British Ministry of Defense staff and military personnel have leaked sensitive information on social-networking and other Web sites in the past 18 months, according to SC Magazine. Ten people have been disciplined in that same period for misusing Facebook and Twitter as well. The Ministry of Defense released the information in response to a Freedom of Information request from Lewis PR, the story says.
The Ministry of Defense does not prohibit employees from participating in social networking in their personal lives, but does have "online engagement" guidelines requiring workers to get approval from their supervisors before posting information that relates to operations or deployments, information that is of a sensitive or political nature, statements that could be interpreted as being made on behalf of the Ministry of Defense, or opinions of "wider defense or armed forces activity."
Mikko Hypponen, from security software provider F-Secure, notes that the leaks are troubling. He says:
It's amazing how many people drop their guard when they use social networking sites like Facebook and Twitter They might think they are confiding in friends or family when they go on Facebook. However, the recent changes in Facebook's privacy settings might make them disclose information to the world. This is a potential security risk.
The leaks are a security risk. In this instance, they're a risk for the British military -- and ultimately the government and citizens they protect. But the situation should also remind every organization that social networking does pose risks, and though they can't be completely avoided, they can be managed. Take a look at your own social-networking policies. Do they cover everything you need them to or do they have loopholes? Do you actively enforce them? Failing to develop and enforce adequate social-networking guidelines or policies could have serious repercussions.