ASIS 09, Meetup and Lanyard News

Two exciting developments came into shape today for social networking at the ASIS 09 conference:

1. ASIS gave the green light today to publicize the social networking meetup they will sponsor. It will be held at the President's Reception, Golden Horseshoe Saloon, 7:30-8:30 pm at Monday night at Disney Park.

"Guests can enjoy cocktails and appetizers while meeting the people in your networks and sharing a little more than 140 characters at a time!" (I have to give Peggy O'Connor at ASIS credit for that clever statement).

Now - this is very important - you must have a ticket to the reception in order to attend. If you don't, I'm sure we will be working out other meetup opportunities as part of other events but I think it's very cool of ASIS to host this one!

2. Our friends at Laminex are supplying a limited number of social networking lanyards. The idea of these lanyards is to let people who use social networking easily identify each other but not detract from the official ASIS ID badge or any company attire you may have to wear.

As you can see from my poorly constructed example, it will be a sexy, fashionable lanyard with both form and function. There is a space for your Twitter ID, but you can even use your name if you are not on Twitter. Laminex says it's possible to use iron on transfers to make the user names look slick, but that would depend on me hunched over an ironing board for hours. (Someone would have to answer to my Ortho). I'm not saying we won't end up with the slick transfers - we'll just have to figure something out.

Want one? Of course you do.

Just head over to this link and sign up.

Is your company hosting an event during the conference? I'm hoping to pull together other meetup opportunities as part of larger gatherings so let me know!

INFOSEC in the Social Networking World

As strange as it may seem, it's looking more and more like there may be yet another dynamic to this social networking thing. Nothing new really, especially to the social networking community - but I can see some definite room for growth. 

Working my way through the issues specific to physical security professionals, of course I ran across big picture organizational issues that should be addressed. For instance, how do you handle staff members in the organization you're protecting that violate INFOSEC rules? 

I always assumed INFOSEC concerns would be addressed through the "usual" channels, but it's becoming more clear there's a problem. 

Even organizations with robust INFOSEC policies and practices can have trouble when a new avenue pops up that doesn't follow the traditional information paths. The beauty of social networking is how effectively it cuts through tradition - but by doing so, it leaves behind the safeguards designed to secure sensitive info. Having that robust INFOSEC policy in place isn't enough anymore, it's the organizations with robust INFOSEC people that are keeping up in this game. 

So, like many things in this field - there are pros and cons to the situation. The cons are of course sensitive information being spread out to the world by staff members who don't think before they tweet/update/etc. But the pros are hopefully a return to support behind giving security groups the resources to mold and maintain INFOSEC rather than just audit it. 

How well does your organization communicate with staff (or whoever) about INFOSEC on social networking platforms? This could be something that can easily be covered by expanding current programs - or it could need much more.