A while back, I wrote about how US organizations writing social media policies need to beware of the National Labor Relations Board’s requirements that these policies not interfere with the rights of employees to discuss their working conditions or organize unions. At the time of my original post, the NLRB had released a guidance document which raised more questions than it answered. Since then, they have released additional guidance which includes a number of examples of bad policies and explains the specific problems with each. More importantly, it includes a sample policy which is in compliance with NLRB rules and which can be used as a guide in writing (or updating) your company’s social media policy. It is really worth taking a look at this document – many things that any normal, reasonable infosec professional would expect to be acceptable (ie. “don’t post confidential information to social media sites”) are not.