6. Risks of Using Social Media and Web 2.0
Data Leakage Incoming Threats Compliance & eDiscovery User Behavior
Personal SEC, FINRA Employee
Information Malware, Spyware Productivity
HIPAA, FISMA
Intellectual Property Viruses, Trojans Bandwidth
SOX, PCI, FSA
Credit Card, Explosion
Inappropriate
SSN FRCP- eDiscovery
Content Every employee is
Client Records FERC, NERC the face of business
7. Web 2.0 & Social Networks Regulation & Compliance
Regulation Social Network and Web 2.0 Impact
Obliged to store records and make accessible. Public correspondence requires
SEC and FINRA approval, review and retention. Extended to social media.
http://www.finra.org/Industry/Issues/Advertising/p006118
Protect information, monitor for sensitive content, and ensure not sent over
Gramm-Leach-Bliley Act (GLBA) public channels (e.g., Twitter)
Ensuring cardholder data is not sent over unsecured channels AND PROVING
PCI IT
Prevent identity theft. Protect IM and Web 2.0 from malware and phishing
Red Flag Rules when users are more likely to drop their guard.
Email and IM are ESI. Posts to social media sites must be preserved if
FRCP (eDiscovery) reasonably determined to be discoverable. http://blog.twitter.com/
Sarbanes-Oxley (SOX) Businesses must preserve information relevant to the company reporting.