Often, that involves a higher degree of openness and transparency than a lot of companies might bargain for or be comfortable with, he says. It also often means resisting the temptation to view social media purely as a channel for pushing products and corporate messages, and treating it instead as an opportunity to have a more interactive dialogue with the target audience, Gillin says.
"The culture says you don't use them as one-way communication vehicles," whether they are blogs, social networking sites, wikis, or video- and photo-sharing sites, he says. "The unifying fact of social media is that there is a response mechanism involved."
To be sure, the reach of social networks and the speed at which information travels over them can magnify the risk of sensitive or protected data ending up on Facebook or other social sites, Gillin says. And there is always the risk that someone in an organization could post something damaging or libelous about a company, its customers or its rivals.
"There's kind of a party atmosphere with these tools. People are having a blast. They are using them like crazy and don't always understand the implications of what they are doing," Gillin says.
But these are issues that need to be handled through policies, procedures and education, Gillin says, and they shouldn't spur companies to abandon social media efforts.
Legal, audit and compliance teams, which can sometimes stymie social media initiatives, need to be made aware that the same risks exist in traditional channels such as e-mail, says Gillin. And those responsible for maintaining a corporate presence on social media -- typically employees in marketing and customer support -- need to be sensitized to the risks as well, he says.
And while much of the early adoption of social media in enterprises has been driven by marketing, communications, human resources and customer support groups, it would be wise for companies diving into social media to bring IT, information security, legal and compliance teams into the picture as well, says Mike Gotta, an analyst at Burton Group.
He says companies in regulated industries using Twitter could be required to archive their Tweets for discovery purposes. The relative lack of identity-vetting on LinkedIn could pose risks for companies that allow LinkedIn information to sit alongside their corporate directories.
"You can't get too far ahead of the security and identity teams because they can at least tell you where the cautionary areas are," Gotta says.