Stay on Top of How Your Organization Communicates in the Digital Age
Which electronic communication does your organization need a clearly defined HR policy that expresses your plan and the repercussions of not following it? Email? Messaging apps? VoIP calls? Texting? Chatbot conversations? Social Media?
The answer should be All of them.
The best tactic for an organization is to have a clear Electronic Communication Policy (ECP). This will help prevent any mishaps, especially in the following areas:
- Branding and reputation
- Exposure to corporate security breaches
- Confidentiality problems
- Lost productivity
7 ECP Must-Have Elements
- Establish proper usage rules.
Employees must know that all electronic communications, even if encrypted, are not confidential or necessarily secure. Therefore, they always need to keep messaging very professional on all mediums. You will also need to address how much personal use and a dialog will be tolerated. For example, eliminating all private texting is probably not realistic or enforceable. However, if you provide a company phone to each employee, you may limit the amount of texting, and you can see the conversation thread. These rules must include disciplinary actions for violations.
- Interval training on phishing methods.
Help your workforce identify suspicious communications and remind them to report them. This training needs to occur on a monthly or quarterly basis.
- Know your regulations.
In the healthcare field, you must follow HIPAA security rule standards. FINRA has requirements regarding the retention length required for digital communications if you are in the financial area. The DOJ has its conditions. The point is, be sure to know the requisites for your field.
- Ensure your company monitors and blocks specific software installations.
If you want to ensure employees aren’t susceptible to spear phishing, don’t let them log onto their social media and messaging channels while on your computer or smartphone.
- Periodically spot-check devices for violations.
Ensure employees do not log onto personal email or social media accounts or download PDFs from websites.
- Establish one contact that employees can go to if they have questions or concerns.
In addition, make it easy for employees to report violations as they see them to that person or an anonymous hotline.
- Move toward MFA logins.
MFA refers to the simultaneous use of three or more verification mechanisms. Access is granted only if the person seeking access can complete all requirements.
With regards to social media:
Social media allows us to share stories and photos, connect with friends and families and keep up with the news. But how much is sharing too much, and does this much put you at personal risk?
Follow these six tips to ensure you are safe on social media.
- Don’t Share Too Much Information (TMI)
You should never post your social security number, birth date, home address, or personal phone number on social media. Putting all your personal information online makes it easier for someone to steal your identity, impersonate you or potentially stalk you. Again, be careful of how much information you are sharing online and with whom you are sharing it.
- Take Control of Your Privacy Settings
- Only Add and Connect with People You Know
Don’t add someone to your social network just because you have a few mutual friends. You should only add people you genuinely know to protect yourself. If a friend request from someone seems fishy, more than likely it is.
- Search Yourself
Every once in a while, take a few minutes to Google yourself. Doing so allows you to see what everyone else can see about you. This is also helpful to see if anyone is trying to use your information to impersonate you or if they are using your photos and posing as you under a different name. Other social media service sites allow you to type in your name, and it shows you everywhere that name is being used on the Internet.
- Check your Workplace's Electronic Communications Policies and Procedures
So you just closed a big deal at work. You first want to share the good news with your family and friends on social media. But does your company allow that? Some companies have confidentiality policies and procedures, and sharing information about clients and projects is not permitted. Talking badly about a company, its employees, clients, or contractors on social media may be grounds for termination. Also, be aware that using social media on company time might violate company policy.
- Learn How Sites Can Use Your Information
SACS Consulting & Investigative Services, Inc. can help keep your organization, brand, and employees safe through a clearly defined Electronic Communication Policy. Contact us to speak with one of our HR Policies specialists to help circumvent disaster for this electronic-based threat.