Gartner: Fewer Than 30 Percent of Large Organisations Will Block Social Media by 2014
"Even in those organisations that block all access to social media, blocks tend not to be complete," said Andrew Walls, research vice president at Gartner. "Certain departments and processes, such as marketing, require access to external social media, and employees can circumvent blocks by using personal devices such as smartphones. Organisations need now to turn their attention to the impacts of social media on identity and access management (IAM)."
Gartner said that social media environments include mechanisms to collect, process, share and store a more complete range of identity data than do corporate IAM systems. They enable a more complete view of identity, one that extends beyond the bounds of organisations. For IAM managers, this is both a threat and an opportunity. Identity data and social media platforms can expose organisations and users to a wide variety of security threats, but organisations can also use this identity data to improve support for their own IAM practices and the ambitions of business stakeholders.
Gartner identified three significant impacts of social media on IAM:
Personal trust misaligned with corporate trust: Employees who participate in online social media continually make judgments about the degree of trust they should place in the platforms and in other participants, and they adjust content, structure and vocabulary to match their risk assessments. These assessments and the fundamental inputs to their assessment process may not align with corporate expectations for risk management. As a result, employees may say and do things on social media platforms that violate corporate policy or are otherwise counter to corporate expectations.
Public content supports identity intelligence: The collection of identity data by public social media on a massive scale enables improvements in the production of identity intelligence. This pushes IAM programs to discover the user profiles accessed by staff and to maintain capabilities for accessing external services in order to harvest identity data.
Identity data can be leveraged for IAM: Social media provide a mechanism for verifying the identity of employees, job candidates and customers, and a cloud identity platform for performing IAM for other applications. IAM programs can use social media for identity verification and to extend identity services to internal and external applications via a semi-trusted social platform.
"Organisations should not ignore social media and social identity," said Mr. Walls. "We recommend that organisations ascertain how they currently use internal and external social media in both official and unofficial ways, and look for dissonance between IAM practices and the identity needs, opportunities and risks of social media."
Mr. Walls will speak at the Gartner Security & Risk Management Summit 2012 on 16-17 July in Sydney. For further information, please visit http://www.gartner.com/ap/security. Additional information from the event will be shared on Twitter at http://twitter.com/Gartner_inc and using #GartnerSecurity. Members of the media can register by contacting Emma Keen at firstname.lastname@example.org
About Gartner Security & Risk Management Summit 2012
The Gartner Security & Risk Management Summit 2012 will explore the latest security and risk management strategies that help protect an organisation's information resources in the most efficient and effective ways. The latest views from Gartner analysts will be presented on market trends, opportunities and threats facing security and risk professionals, such as governance risk compliance, cloud computing and recovery, security architecture, mobile applications and security, as well as security threats and vulnerabilities.
Gartner, Inc. (NYSE: IT) is the world's leading information technology research and advisory company. Gartner delivers the technology-related insight necessary for its clients to make the right decisions, every day. From CIOs and senior IT leaders in corporations and government agencies, to business leaders in high-tech and telecom enterprises and professional services firms, to technology investors, Gartner is a valuable partner to 60,000 clients in 11,500 distinct organisations. Through the resources of Gartner Research, Gartner Executive Programs, Gartner Consulting and Gartner Events, Gartner works with every client to research, analyse and interpret the business of IT within the context of their individual role. Founded in 1979, Gartner is headquartered in Stamford, Connecticut, USA, and has 4,500 associates, including 1,250 research analysts and consultants, and clients in 85 countries. For more information, visit www.gartner.com.