Mixed messages persist on social media

As use of Web 2.0 tools expands, urgency grows for consistent policy

Feds are finding social media to be something of a paradox.

Agencies increasingly use social media channels to connect with people, whether it’s the State Department using Facebook to ‘friend’ people around the world or emergency response agencies using Twitter to spread the word in times of crisis.

But for all the official use of social media and Web 2.0 tools, many feds on the job feel as though they weren’t invited to the party. For some, it’s as though agencies are playing a parent telling them, “Do as I say, not as I do.”

We recently reported on a GovLoop post from Benjamn Strong, director of marketing and public relations of the Coast Guard's automated mutual assistance vessel rescue system, in which he wrote he was “mad as hell” over the lack of access to what he sees as useful on-the-job communications tools, including social media sites and short-URL services.

“Here is a short list of things I can't access at work. Flickr (to UPLOAD photos), Twitter, Facebook, Hootsuite  (which the White House uses!) bit.ly, LinkedIn, and more are added every day. I can, however, access eBay and apparently some of my colleagues can access porn!”


Related stories:

Are you mad as hell about social media access?

A few tips on keeping short URLs from spelling big trouble

Air Force writes a book on social media protocol


Readers commenting on the story were, like agency policy-makers, of two minds about the issue. Many readers echoed Strong’s frustration, but others backed the idea of blocking such sites, for reasons of both security and workplace efficiency.

“I'd love to look at that slide deck [referred to in the story] but unfortunately the Slideshare Web site (as well as the others) is blocked at SSA,” wrote AMB-aspiring.

“None of the links [in our story] were available to me and the system gave me various and assorted reasons for being blocked,” wrote Chip in Hollywood, Fla. “The link to the article about porn was blocked because it was porn according to our system. The other links were blocked because of social media, marketing or shopping. Ironically, I can get to Ebay with no problem, but not Amazon.” (Our link from the word" porn," for the record, went to an article about the case to which Strong referred, not to any actual pornography -- but the very word results in blocks on many systems.)

Maybe it’s time for a governmentwide policy?

“Earlier this year the DOD put out a comprehensive policy on access to these kinds of services. The default is OPEN and not closed access,” wrote Bob. “Looks like it may be time for the White House to issue a similar policy for all of government. It would just take a few word changes and the president's signature on an executive memorandum to make ‘open by default’ the policy for all agencies in the Executive Branch.”

“While it is my opinion that social media sites are grossly abused by both industry and government employees and in general the waste far outweighs the potential benefits, I must agree that the lock downs are a prime example of knee jerk reactionism,” wrote Michael D. Long of Knoxville, Tenn., “A comment … about the Department of Commerce made me think of a conversation I had with one of its employees. I raised a specific point about certain slides in a PowerPoint presentation being inconsistent with federal regulations. The Commerce employee was blocked from accessing the department’s own Web site, and could not view the material I cited.”

Several readers argued that user education, not prohibition, was the best way to ensure security.

Shawn in Richmond, Va., wrote: “Saying blocking social media sites due to malware is a pretty lame excuse to use, since none of us block e-mail and yet thousands click on links in an e-mail and get infected. The only true way to fight malware is through constant user education. Show them the sites that can check a short link's destination and they have power over the malware links! Common sense and education is really the only defense.”

“Social Media is here and, blocked or not, it is not going away,” wrote Social Media Advocate in Virginia. “The best wait to mitigate the risks involved with it is through training and education of employees. To those entering the workforce, social media is a way of life. Just because the sites are blocked at work will not stop data leaks. The argument about time wasted on social media sites is a moot point. Employees waste time regardless of the site. If it is not Facebook then it will be CNN.com, ESPN.com, or the ever popular ebay.com. Social media is already thriving in the government environment and now we just need to figure out how to coexist with it.”

Not every reader is convinced, however. Some said security was too important a concern, others wondered whether people really need Facebook on the job, and others advised using personal devices, rather than agency hardware, to use social media.

“Those of us in the IA field generally oppose access to social media sites as they are a big source of malware and data leaks,” wrote Richard. “Couple that with supervisors telling me many of their employees spend more time at social media sites than doing work and it becomes a fair question to ask why do we allow access to them.”
 
“There are nearly zero legitimate reasons for Facebook et al … from my workplace. I would fire any staffer caught wasting government resources on such foolishness,” wrote Irascible SCIF. “Since we record every keystroke and every phone conversation, and our government keeps us constantly undermanned, we have neither the time nor the desire to tweet about the lunch we didn't get to have yet again. SocMed on your own time, unless you are making a honey pot.”

FedContractor wrote that short-URL services such as “tinyurl and bit.ly are potential indirect sources of attack. Since you cannot review the URL you cannot determine where you are heading. You may be routed to a malicious host. It makes sense to block these though it does inconvenience us.”

With the potential risks from those services in mind, the General Services Administration recently began testing its own short-URL service at Go.USA.gov. The service is limited to people with .gov, .mil, .fed.us, and .si.edu e-mail addresses.

Still, for some readers it comes down to what gets done at work.

“Close it off,” wrote CommonSense. “I got used to not checking personal e-mail at work years ago; too big a security hole, and guess what — I’m still alive and happy! Get a cell phone to check your personal mail if it's that important to you. It was, so I did. Market-driven ‘social media’ might have a place at home, but not at work where too much is at stake.”

“More power to agencies to shut down the social media sites. There is enough trash on them now,” wrote another reader. “What happened to the old adage of actually ‘working for a living’ rather than spending one's energies on endless banter.”

 “I use my own smartphone, that way nothing is blocked,” wrote Gov Man in Austin. “Why use the government network for those things?”

Of course, social media is still nascent in government and maybe it will just take time for agencies to get a handle on it.

“The Department of Commerce was locked down pretty tightly for quite a long time in terms of access to social media web sites,” noted one reader, “but recently actually relaxed their blocking policies and started removing some of the blocks to common sites. In a climate of overreaction to security concerns, this was welcome and surprisingly logical.”

Bill from Northern Virginia agreed: “Both DOD and DOC had very restrictive policies on social media web sites and both have relaxed those restrictions to balance risks against need for access.”

If you’re looking to see how other organizations handle things, the site Social Media Governance maintains an expansive, if not comprehensive, database of public social media policies, including those of federal, state and local entities, as well as a few international ones.

 

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.