Security concerns when using SM

Floreddu and Cabiddu (2016) conclude in their research that corporate reputation is positively related to an organisation’s ability to engage customers in online communication, and that their reputation will be strengthened when they are able to establish transparent online relationships. However, according to Venkataraman and Das (2013), SM tools possess a subtle capability of inflicting serious damage to an organisation if their use is not monitored and controlled. Furthermore, in enhancing innovation, SM needs to be included as part of the organisation’s objectives (Roberts et al., 2016). According to (Niekerk & Maharaj, 2013),SM tools can be used by irresponsible parties to invoke racial, religious or political sentiments, such as the uprisings and protests in Middle Eastern countries (Tunisia and Syria). More recently, the denial-of-service (DoS) attack by the group Anonymous on government sites of Malaysia and Australia reminds us of the negative capability of SM tools. It therefore should be acknowledged that not all SM initiatives or developments are positive.

While acknowledging that the use of SM is gaining popularity, security and social concerns need to be addressed. In project environments, which are often governed by confidentiality and integrity of information distribution, it is important for project managers to exercise due care in using SM tools. Omar, Stockdale and Scheepers (2014) suggested there is a sense of uncertainty in government operations when implementing SM due to a lack of clarity and objectives for its use. They also identify risk, lack of knowledge and experience, lack of resources, ownership of technology, the culture of government organisations and the unperceived value and benefits of SM use as key factors that may pose challenges for SM implementation. The use and type of SM may or may not be suitable for all areas of project management, and this is what this research intends to uncover. The following section discusses current ongoing efforts and the importance or lack thereof of establishing an SM policy to govern a safe and secure use.

2.2.4.1 SM Policy

As SM use in the government sector is fast gaining popularity, Kavanaugh et al. (2012) investigated the concerns, issues and difficulties arising from such use. Their investigation revealed two areas of governance that must be given due attention – information management and organisational factor. For organisational factors, they highlighted the importance for establishing an SM policy that would address management buy-in which will determine the known and unknown expectations, control issues such as what and how much control to impose for SM use, the SM communication policy which describes what to do/say and what not to do/say in an SM platform. They further proposed that

46 legal implication for data management and maintenance as well as training needs to educate end users towards safe use of SM be given priority.

The importance of having an effective governance structure when using SM cannot be emphasised further. Medaglia and Zheng (2017) attempted to understand the current research initiatives and effort to determine the gaps in government social media adoption and report that it tend to focus on

strategies and policies. They say that that governance structure by way of having guidelines and procedures for SM use is taking centre stage. This include the process of policy establishments, unpacking it to the users and the effective institutionalisation in the organisation. The impact of such policies on user behaviour and management is also receiving much attention.

In another research, Williams, Field and James (2011), found that the availability of an SM policy had a positive impact on student behaviour in maintaining their online security and privacy. A group of pharmacy students was influenced by their college’s SM policy to strengthen their individual security settings and reduce the visibility of their profile information to other users. The introduction of the SM policy probably educated the students on the importance of only making necessary information visible to the public. To protect student privacy, the college through their SM policy, prohibited the sharing of student photos and videos on Facebook. Therefore, a well-structured and documented SM policy can be a tool to communicate the organisational intentions and governance initiatives for SM use.

The US government adopts a very strict approach in the implementation of SM for its government portals (Bertot, Jaeger & Hansen, 2012). Most government agencies focus their attention on privacy, security, accuracy and archiving of SM contents. Adequate controls to prevent and resist information tampering can help preserve accuracy and enhance privacy and confidentiality thereby guaranteeing information and data security. The US government has various policies to protect its citizens’ data when using online platforms to communicate with various government agencies and is shown in Table 2.3

47 Table 2.3: Selected USA government information policies (adopted from Bertot, Jaeger & Hansen, 2012)

No. Policy objectives related to SM Selected relevant policy instrument 1 Access and social inclusion - Americans with Disability Act

- Americans with Disabilities Act

- Executive Order 13166—Improving Access to Services for Persons with Limited English Proficiency

- Individuals with Disabilities Education Act - Section 504 of the Rehabilitation Act - Section 508 of the Rehabilitation Act - Telecommunications Act of 1996 2 Privacy, security, accuracy and

archiving

- Children's Online Privacy Protection Act (COPPA)

- Federal Information Security Management Act

- (FISMA)

- Information Quality Act

- OMB Memo M-03-22 (Guidance for Implementing the Provisions of the E- government Act of 2002)

- OMB Memo M-04-04 (E-Authentication Guidance for Federal Agencies)

- OMB Memo M-05-04 (Policies for Federal Agency Websites)

- Federal Depository Library Program (Title 44 USC)

3 Governing and governance - E-government Act of 2002

- OMB Circular A-130 (Management of Federal Information Resources) - Paperwork Reduction Act

- Various Copyright (Title 17 USC) and Patent & Trademark (Title 35 USC) legislation

(Adopted from Bertot, Jaeger & Hansen, (2012), page 31)

Yi, Oh, and Kim (2013) compared the use of SM in Korean and US government sites. They outlined components of SM policies in the two governments which broadly covers policy establishments, conflict settlement and issue resolution. Some of the policies governing SM use in these government agencies are:

48 - Guidelines for third-party websites and applications.

- Guidelines for Secure Use of Social Media - Social Media and Security

- Social Media for Government

They highlighted the lack of SM policy will lead to potential risks which include unintentional

security breaches and compromise of data privacy and confidentiality. It is very critical to update laws and regulations and promoting changes in government culture and organisational practices. Some of the potential risks include public criticisms and lack of trusts, degree of government openness and transparency, potential intellectual property and copyright infringements, potential infringements to international or national regulatory frameworks, theft of information, loss of control for the delivery of information, integrity and validity of data and information and the apparent lack of organisational structure and processes (Picazo-Vela, Gutierez-Martinez, & Luna-Reyes, 2012). Therefore, to circumvent all these risks, the existence of effective and efficient SM governance via the establishment of SM policy will help mitigate these threats.

Ethics and professionalism of project team members will also contribute in maintaining an

environment of honesty and integrity when using SM. In the case of the dentistry profession, Holden (2017) accentuated the need for a dentist to exercise care when using SM to communicate with the community, as miscommunication in advertising services may erode the integrity of the profession. He stated that further guidance was required when dentists communicate with their patients via SM as there are significant risks that may negatively impact the dentist–patient relationship. The sentiment was echoed by Simpson (2016) when she said that child and family social work practitioners needed to be fully conversant with SM and understand the risks associated with use.

The use and type of SM may or may not be suitable for all areas of project management, and this is what this research intends to uncover. The following section discusses this and reviews the scant literature available on the use of SM use in project management activities.