Policies on Social Networking at Work

A recent study showed that over 75% of workers aged 20-30 access social networking sites at work. When you add all of the social networks (over 500 according to some estimates) and all of the members (over 150 million) and all of the companies (over 4000 publicly traded in the US alone) you get a staggering number of hours of lost productivity.

However, there are those who believe that it is critical to allow young workers this perk to keep them gainfully employed. When considering the security and privacy risks, combined the potential for lost productivity, the safest policy is the most restrictive: No social networking sites at work.

What do you think? Does your organization have information security policies that address social networking? If so, how do users respond?