Only one in five firms blocks access to social network websites despite them being increasingly popular sources of information for criminals.
The main threats from these sites are viruses (57%) and spam (54%). However, financial damage from downtime and fraud are their top concerns should IT security be breached, researchers found.
The survey of just over 1000 IT professionals in Western Europe showed them also ignoring threats posed by network technologies such as instant messenger and web-based e-mail in favour of more pressing priorities.
"IT professionals often have to choose between what they know are serious security threats and other business priorities such as productivity and employee morale," said Toralv Dirro, security strategist for McAfee Avert Lab, which commissioned the survey.
"We see usage policies used more often to bridge the gap between what IT departments would like to block and what is practical."
Websites for music downloads and dating are the only sites on both blocked and threat lists. The most commonly blocked sites are dating (36%), music downloads (36%), online music communities (24%), video content (24%) and online radio (23%).
Those thought most dangerous are music downloads (58%), dating (56%), instant messenger (53%), social networking sites (48%) and web-based e-mail (46%).
Sweden is the most lenient country, with 57% of IT professionals not limiting access for their workmates. The UK was strictest, with just 28% not locking access.