Note: This post originally published in our Tech Decision Maker blog in January 2013.

Social networking has been a prominent trend for a while, but companies are still figuring out the best ways to handle it in the workplace. Although social media sites can have many benefits for business — they can offer companies new ways to reach current or potential customers or for employees to connect with each other — they can also introduce new risks, such as:

  • IT security issues, including malware that spreads on social networks or the accidental posting of sensitive information
  • Legal concerns, such as harassment or discrimination taking place online, and
  • Damage to the company’s reputation based on things employees post.

Some organizations have responded by trying to block employees from accessing Facebook, Twitter and other social media sites. However, many of them are learning that it’s not always possible to keep people off of social networks.

Three-quarters of employees use personal devices to access social media at work, with 60% saying they check Facebook, Twitter and other sites multiple times per day, according to the new Social Media and Workplace 2012 Report, courtesy of SilkRoad.

That’s despite the fact that only 43% of the 1,105 people surveyed said their employer allows access to social media at work. In other words, blocking access to social networking sites won’t do much to actually keep employees from using them.

While keeping employees off of social networks is difficult or impossible, developing and distributing a social networking policy can help companies minimize the risks.

There are some of the top mistakes organizations make when developing social networking policies.

1. Letting managers off the hook

A lot of companies’ social media efforts focus on keeping employees from posting anything online that damages the company’s reputation, makes sensitive information public or creates other problems. But it’s important to make sure the rules apply to managers, too.

After all, they’re the ones who typically know the company’s secrets and are therefore the ones most likely to accidentally release sensitive information on a social network. Also, managers can create the most risk because it’s their job to discipline employees based on their use of social media — and doing it the wrong way can cause legal problems.

2. Being too broad or vague

Being too restrictive with a social networking policy can get companies in trouble with the National Labor Relations Board (NLRB). A company can’t forbid employees from talking freely about their working conditions, and the NLRB says that rule applies to social networking policies, too. The agency has reprimanded companies for writing policies that contain broad rules, such as a ban on writing anything that “disparages” or “defames” the company.

Also, managers should be warned against potentially violating their employees’ privacy. So far, a few states have passed laws banning employers from asking workers or applicants for social media passwords, and doing so could be considered an invasion of privacy elsewhere.

3. Using a one-size-fits-all approach

Organizations have different types of employees, with different levels of access to sensitive data and different computer use needs. However, many companies only have one social networking policy that applies to employees at all levels and all departments, with a few exceptions for marketing employees and others that use social media in their daily jobs.

But companies may be better off splitting employees into groups depending on who will need to be blocked completely, who will be free to do whatever they want, and others who might require some degree of limited access.

4. Focusing on restricting access rather than boosting performance

One reason many companies attempt to control employees’ social media use is that they’re afraid those new online distractions will take up too much time and kill productivity. In some cases, that may be a valid fear, but experts say in many cases allowing employees to take period breaks for personal web browsing will make them more productive.

The solution: Organizations should focus on performance, monitoring Internet use and taking action once social networks become a problem, not before.

5. Forgetting about IT security

As companies’ biggest social media concerns typically involve keeping productivity high and protecting the company’s reputation, IT security issues are often ignored. That’s a mistake, because using social networking sites the wrong way could open companies to a number of threats, such as phishing scams and malware spread through links in wall posts.

In addition to prohibiting unsafe social media use through policies, IT departments can also train employees to recognize and avoid the most common threats.

Social networking policy template

Having a well thought-out social media policy can help companies reap the benefits of social media while minimizing the risks. Here’s a social networking policy template organizations can use to get started.

Jamie Thomas is a senior technology editor for Progressive Business Publications.