Remember to conduct yourself internally assuming you will have a public audience. Because someday you might.
Was recently discussing a legal retention requirement in company chat. Made sure to be completely forthright and formal about responsibilities. Can’t play with that stuff.
@SwiftOnSecurity on my new hire onboarding training deck I present I have a slide that just says:
“Dance like nobody is watching, Slack like one day it’ll be read aloud at a deposition.”
Treat company chat like a browser history you can't clear.
@SwiftOnSecurity Reminds me of advice I got 15 years ago when I started at $governmentAgency: “Only put things in writing you wouldn’t mind coming out in a FOIA request or congressional hearing.”
@SwiftOnSecurity Yeeeeeeah...the horrors of hearing coworkers' Slack chats in the Gawker case are still burned into my mind.
"My dumb posts about Panamera monster trucks might'be been read by who? Where now?"
🏳️🌈@SwiftOnSecurity In your professional life, always conduct yourself in a way that will make you look good in court if your company is ever sued. XD
@SwiftOnSecurity
We got an all-employee email from a higher-up, maybe 6 levels down from the top.
(paraphrased) "Make sure to always write your emails as though they'll be above the fold on the Washington Post... *AS MINE WERE LAST WEEK*."
(emphasis mine)
Of course, this was the FDIC. But still, good advice.
@SwiftOnSecurity - Sat through a friend's wrongful termination trial and the evidence presented from discovery left little doubt that professionally, if involved in litigation, "I am doomed."
Edited 1y ago
Remember the LIBOR scandal that nearly brought down several massive banks pivoted around some chats were they joked about “bolly” (Bollinger champagne).
That was fun to read in the news. Their chats were barely grammatical and had little to no punctuation, but they were responsible for billions!
@SwiftOnSecurity you can use that to your advantage as well. I've refused to do certain tasks after it has been made clear they are not properly documenting these "because they are confidential".
I always try to be as clear and transparent as I can. Never had to have it read in court or public yet, and keys hope I never will
Edited 1y ago
@SwiftOnSecurity And if you work for the US government, even indirectly, that shit can be subject to FOIA requests. I've had a couple of those come up at my current job. Always good to assume that whatever dumb joke you're thinking of sending to your colleague will eventually get published on the NYT front page.
@SwiftOnSecurity I used to do content management for a medical insurer, mostly for a site that published their medical policies. I regularly received notifications from the Legal Division that "policies about such-and-such" could not be removed. Sometimes that included policies that dated to *before the policies were published online*.
Definitely do not play with that stuff in the medical field! HIPAA in the US has big, sharp, teeth!