We are starting to see more security problems relating to social networking, including social networking phishing attacks that direct users to malicious web sites, and hacks like last week’s Twitter attack by a “bored” 17-year-old. Apparently, according to a Cnet article, “one day he hopes to get a job as a security analyst.” Yikes! If you hire this youngster, you get what you deserve. Let’s not teach a whole new generation that the way to a good job is through criminal activity! Kid, if you’re reading this, you’re not Frank Abagnale, get over it. There is a better way.

But onto the issue at hand. The wave of social networking attacks, social network phishing, and even social network spamming may call for the security policy to be revisited. Many security policies were created before social networking became as popular as it is today, and there has been an ongoing debate as to whether user policies need to be updated to reflect this new reality.

At first glance, the most obvious policy is to just ban social networking from the workplace. But, the reality of the situation is that social networking has become business networking. Businesses send Tweets to keep partners, the mobile sales force, and customers up to date on late-breaking developments. Business professionals use LinkedIn and Facebook for business networking. And there are others, like the recently-created SalesBook.com, which were created specifically for the business community. As a result, a blanket ban on social networking is just no longer practical from a business and marketing perspective.

Most observers agree that it’s time for an update in policy–and that policy has to get more specific as to what is allowed when it comes to social networking.