"It's very easy for someone to go around those blocks using a public proxy," he says. "Five minutes later they're back on Facebook and you've lost all control. Believe me, employees are very motivated when it comes to getting on Facebook."
Even if you did manage to somehow keep all your employees from accessing social networks at work, there's little you can do to keep them from tweeting their little heads off about company secrets when they head home at night. And social media blocker beware: Employees are more likely to rip into your company on social sites after hours if they can't get to those sites at work, Bonvanie adds.
"The motivation for someone to log on to Facebook and go off about their company is a lot higher if you block their access at work than if you allow them," Bonvanie says. "If you piss them off at work, that's what they're going to do when they get home. If the culture at work is to allow social media but be smart about it, tell people how to act and what not to say, they're not likely to do it at home."
A partial solution is provided by tools like FaceTime's Socialite or Palo Alto Networks' next-generation firewalls, which offer granular controls over which features each employee can access on the social network. For example, a company might allow full access to Facebook, but block usage of third-party apps like Farmville or native features like chat. Granular control could enable employees in the marketing or customer service departments to use Twitter to promote the company and solve user problems, while keeping those with access to sensitive information offline. Or it might allow some employees to simply read but not write -- so they can scan LinkedIn profiles for recruiting purposes, but not spend valuable company time updating their own résumés.
Some of these controls can extend outside the company as well. If an employee posts something they shouldn't from an off-network home PC or an Internet cafe, for example, Socialite can identify and archive the new posts the next time the user logs in to their accounts via the corporate net, notes Carter.
Another potential solution is data leak prevention software. About 70 percent of all data leaks are the result of an employee accidentally or intentionally spilling the beans, says Alexey Raevsky, CEO for Zecurion. DLP suites like Zecurion's can monitor all outbound communications -- email, chat, and social media updates -- and block anything deemed confidential or proprietary from leaving the company's network. But using DLP means keeping a close watch on what information your company deems sensitive and updating those filters regularly as it changes.
"Social media makes it easy to say things you shouldn't," says Bonvanie. "The technology needs to do more than a simple binary block or allow."