The social media drum keeps pounding while voices of caution are being pushed aside – not a great formula for social media’s long term success in financial institutions.
Just for the record, social media isn’t the first “cool” technology to appear on the banking scene. E-mail, Internet websites, even Microsoft Windows were cool in their day. In each case, we realized the security risks after the horse left the barn. Remember the TJX data breach? How many debit cards did your institution reissue at an average cost of $4 per card? How much fraud did you have to cover?
If your institution is contemplating a social media presence, consider the risks that accompany its potential rewards. That way, bankers can participate in the conversation without having to plug the security holes later.
Conversation is the point of social media. We talk, we connect, we refer and hopefully generate traffic for businesses that receive positive comments. Marketing people around the world hope to land on the good side of chat.
Land on social media’s “bad” side and your bank’s reputation becomes something to salvage. It doesn’t matter if the negativity comes from a single malcontent or an actual snafu. The social networking public may only read the subject line and bypass the underlying comment. Either way, your financial institution can quickly become a pariah.
To counteract the damage, you might consider monitoring major social networking sites for “mentions” and nipping the bad ones in the bud. Viralheat can monitor a site for $140 per month, but then an employee is still needed to respond to unkind posts. If social media is important to your institution, this may be something to budget.
Do you believe that every employee in your financial institution should have unlimited access to social media? More to the point, do you believe your employees will consistently mention your institution in favorable terms?
If your answer to these questions is yes, then you might have an unusually upbeat, articulate staff. You might also have an unrealistic idea of the damage that one disgruntled employee can cause in today’s social media.
Let’s face it, your employees know a lot about your financial institution. If they start tweeting or posting details about your institution on their Facebook wall, they could undo months of marketing effort. They could also slip confidential information into the conversation, increasing your potential liability should a criminal notice and act.
My recommendation – assign your marketing professionals to work the social media “beat”. The beat includes online forums, Twitter and Facebook. Marketing people know what to say on behalf of your institution. Putting everybody on Facebook is not a good social media plan for a bank.
Every media presents risks, but social media presents greater risk because its goal is trust and sharing personal information. Can you imagine a better forum for social engineering (aka phishing)?
Already 750,000 Facebook members have admitted to infection by Koobface, a computer worm that targets users of social networking websites. The total infection count is probably higher. A few weeks ago, an organization called “Control Your Info” took control of hundreds of Facebook groups. The attackers insist they were merely highlighting a security flaw in Facebook. But their stunt broadcast the flaw around the world.
As custodians of other people’s money, bankers manage the risks of loan loss, physical theft, identity theft, and more. A banker’s caution may not match the excitement of a tweet or a Facebook post, but banks and bankers are obligated to protect the public’s college funds, retirement assets, and other savings. That’s a different obligation than writing witty posts.
Should bankers avoid social media in the name of security? Not at all. But understanding that security goes hand-in-hand with social media is an important message that will help any financial institution over the long haul.