Blogging is a powerful communications tool that is being used by businesses large and small. In larger organizations, blogging can pose a serious risk to information security without internal guidelines. It is essential to have a blogging policy that makes employees aware what kinds of things can and cannot be discussed in either company blogs or their own private blogs.

Not having a corporate blogging policy allows your employees to cross the line even if they do not have those intentions. Taboo subjects usually include proprietary and confidential information.

What should be said to employees in a basic blogging policy?

1. You are personally responsible for what you write.
2. Follow existing company policies and rules.
3. Keep our confidential information a secret.
4. Use restraint, respect and etiquette.
5. Show respect for the company, its customers, its vendors and employees.
6. In blogging you must add value, be accurate and write about what you know.
7. You must follow all related laws to blogging; (SEC rules on public disclosure, copyright, etc.)

Examples from Corporate Blogging Policies

1. Place boundaries on what can be discussed. As an example, Direct2Dell does not allow postings dealing with political, legal or financial matters. They do not allow discussions unrelated to their business.
2. Don’t disclose secrets. Sun Microsystems advises their employees to use common sense in what they blog about. Employees are responsible for protecting proprietary and confidential information.
3. Use a disclaimer. IBM requires employees to disclose that views and opinions presented in the blog are not necessarily the those of IBM. This is for all blogs; personal or corporate.
4. Prior Approval. The US Army now allows soldiers to blog without prior approval if their topic is not related to the military and they are not using military equipment.