Hewlett-Packard Shows Hazard of Sharing LinkedIn Profiles: TechDouglas MacMillan
Hewlett-Packard Co. Vice President Scott McClellan gave away more than his job status when he mentioned the computer maker’s new Web-storage initiative in his profile on LinkedIn Corp., a professional-networking site.
McClellan inadvertently tipped off competitors earlier this year to previously undisclosed details of Hewlett-Packard’s cloud-computing services. The information was later removed, though not before rivals got a look at the plans.
As workers put more information about their lives online through status updates, location check-ins and resume changes, employers are more at risk of competitors watching their every move. Investigators at Kroll Inc., the 40-year-old corporate sleuthing pioneer, are known for scanning deleted computer files and monitoring surveillance cameras to help large companies uncover rivals’ secrets. Now they’re trawling the social Web.
“Social media has become a much more efficient way of getting information that could only be gotten in the past by things like surveillance,” said Kroll Senior Managing Director Rich Plansky.
In a Forrester Research survey last year of more than 150 companies that monitor social media, more than 82 percent said they use this data for competitive intelligence -- the most cited reason for the monitoring. With good reason: A single insider’s Twitter Inc. post can be more valuable than a stack of analysts’ research.
“Competitors obviously watch each other in social media just as they have historically monitored each other in the media and in public presentations,” said Shel Israel, an author and consultant on online networks. “Social media is a new data-abundant source that is here to stay.”
Prowling Social Sites
Corporate investigators including Kroll, Nardello & Co. and Risk Solutions & Investigations are prowling social sites for oversharing insiders like McClellan. Michael Thacker, a spokesman for Palo Alto, California-based Hewlett-Packard, declined to comment on the matter.
At Kroll, a division of Falls Church, Virginia-based Altegrity Inc., social sites such as LinkedIn, Twitter and Facebook Inc. aid in investigations of employee misconduct, background checks and suspected cases of data breach.
“Who a person’s friends are, what bars they go to, which groups they are interested in, what they look like,” Plansky said. “All of those information sources are a potential gold mine for us in developing intelligence for our clients.”
When one client asked Kroll to find out how a potential acquisition target got leaked to a competitor, investigators found a series of social media posts in which a member of the client’s mergers-and-acquisitions team publicly discussed doing diligence on a company in a specific city.
“Twitter can give you a play-by-play about a person’s activities,” Plansky said. “‘A lot of these posts are time-and date-stamped.”
For another client, Kroll began building a case against a fired executive by seeing whom in his LinkedIn network he might be sharing trade secrets with, a violation of his termination contract. Plansky declined to name any of Kroll’s customers.
Sean Garrett, a spokesman for San Francisco-based Twitter, said in an e-mail that posts made on Twitter are publicly available. Erin O’Harra, a spokeswoman for Mountain View, California-based LinkedIn, declined to comment.
The amount of data on social networks relevant to corporate investigations may be declining as users get more sophisticated about protecting their online privacy, said Michael Walsh, managing director of London-based Nardello, which gathers intelligence for companies and governments.
“We will check” social sites, he said, “but it is increasingly becoming less a real source of information because people are becoming all too aware that this is a vulnerable spot for them.”
The people closest to a company’s sensitive information may be the most likely to leak it online, said Abhilash Sonwane, senior vice president of product management at Indian cybersecurity firm Cyberoam. Beginning in June 2010, his firm selected 20 companies and set out to track them across social media sites for several months. For each company, Cyberoam identified all the employees with a profile on LinkedIn, then subscribed to their feeds on Twitter and other sites.
“You can actually feel yourself inside that company -- what’s happening, what’s the morale of the employees, how the business is doing, where top management go on vacation, did the CEO have a fight with somebody,” Sonwane said. “It’s a glass house.”
‘Edgy’ Before Bankruptcy
At one of the companies, workers began to indicate in their postings that business was slow around October 2010.
“We could sense that they were edgy about something,” Sonwane said. A few months later, a vice president wrote in a LinkedIn status update that he was looking for a new job. When his followers asked why, he responded that the company was about to file for bankruptcy -- which it did less than six months later, Sonwane said. He declined to identify any of the companies in the study.
Preventing such leaks can be difficult, said Josh Bernoff, a social-media analyst at Forrester Research.
“Employees will post, regardless of whether the company endorses it or not,” he said. “It is far better to have a policy about what you can and can’t say than to try to stop it.”
Reputation.com Inc., a Redwood City, California-based service for helping individuals and organizations monitor what’s being said about them online, has been enlisted by one client to track activity related to the company’s top 300 executives. Michael Fertik, Reputation’s chief executive officer, wouldn’t name the client.
Managing Internet ‘Footprint’
“Everybody who is in business with you, in a personal, professional, romantic, transactional relationship with you, is looking up information about you, is finding information about you, and then, most importantly, making decisions about what they find about you on the Internet,” Fertik said. “That’s why everybody has a need and obligation to themselves, to their family members, to their shareholders, to manage their footprint on the Internet.”
More and more businesses are going on the offensive, collecting information about their own rivals. That has led companies including Bellevue, Washington-based Visible Technologies LLC to develop tools that detect competitive intelligence on the Web. For about $4,500 a month, Visible’s customers get a dashboard that identifies conversations happening about their industry in blogs, message boards and social sites including Twitter and Facebook.
If there is a conversation with a negative sentiment, such as someone complaining about a rival company’s product, people monitoring the dashboard might intervene and offer a discount on switching to their own product or service.
LinkedIn has added tools to its networking site that send users alerts when competitors hire employees, or when its executives change roles.
“On LinkedIn, above all other social networks, people are very connected with their employer,” said Edd Dumbill, program chair for Strata Conference, a technology event hosted by O’Reilly Media Inc. focused on the use of online data.
As the generation of workers in their 20s and 30s take more senior roles in organizations, their greater exposure on social sites can make them more prone to investigations, said Steve Vale, a former Kroll managing director who is now a principal at Los Angeles-based Risk Solutions & Investigations.
During a recent background check on someone whose company was being acquired by a private equity firm -- a man in his mid-30s -- Vale discovered numerous videos and online posts he created that raised additional questions and necessitated extra interviews with him.
“You just wouldn’t believe the amount of social networking this fellow did,” said Vale, who wouldn’t disclose the name of the client or the subject being investigated. “In the end, everybody was fine with it, but it begged a question you would never have posed just a short time ago.”
To continue reading this article you must be a Bloomberg Professional Service Subscriber.
If you believe that you may have received this message in error please let us know.