I received an innocent-looking email with the subject line, "Can I get your current contact information?" I looked at the sender's address. Nope, that name and domain name didn't ring a bell. Logic told me that I should delete any e-mail from an unknown source asking for contact information. However...
Since I write for various publications, I often get mail from unknown sources, including readers who want to follow up on an article I've written. So I gave my mystery email a chance and opened it up. It turns out it was a request from a Plaxo user, asking me to update my personal contact information in his database.
Plaxo may be a helpful way for home users to keep track of contact information for their family members and friends. However, enterprise organisations are rightfully concerned about privacy issues, and they are telling their employees not to use Plaxo or other such services on the corporate network, and not to share company contact information.
Plaxo is a contact management application provided by the company of the same name. It is placed in the category of 'social networking' software, since two or more members of the service can easily keep up to date with each other. Similar services are offered by Orkut, Friendster and Ryze.
Uploading your private data
What enterprises find so offensive about Plaxo is that it automatically integrates with your Outlook address book and uploads the private contact data to a Plaxo server. The following statement, which is enough to give a privacy officer fits, is taken from the Plaxo Web site: "Plaxo 2.0 plugs directly in to Outlook or Outlook Express. Your existing contacts, calendar, tasks, and notes will be quickly backed up to the Plaxo Network and up-to-date - with no extra steps required! Not only will you have a secure backup of your vital information, you can access it from anywhere using Plaxo Online."
Oh, man, your corporate privacy officer just had a cow over that statement. Any Plaxo user has just exposed his entire collection of contact names to the whims of the owners of the service.
If you haven't done so already, it's time to issue an alert to your employees that social networking services such as Plaxo and the others mentioned above are strictly prohibited on your corporate network. What's more, corporate data such as email addresses and telephone numbers must not be entered into the service. If these products are already in use, employees should stop using them immediately, inform the service that you wish to stop using it, and uninstall the software from company-owned PCs.
Linda Musthaler ([email protected]) is vice president of Currid & Company.