The middle ground monitors all Web activity and controls it on a per user basis when social networking sites can be accessed at the office. Administrators can use Web monitoring software to block access during most of the day except during the staff lunch break or before and after normal office hours. The same software can be used to ensure that any files downloaded or links accessed online are checked in real time for exploits, malware and viruses.

If a company wants to make use of a social networking profile for marketing purposes, access should be given to those who will be updating the profile and all content should be monitored to ensure it is appropriate. Running third party applications should be discouraged.

Education also is important. If an organization wants its employees to be given restricted access to their social networking profile, it must be made clear to them that they need to be vigilant, avoid clicking on links that are suspicious, refrain from downloading files or applications that may be infected, and limit what details they add to their profile--details that could be used to steal identities and commit fraud.

Hackers are attracted to social networking sites because they see the potential to commit fraud and launch spam and malware attacks. Organizations, on the other hand, need to be made aware of the security risks involved and yet allow the company to make the most of what the Internet and social networking have to offer.

David Kelleher is communications and research analyst at .