"Social networks are completely mainstream," said Ben Rothke, senior security consultant with British Telecom.
"The question of blocking or not blocking is old school, social media isn't a choice any more," said Rothke, who noted that even conservative organizations like Dell, Marriot, and Boeing have adopted Web 2.0 technologies as part of their marketing and communications strategies.
Rothke said Dell has driven millions of dollars in incremental sales through its Twitter account alone. But as valuable as social media can be to an organization, it also presents security risks. "Employees are bypassing corporate services" like e-mail to reach out directly to business contacts through Linked In and other networking sites, said Rothke.
The problem is that they may be exposing information that's not meant for public disclosure, especially in highly regulated environments like banking and healthcare. "This is not rocket science, but it's something companies are going to have to deal with," said Rothke.
An effective social media security strategy starts with employee education, he said. "Use a balanced approach; allow access, but employ training and awareness," said Rothke.
He also said IT managers who claim social networks are too difficult to manage from a security perspective may be putting their careers at risk, given that most companies are now embracing the Web. "If a security manager says social media can't be managed he may be perceived as incompetent," said Rothke.
In other words, IT pros need to accept the fact that social networking sites and other Web 2.0 technologies are now a fact of life in the enterprise, and must learn to deal with them.
Interop, hosted by InformationWeek.com publisher UBM Techweb, runs through Oct. 22 at the Javits Center on Manhattan's West Side.