Having recently attended a seminar on data security, one of the key topics of discussion was the fact that instant messaging, social network sites, and even business networking sites can be a source for compromising business computers and networks.

So this leads one to ask, which predicate should prevail? Is marketing your company via potentially dangerous methods worth it? Another way to ask this is: What cost to bolster security is too much for utilizing these marketing avenues? As in real life, the murkier the neighborhood, the more likely you are to increase your own personal safety.

Examine any given Facebook or MySpace page and you are sure to see "apps", or small embedded programs that do specific things. Do you KNOW what data they are collecting about you when they load? Where is that data being recorded at? Is that "app" potentially dangerous? Both of these sites have been in the news for compromising user computers.

This is a real challenge - with the prevalence and proliferation of social networking sites, apps, plugins, and the like being used as 'business marketing' we have to ask - are companies inviting nefarious consequences into their network just to keep up with the Joneses? Small businesses probably cannot swing the $4-10k hardware appliance to monitor network traffic and potect them as most struggled to just keep anti-virus software updated a challenge. Oh, you'll probaly need an expert to operate that equipment in most cases (salary $45k+/-). The logical way to reduce the risk of being compromised and without the cost is to just NOT do that via company computers or devices. Suddently free marketing avenues aren't quite all that after all.

Its hard to convince people that something isn't good when millions are doing it. Keep in mind that that MAJORITY of those users are not concerned with security or protecting your data/network. ((Some may actually use social engineering to garner information!) Sooner or later you'll be invited to do something from some one's Facebook or MYSpace page - click this link, check this out, join my ____, or whatever. Stop and ask if that REALLY has a business need.

Security can get expensive very quickly - bouncing back from a security compromise can be VERY expensive but with some easy common rules of what is or is not accessed on your network, the costs can be minmized to a certain extent.

If you have more than 5 computers in your business - you SHOULD have a computer use policy. It should address the appropriateness of visiting certain sites or types of sites. That decision should be based on the level of security you can invest in. Good computing practices and policies can go a LONG way (but that is still no substitution for quality security hardware and software designed to protect your business).