How to Develop a Social Media Policy
Access to social media has never been easier these days. Just about everyone has at least one social media account updated as frequently as within the minute, hour, day, or week (depending on how much of a social media addict you are). This is in fact a widely spreading addiction which is beginning to trouble experts from all fields. Sure, social media is useful, but there are potential dangers in its abuse.
Take, for example, social media at work. There has been much talk regarding how social media can be regulated at work, and especially with businesses using social media platforms as part of the business in terms of marketing and customer service. Herein comes the social media policy.
What Is a Social Media Policy?
A social media policy is a document put in place showing best practices, guidelines, and procedures for employees who post content over the Internet, either professionally as a part of their job or personally as an individual. Having such a policy in place is a good idea for any company or business to reduce risks for both employer and employee.
At present, there are two general approaches to addressing social media policy—namely drafting a separate social media policy addressing all issues pertaining to available social platforms, or writing the policies on the go or as needed when complications arise.
What Should Be in a Social Media Policy?
Crafting a social media policy is more like a smelting pot. It needs original material as well as new material, so as much as possible input from employees themselves must be taken into consideration in shaping policies regarding what an employee can and cannot do on social media.
In shaping your policy, the following pointers should be considered:
- First of all, if it isn’t already covered in their employment agreement, then it should be. You should review employment agreement and policies to see if there is something left out regarding social media. Remind employees to do the same when reviewing their agreements in order to get input from them as well.
- The social media policy should clearly state or indicate its scope of application includes all social networking sites, multimedia, wikis, and blogs that are used both professionally and personally.
- Comments published by employees on social media regarding any area of the business must be acknowledged as made by the employee along with a disclaimer. A disclaimer is a note saying that the views or opinions made the employee are his alone and do not necessarily reflect the views and opinions of the company the employee is working for.
- As stated in an employee’s agreement regarding confidential or proprietary information, there should not be any disclosure of such in any Internet post, blog, or comment to any other third party.
- Posts, blogs, or comments should not involve any company logos or trademarks without any permission from the company.
- Any copyright, privacy, fair use, financial disclosure, or other applicable policies must not be posted or included in any post, blog, or comment in reverence or respect of such laws or policies.
- Posting in company or corporate blogs, i.e., Facebook or Twitter accounts, requires approval if any employee wishes to be posting about or on behalf the company business or market.
- Employees should not claim or in any way imply to be speaking or representing on behalf of the company without expressed permission.
- All rights are reserved by the company in regards to requesting subject avoidance, post withdrawal, and removal of any improper comments.
These points should be fair and simple enough not to be understood and agreed to by any employee. Remember, the policy can be updated to suit the needs of the company and the employee.
Social media can be a great resource for gaining insight into the opinions shared by the employees and the community in general. It also helps in building a reputation for the company, and help the company promote its brand or service to the community. The important thing is in setting the boundaries of what can be allowed and what can be considered as fair and proper use of social media, in consideration of any due task or duty.
Tips for Promoting Your Social Media Policy in the Workplace
Having made your policy, now it’s time to use and enforce the policy. The task of enforcing the social media policy is as important as creating the policy itself. Once your policy is clear, outline it in a bulleted list of key points which will serve as guidelines concerning the use of social media. It is also important to highlight any changes to the policy and send out memos of the updates.
1. Risks and Corresponding Steps
Spelling out the risks involved in connection to your company’s reputation or standing and the steps that should be taken in the event of such risks happening help in protecting your company’s reputation. It lowers the chances of any potential legal implication. Always cover all possible bases with a risk plan. As the saying goes, it is always better safe than sorry.
2. Standards for Use
Setting proper standards and expectations for employees allow an employee to creatively express their opinions or comments without them having to think of negative implications to their work. Having an employee understand what can and cannot be posted allows the employee a degree of freedom of expression within the bounds permitted by common law or as determined as useful by the company.
Social media is still media, and getting attention always helps a business (provided this attention does not tarnish or degrade the reputation of the business, but that’s how it goes in modern marketing trends: all attention is good attention and can be commoditized).
3. Develop Consistency
Implementing a social media policy is one thing. Consistently adhering to the policy is a totally different affair. For companies having employees who must face the public constantly and interact with them, it is important for the employees to understand any standards that have to be followed or maintained with respect to the brand or product.
Developing a strong voice or presence in the market is essential in establishing a solid consumer base, and bringing in front-liners who understand this cause further cements your brand reputation in the market.
Definition of Roles
After assigning roles to employees in relation to your social media policy, it is vital to clearly define what the responsibilities are and who takes ownership of what issues in relation to your social media policy. Having clear and set responsibilities helps eliminate potential confusion or overlap of authority or responsibility.
The areas of responsibility that should be clearly determined involve the following:
- Branding guidelines – the brand is a representation of the company. It is the company’s reputation—how the company presents itself and how it is perceived.
- Social media post approval process – outlines the steps that should be taken before any post on social media can be approved.
Online Customer Service Protocols
Online customer service protocols are the rules and corresponding courses of action to be taken in cases or issues in connection to customer service. Some of the common dictates in these protocols:
- Listen – It is true what they say that no man is an island. People want to be heard and understood. Listening to what people say means we understand their needs and anticipate their needs to provide on-time, friendly service.
- Smile and be friendly – Typical textbook rule in customer service. Even smiling when answering over the phone exudes a warmth and welcoming that translates over the line in your voice.
- Take that extra step, go the extra mile – These are the small things that make a lasting impression. The simple act of offering a drink when a customer comes in, smiling when delivering orders to customers, or simply opening a door or offering a chair while they wait goes a long way and makes wonders on a customer’s impression of your business. There are numerous ways to be creative with that extra effort. And it might just be what it takes to make a devoted customer out of that walk-in client.
- Honesty – We do not hold all the answers to every question under the sun. It is important to be honest but assure the customer that you will find the resource that does know the answer. Customers appreciate the candor when delivered in the right spirit, as well as the effort you are putting in to get the answer to the customer’s concern.
- Keeping in touch – Most people appreciate follow-ups. It does not matter whether it’s a call regarding updates to a project, a call to notify the delivery order of an item, or a call after finishing a job to make sure that a customer was satisfied.
Safety and Security
Social media for most businesses today is critical for its marketing efforts and customer service. But potential risks come with the terrain when it comes to security and safety when using these tools. For an organization this occurs in the form of phishing scams, malware, hacking, and human error.
Such risks are avoided with a clear social media policy involving guidelines for employees on doing the following:
Creating a secure password – End users are admittedly lazy most especially in creating passwords. It is an IT officer’s job to educate end users regarding the importance of their passwords and train them in password security. Some basics you need to know:
- Encryption. For those who save their passwords in any plain text or Excel file—a big no-no. Always store passwords with encryption.
- Go long! Long passwords are harder to crack. A quick tip: use modified phrases that can be easily remembered rather than special character passwords.
- Employee training. It is important for old and new employees to be constantly reminded to be on guard involving security risks and the preventive measures.
- Password rotation. Passwords need to be rotated or changed every 30–90 days. This greatly reduces security risk.
- No to password hints. Password hints not only clue you in but also gives hackers easy options to start with.
- Yes to password vaults. Using a good, strong password manager helps do away with your password (and memory) problems. This ensures automatic change to old passwords (which may have been hacked), preventing easy access to your systems.
Defend against spam and phishing attacks – Be careful before clicking on any link on the Web asking you to log in or enter your login details. These are predatory sites that collect passwords. When in doubt, you can always manually enter the site address or URL on the address bar of your browser window. Some terminology of the main attacks to keep in mind:
- Phishing. This is an e-mail that appears to be from a reliable source (like a bank) requesting verification of personal information. They may also come with a warning or penalty for non-compliance.
- Pretexting. Read: pretext. This is typically a constructive scenario using a small piece of known information about a person as basis for proving the appearance of authenticity. Most attackers using this method aim to get your social security numbers, date of birth, and such.
- Trojan horse. This is a malicious program that masks itself as another harmless program. Often it takes on the form of a common program but as soon as it is clicked or installed, it does its intended damage. Most Trojan horses are hidden in unassuming spam mail messages or download attachments.
Share only official, approved, branded content – Sharing only branded and approved content minimizes the risk of sharing potentially dangerous files containing viruses. Another benefit for this is that by sharing brand content, you spread awareness of your brand and thus slowly build trust in your brand. This is also important in generating more customers and further gaining customer loyalty. By sharing valuable information, it builds trust and rapport which evolves into willingness to purchase your products in the future.
Employee security training – By conducting training in online security and safety, employees are made aware of the threats to the company network and to the business itself. By providing training to ensure detection and countermeasures to such, the following benefits are acquired:
- Employees are less likely to be victims of attacks and lessen the risk of exposing the company to any further risk.
- Best practices in relation to online safety and security will be adapted promoting a culture of safety and security within the company.
- The employees become responsible for the safety and security of the company against malicious activities.
- Accidental or intentional misuse of information is lessened and prevented.
In making an airtight social media policy, it is best discussed with your legal team in order to get a thorough input regarding the making of the policy. Laying out of clear privacy and disclosure clauses in your policy help in avoiding the risks involved with the following regulatory and legal requirements:
- discrimination claims – any employee can say anything over social media which could be connected to the company. A policy could state that if any employee posts updates or comments on personal sites that badly affects the company or another employee, then this would be grounds for a termination notice. An employee then can file a lawsuit claiming hostile working environment as a cause or other grounds for discrimination claims.
- defamation claims – happens when employees say things over business or personal media platforms that impact the company, competitors, or the customers. This is also true when employers share too much information, like photos, which can lead to lawsuits.
- confidentiality breach – involves an employee sharing too much information over a site resulting in regulatory fines or competitor getting information.
- regulatory breach – often happens when an employee is not trained adequately. By educating an employee on appropriate communication regarding regulated products or confidential information, the risk of regulatory breach is much lessened.
The opportunity to grow and connect with your customers and potential customers is made possible through social media. Along with these opportunities come threats for your security and safety. It is therefore critical to establish a policy that would ensure not only the safety of your business but also your employees. Arming yourself with a careful, thorough, updated social media policy ensures effective defense against malicious software and also against any future lawsuit or legal implications that may arise, if not for the implementation of such policy.
You can choose to implement a single social media policy document to reflect all possible scenarios involved. Another option is to make separate policies outlining specific areas to properly address any issue as it comes up. Updating the policy every so often also helps in maintaining the security statement of your company.