Businesses looking for ways to increase efficiency and reach out to the public see a lot to like in Web 2.0 applications and social networking sites. As employers around the world are also discovering, however, the security and privacy issues that accompany those potential boons can be quite confounding. On July 28, the Israeli Supervisor of Banks sent a letter to Israeli banks and credit card companies outlining key concerns about the Web 2.0 platform and specifically blogs and social networking like Twitter, Facebook, YouTube, LinkedIn, and MySpace. The letter requires financial institutions to take certain actions to mitigate risks to the security and privacy of employee and customer data posed by the use of such online social networking sites by bank employees. Financial institutions must assess the overall dangers, preferably using an outside expert on social networks, create a security policy for the use of such networks, and establish a strategy for enforcing the new security parameters. The requirements laid out in the July 28 letter are in addition to those set forth by the Supervisor of Banks in Proper Conduct of Banking Business Regulation No. 357, Information Technology Management, as well as other applicable laws and regulations.