Small firms must embrace social networking because its offers massive potential for growth as well as security threats, says Qualys.

According to CTO Wolfgang Kandek from the security firm, companies that do not currently use social media sites including Facebook and Twitter need to build their own social profile in a bid to expand their business. Likewise, they should think very carefully before banning staff from accessing such sites.

He cited US TV cable network Comcast as an example. Previously, the firm had a poor customer service record, so bad in fact that consumers tended to head straight to Twitter to vent their frustrations rather call the customer services support team. It was only after the company began to monitor its profile on social networks that it began to see how frustrated its customers were. As a result, Comcast set up a dedicated Twitter team that was employed to monitor the micro-blogging site and respond to tweets. However, Qualys said if Comcast had banned use of social networks for its employees and chosen to avoid checking out its social profile, then the business would have been unable to improve its customer service.

Kandek said it was case of weighing up the risks versus the benefits and working out what was worth more. However, in the case of military personnel it might be wiser to ban access altogether or at least educate staff on the dangers of posting their locations. The firm referenced a case in the Israeli army where a solider was on a mission and posted updates and photos to Facebook regarding his location. Of course, this could have potentially jeopardised the mission and even led the enemy straight to them.

Another area Kandek said firms should apply the same principle to is giving staff the ability to work from home using their own laptops, tablets or smartphones. He said research by Intel had revealed that by easing up on restrictions and allowing staff to access networks from home and on-the-go meant they could achieve a further eight hours productivity every week.

However, firms opting to let staff use their own devices for work should consider the fact that Qualys believe older software, even if it is patched, offers a great security risk than new versions of programmes. The security firm says protection mechanisms such as sandboxing mean that on many occasions vulnerabilities can't actually be exploited in newer software unlike older versions.

Rodrigo Rubira Branco, Qualys' director of vulnerability and malware research added that hackers are more likely to exploit flaws in older software than in newer programs because it takes more time to bypass sandboxes and other protection mechanisms.

Qualys also believes that by communicating any policies of the use of personal devices at work and social media and the reasons behind them, staff will be more understanding.