Cisco on Wednesday published the first part of a two-phased study to examine how businesses are using social networking tools to collaborate with the outside world. Based on the findings from the study, Cisco says business leaders need to get IT departments involved with the use of such tools, and put some parameters around how they are to be used.

Conducted between April and September of 2009, the study asked 105 participants about their use of social networking in corporate settings. It found that in marketing and communications departments social networking tools are already considered key forms of business communications, as companies move from a `broadcast' model of interaction with customers to a more ‘conversational' one. Respondents in small and medium-sized companies are also using social networking outlets to generate leads, although larger companies haven't yet picked up on this trend, the study says.

Respondents to the study said that the advantages of collaborating with customers, clients, and other external contacts include connecting people with the information they are looking for and finding new markets, as well as heightening contact with customers and brand awareness.

However, the study also highlighted a number of what Cisco considers to be potential risks associated with using these consumer-oriented social networking tools in a business setting. For example, only one in seven respondents said their company has  a formal process in place for adopting social-networking tools, and one in five respondents said their companies had instituted formal policies regarding the use of these tools.

One reason there's a lack of governance regarding how these tools should be used in a business setting is that it's often difficult to pinpoint which department or discipline has ownership over them. Businesses are also finding it hard to formulate social networking policies because these tools are inherently personal, and therefore it's not as easy to distinguish the person from the business when using them, according to Cisco.

Perhaps the biggest red flag noted in Cisco's study summary was that only one in ten respondents said that there was "direct IT involvement in externally facing social networking initiatives." That's alarming no matter what type of application is being installed without IT's knowledge or support, but given the security risks posed by social networking sites businesses should be vigilant about controlling what's being used and getting the IT department involved.