engines.   Doing a Google Search on AIIM for example found, in addition to the ones we’ve already listed, our Slideshare social sharing channel, a number of blogs and wikis and a host of chapter social media presences.   

Searches have to be thorough and use a variety of targeted search terms.   However, most search engines will also let users set up alerts so the query runs periodically and automatically notifies them when something is found.   This can significantly reduce the effort required to stay on top of social media proliferation.   

One of the things that is most uncomfortable about social media in the enterprise context is that your organization must be willing to give up some control – because it no longer has the means to enforce that control.   In the social media era, where creating an account is quick, almost always free, and subject more to the service’s Terms of Service than to legal threats, control is less and less workable.   

Your organization should instead put into its policy and processes means to identify unauthorized accounts and start with a discussion with the account owner, where possible, followed by a discussion with the service provider where applicable.   And, of course, if your organization is subject to numerous and sustained efforts against it, via social media, perhaps some consideration is warranted as to why that is.   Sometimes people have their own agendas - but it may be that your organization has some responsibility, as well.

Tell us about your experience in setting up social media governance in your organization.