CIO Council: Don't rush into social networking

The federal Chief Information Officers Council weighs in with some words of caution on the growing popularity of social networking in the federal government. It believes that the decision for a federal department or agency to permit social media is more than just an IT decision.

According to the council, the decision must involve strong business justifications that identify mission requirements and drive toward the expected outcome. It also must be made in a risk-management process with recommendations with many players, including the mission's owner (the department head), legal counsel and privacy officers.

"This decision can only be made with a full understanding of the threats, risks, and mission needs," the CIO Council guidance says. "This document recommends the creation of a government-wide policy based on the risks and mitigating controls presented, to provide appropriate guidance for the secure use of social media by federal departments and agencies."

Whoa! That's a far cry from the sprint now taking place by Federal CIO Vivek Kundra and other Obama administration officials, who see social networking as a big piece of the transparency that President Obama has promised. It also raises some pretty serious questions about security at a time when the federal government is raising red flags over the importance of nailing down cybersecurity protections and doing it right.

So what's the answer? At this point, social networking in the federal government is still in its infancy. Expect some rough patches and setbacks before it is fully operational and effective.

For more on the CIO Council's recommendations:
- check out this govinfosecurity.com article

Related Articles:
Security pros get comfortable with social networking
Study finds organizations still feeling their way with social networking