But even that, Herold said, cannot address "the problematic and complex architecture within which Facebook is created and shares data. Technology alone will not work."Ã'Â So companies need to update their information security and privacy policies to cover social media, she said.

Rafal Los, chief security evangelist at HP software worldwide, said: "Enterprises can reduce risks with a combination of traditional security to combat known threats with an enterprise security intelligence platform which integrates advanced correlation, deep application analysis and network-level defense mechanisms to detect malicious activities, misuse and accidental disclosure through the use of social media."

Herold says she did a social networking privacy and security training class to a large hospital system in January where she covered the actions individuals should take when using the sites, to protect information.

"By including how individuals are personally affected, and not just focusing on the organization, those taking the training were able to see why taking security and privacy steps online is important," she said.

in CSOonline's Social Networking Security section.