Let’s put it this way: social media and security don’t work together very well today. Marketing professionals who see social media as a vital communication channel view security as a nuisance, whereas Security pros view services like Facebook and Twitter as trivial pastimes that expose the business to enormous risk. The problem is, when it comes to social media, these two facets of the organization need to come to terms with each other – and this was clearly on display Tuesday when the Dow Jones briefly plummeted over 100 points due to false Tweets from AP’s hacked Twitter accounts that indicated President Obama had been injured by explosions at the White House.
This recent breach signifies two things: 1) the potentially damaging impact of social media is real and growing, and 2) companies today aren’t doing enough to mitigate the risks.
As social media becomes a legitimate source of news and information, the implications for inaccurate or inappropriate behavior continue to grow. Damaging or disparaging comments on Twitter (whether intended or not), can have a real impact on your business and the way customers view your company and brand. Companies need to do more to protect their organization from social media risk because:
At the end of 2012, Forrester and the ITAM Review, an IT asset management community site, ran a software asset management (SAM) survey to help understand where SAM is going in 2013. The resulting infographic* and commentary is available to Forrester clients here. For non- (hopefully future-) clients I’ve extracted some content to create this blog.
The focus and drivers for SAM have changed
Since the early 2000s, risk-focused IT professionals have voiced their concern over software compliance and the potential for vendor audits, large financial fines, damage to corporate reputation, and even the imprisonment of company directors. But these concerns weren't necessarily shared by the rest of the organization, which also viewed the SAM technology available as too difficult and complex to justify. As a result, SAM was a low priority on the IT management to-do list.
But this is starting to change as IT organizations realize that their software estates and procurement and provisioning processes are in a state of under-management, if not mismanagement. As a result, these organizations are wasting a significant amount of their IT funding each year on license procurement when they don't need to, maintenance agreement costs for more licenses than they actually use, and supporting and hosting software that should have been decommissioned.