Mildly Off Topic: How I Use Social Media
By Rich
This post doesn't have a whole heck of a lot to do with security, but it's a topic I suspect all of us think about from time to time.
With the continuing explosion of social media outlets, I've noticed myself (and most of you) bouncing around from app to app as we figure out which ones work best in which contexts, and which are even worth our time. The biggest challenge I've found is compartmentalization -- which tools to use for which jobs, and how to manage my personal and professional online lives. Again, I think it's something we all struggle with, but for those of us who use social media heavily as part of our jobs it's probably a little more challenging.
Here's my perspective as an industry analyst. I really believe I'd manage these differently if I were in a different line of work (or with a different analyst firm), so I won't claim my approach is the right one for anyone else.
Blogs: As an analyst, I use the Securosis blog as my primary mechanism for publishing research. I also think it's important to develop a relationship (platonic, of course) with readers, which is why I mix a little personal content and context in with the straighter security posts. For blogging I deliberately use an informal tone which I strip out of content that is later incorporated into research reports and such.
Our informal guidelines are that while not everything needs to be directly security related, over 90% of the content should be dedicated to our coverage areas. Of our research content, 80% should be focused on helping practitioners get their jobs done, with the remaining 20% split between news and more forward-looking thought leadership. We strive for a minimum of 1 post a day, with 3 "meaty" content posts each week, a handful of "drive-by" quick responses/news items a week, and our Friday summary. Yes, we really do think about this stuff that much.
I don't currently have a personal blog outside of the site due to time, and (as we'll get to) Twitter takes care of a lot of that. I also read a ton of other blogs, and try to comment and link to them as much as possible.
I also consider the blog the most powerful peer-review mechanism for our research on the face of the planet. It's the best way to be open and transparent about what we do, while getting important feedback and perspectives we never could otherwise. As an analyst, it's absolutely invaluable.
Podcasts: My primary podcast is co-hosting The Network Security Podcast with Martin McKeay. This isn't a Securosis-specific thing, and I try not to drag too much of my work onto the show. Adrian and I plan on doing some more podcasts/webcasts, but those will be oriented towards specific topics and filling out our other content. Running a regular podcast is darn hard. I like the NetSecPodcast since it's more informal and we get to talk about any off the wall topic (generally in the security realm) that comes to mind.
Twitter: After the blog, this is my single biggest outlet. I initially started using Twitter to communicate with a small community of friends and colleagues in the Mac and security communities, but as Twitter exploded I've had to change how I approach it. Initially I described Twitter as a water cooler where I could hang out and chat informally with friends, but with over 1200 followers (many of them PR, AR, and other marketing types) I've had to be a little more careful about what I say.
Generally, I'm still very informal on Twitter and fully mix in professional and personal content. I use it to share and interact with friends, highlight some content (but not too much, I hate people who use Twitter only to spam their blog posts), and push out my half-baked ideas. I've also found Twitter especially powerful to get instant feedback on things, or to rally people towards something interesting. I really enjoy being so informal on Twitter, and hope I don't have to tighten things down any more because too many professional types are watching.
It's my favorite way to participate in the wider online community, develop new collaboration, toss out random ideas, and just stay connected with the outside world as I hide in my home office day after day. The bad side is I've had to reduce using it to organize meeting up with people (too many random followers in any given area), and some PR types use it to spy on my personal life (not too many; some of them are also in the friends category, but it's happened).
The @Securosis Twitter account is designed for the corporate "voice", while the @rmogull account is my personal one. I tend to follow people I either know or who contribute positively to the community dialog. I only follow a few corporate accounts, and I can't possibly follow everyone who follows me. I follow people who are interesting and I want to read, rather than using it as a mass-networking tool. With @rmogull there's absolutely no split between my personal and professional lives; it's for whatever I'm doing at the moment, but I'm always aware of who is watching.
LinkedIn: I keep going back and forth on how I use LinkedIn, and recently decided to use it as my main business networking tool. To keep the network under control I generally only accept invitations from people I've directly connected with at some point. I feel bad turning down all the random connections, but I see social networks as having power based on quality rather than quantity (that's what groups are for). Thus I tend to turn down connections from people who randomly saw a presentation or listened to a podcast. It isn't an ego thing; it's that, for me, this is a tool to keep track of my professional network, and I've never been one of those business card collectors.
Facebook: Facebook is the toughest one of the bunch since it is a cross between Twitter, LinkedIn, Flickr, and so on. I very recently decided that Facebook is best for my friends and family, and thus I don't link in professional contacts that aren't also in that group. I like being able to keep in touch with people from back in high school, and the kinds of things they are interested in are very different than the people I meet in the security and Mac communities. Again, it isn't an ego thing, but we all have different communities of people we interact with and I think it's completely appropriate to have different outlets for each of them.
IM/Skype: This isn't social networking per se, but I leave them running as much as I can. I think they're great for private conversations.
MySpace, Photo Sites, and Other Outlets: I tend not to use too many other social media outlets -- between the blog, Twitter, Facebook, podcasts, and LinkedIn I can connect with nearly anyone in some sort of appropriate context. I do use a photo sharing mechanism, but that's very personal and I don't make it public. I have a MySpace account, which I never use since Facebook is more prevalent with the people I know. I'm debating linking to others with TripIt, and may limit that tightly to people I might actually want to see when our travel overlaps. I feel like I'm missing something, but can't think of what it is.
And that's it. My personal perspective is that the power of my social networks is in quality and correct context over quantity. I try and pick the right tools for the right job and community. If I were to break it out, the blog is our newsletter and peer review for our research, Twitter is the water cooler, IM is sticking my head in someone's office, LinkedIn is a rolodex and context/community Q&A mechanism, and Facebook is for keeping in touch with geographically dispersed friends and family. I also don't believe in manipulating social media -- I try to use it as honestly and openly as possible, rather than as a marketing tool. Yes, it probably builds my brand, but that's not what I'm thinking about when I fake-live-tweet the latest Star Trek, call for feedback on my latest wacky research idea, or write uninteresting dribble like this post.
–Rich
