A colleague of mine tells me “You’re like a lifeguard, you tell us how far to go in the ocean and where to go, and you call us back if we go too far but you don’t stop us from going into the water.”

To put what he said into context, a group of us, some folks from our student life office and some technical staff from my office which is the central technology department for the Division of Student Affairs, had just seen a demo of a product to manage student organizations.  The authentication used by the vendor product uses facebook connect.  While the vendor product was really beyond what we could ever build and everyone watching the demo, including me were very impressed with the product, I unfortunately had to dampen the enthusiasm of those present. I had to mention that using facebook connect may not be an idea that will be readily accepted as an option by security administrators on campus. Using a third party like facebook for authentication for an official campus system is a new concept on my campus.  In my role as the Associate Director of Information Systems and Software Development, I unfortunately have to play  the role of  “bad guy” sometimes. Many times,  some of these concerns I share are not even necessarily mine, but I do have to share them anyways.  I think in general, I am more flexible in how far to push boundaries when using new technologies, relative to some of my technical colleagues. However, I still do need to represent their perspectives. Fortunately, I’ve built up my reputation with the departments I have served throughout the years that I’m not a “nay-sayer” and I’m a strong advocate for their programs and innovative technologies. My reputation allows me to be frank with my concerns as someone charged with protecting student academic and health information and enforcing security and electronic policies.

I recognize and appreciate the value of social media including facebook, twitter, blogs. As an end user, I love using them.  I connect with alumni, students and my colleagues through them.  I’m never far away from my iphone and so I’m always connected, probably close to being diagnosed as a social media addict.

As a proponent of using technology and delivering technology solutions at UCSB since 1996, I see so much possibilities! I’m salivating at the prospect of  our campus embracing the use of social media and mobile technology. As  a matter of fact, I am involved with  efforts at UCSB to promote the use of social media and use of mobile devices including planned workshops in the near future.  I also led a committee in 2007 that defined the appropriate use of social media  for staff and students at UCSB. I just recently completed a course in Social Media Marketing to better understand how social media could be used at the very least in the our division, if not the campus.

I envy other schools who have embraced social media  for years to connect with their students. Reading studies like this “Twitter Increases Student Engagement” conducted by Dr. Reynol Junco, browsing through blogs including Inside Higher Ed and following many student affairs professionals and discussions (#sachat) on twitter  provide  me with some ideas on what other campuses have implemented and what are the possibilities.

However, as a technology provider whose responsibilities include safeguarding student academic, financial and  health information,  I cannot help but notice that in general, there’s rarely a mention by social media gurus of the potential pitfalls of the use of social media and entering into partnerships with vendors that provide social media services. There are laws such as FERPA, HIPAA, PCI,  copyright laws, Section 508 Accessibility standards as well as campus confidentiality/security policies that university employees and students must adhere to and  I am  concerned about the lack of discussion and consideration of the appropriate usage of these tools.

Social media is here to stay in some form or another and as a campus technology provider,  my challenge is how to promote the use of social media that is consistent with laws, policies and standards that we must adhere to. On one side, I need to encourage my tech colleagues who rightly are concerned about security to be a little more accepting of these new technologies and of the reality that we need to adapt, rather than react to the needs/wants of our student population. On the other hand, I need to educate my customers on the appropriate use of these tools for their business needs and providing them with enough room to explore the possibilities.