CIOs will need to rethink their IT governance policies as employees turn to social media tools to collaborate at work, according to research from analyst group Gartner.
IT departments make the mistake of ignoring social media at one extreme or banning it at the other, when what they really need is a risk based strategy, says Gartner research director Julie Short.
"Just locking down systems is not a good approach. As social media becomes more a part of business, people find more creative ways of getting around the controls," she said. "You don't want them to do that. You want to know what they are doing."
Gartner: Three actions to support governance as business gets social. Click here to download this article from Garner. (Requires registration)
Gartner advises CIOs to look at the risks of social media to the business as a whole, not just the IT department.
The strategy will need to recognise that certain parts of the business are more risk averse than others, she says.
For example, HR and marketing may adopt social media and collaboration tools very quickly, while finance departments will be more cautious, and may have to take regulatory issues into account.
It is also important for CIOs to understand who the audience is for social media to assess the potential risks to the business.
"The danger is adopting social collaboration, is to take a thoughtless approach, without understanding the consequences, " she said.
"Propriety information may be opened up to people in the wrong part of the organisation or the outside. That might create issues for audit and compliance."
But a too prescriptive approach can make it harder for employees to do their jobs effectively.
Social media will encourage businesses to adopt principles based governance policies, that will leave more discretion to employees, rather than introducing strict controls.
"It brings in the human factor and we are not accustomed to that," she said. "How do you enforce principles, and how do you make your employees adhere to principles ? It's a completely different mind-set."
The biggest problem with governance in IT is that people have very different views what governance means, says Short.
"Many times when you are speaking with different individuals you have to clarify what you are talking about. In many instances governance equals control. But its also about decision making and being clear in the organisation what decisions are being made."
Principles for managing risks
Sign-up to Computer Weekly to download articles from Gartner analysts:
The security risks of outsourcing
CIO briefing: The future of client computing
CIO briefing: The future of Oracle SPARC
How to measure the business impact of outsourced services
Two-tier ERP strategy - considering your options
Microsoft SharePoint: Watch out for new kinds of content and applications to manage in 2011
How businesses can make use of social apps
The IT department
How to plan the size of your IT department
The role of the IT department in mergers and acquisitions
Android 2.2 for the enterprise
The future of videoconferencing
The impact of cloud computing in retail
7 configuration management tips for virtual and cloud infrastructure