Social Selling is dramatically changing the Sales landscape at a breakneck pace. Smart Selling Tools just released the 2019 SalesTech Benchmark Survey showing a 500% increase in Social Selling technology since 2017! In fact, Sales Technology spending is increasing across the board, with a 47% increase in the same period. While no one has outright attributed my previous installments in this series with this increased investment, you can draw your own conclusions.
In past articles, I’ve highlighted the value Marketing can bring to Sales teams in educating and enabling digital and social sales practices. Just imagine the impact you could have on thousands of individual ‘brand experiences’ owned and managed by the client relationship teams! Now realize those experiences are suddenly in the public sphere and you’ll start to realize that a successful program will always need a plan to mitigate and manage risk.
Only the Paranoid Survive
A good starting point in any discussion about risk is using the framework most often used to disclose risk to investors. The approach is to identify the risks in each area, write policy that manages the risk, and then create mechanisms to enforce the policy.
1. Brand Risk – Are Salespeople Going to Share or Engage with Content That Reflects Negatively on the Brand or Runs Counter to the Brand Values?
Brand risk is fundamental in social media. The potentially viral nature of social communications can rapidly amplify the damage from a single misstep. Despite the high risk, most companies take a measured approach, with training and certification or attestation for salespeople and a recovery plan. Marketing and public relations should set the policy with help from legal.
2. Operational Risk – Is There Any Sensitive or Confidential Information Exposed? What Are the Security Risks?
Enterprise architecture and IT stakeholders should sign off on any social program for a proper risk assessment. I’ve seen data loss prevention become an issue, but this should be controlled by infrastructure and, ultimately, user training. It’s important that security training is ongoing as the platforms change so often. The big risk is not that your employees do something malicious; it’s the bad actors who compromise their accounts. Again, education on password hygiene and 2-factor authentication will help, but they can only be guidelines since social media behavior is outside of the enterprise’s control.
3. Regulatory Risk – What Regulations (Industry or Legal) Apply to Social Actions?
Pretty much every company is regulated by someone, but some are more relevant than others (Proofpoint has a good summary of electronic communications regulations here). Groups to engage include Compliance and Supervision, Legal, and HR. We recommend engaging these groups early in the process to make sure you’re asking the right questions and hearing their concerns. Approaching these groups as partners will go a long way toward the program’s success even if there are some obstacles to overcome through the process. Work with vendors as well to benefit from other companies’ experiences and provide the social proof that risk can be managed.
4. Financial Risk – Which Risks and Scenarios Could Materially Put the Company at Risk?
The majority of the financial risk in social selling would arise from the preceding three areas, but it is a useful exercise to consider in the worst-case scenarios like the CEO’s account is hacked, how bad would it be? Now think about how you can recover and minimize the damage—possibly including insurance.
Doing Nothing Is Not an Option
Policy and training are the building blocks for managing risk in a social program. I recommend building these as modules that can be incorporated into new employee onboarding. Policy and training should be refreshed at least annually to keep up with the changes in the networks. The program should enforce an onboarding that at least has users accept or attest to the social policies. I’ve seen cases where enforcing an extensive, self-directed training seriously reduces adoption. ven an hour of compliance training can turn people off, so design training to be timely, relevant and valuable wherever possible.
Technology is a huge help in enforcing policy at scale, much like email and other digital communications. Digital risk offerings from Proofpoint and Safeguard Cyber actively monitor social accounts to identify and remediate any policy violations. Properly configured, these solutions can manage brand, security and regulatory risk and archive communications if needed. They can also scan for rogue and spoof accounts, which is also a great starting point to understand the scope of the risk you’re managing – how many accounts are currently associated with your brand?
At Grapevine6 we tightly integrate with these risk management solutions to assess content for risk before it’s published and apply company policies such as all brand mentions must be pre-reviewed before publishing. In regulated industries, these policies can become quite involved and we recommend connecting with peers and vendors for guidance.
A centralized publishing tool like Grapevine6 provides the benefit of providing Marketing with some level of control over social engagement. Control here doesn’t require viewing and approving every post before it goes out. That said, the focus should be on consistently monitoring for a consistent representation of the corporate brand and identifying opportunities for coaching on developing a personal brand for the individual Sales person…
Read More: Why GDPR Changes Everything…for the Better