|
By Cara Garretson
Companies that allow Web 2.0 tools and applications in the workplace need to do more to protect themselves from the security risks that often come with them, according to a recent survey.
Security vendor Websense last month reported results of a survey that showed while the vast majority of respondents said they allow access to Web 2.0 sites in the workplace or deploy Web 2.0 tools and applications for corporate use, few have put in place what the vendor considers to be appropriate security measures to protect them from the threats posed by these relatively new technologies.
Websense surveyed 1,300 IT professionals in ten countries to gauge their perceptions of Web 2.0 technologies and related security risks. For the survey's purpose, Web 2.0 is defined as Web sites and applications that allow for user-generated content.
There's little question that Web 2.0 has penetrated corporate America, as features including blogs, wikis, RSS feeds, and polls are being used by employees to better collaborate internally and externally and manage projects. And, as more and more members of Generation Y enter the workforce and expect to be able to leverage the social networking and multimedia sites they've grown up with, accessing Web 2.0 sites in the office is becoming commonplace.
However, some believe that enterprises are jumping on the Web 2.0 bandwagon without first putting in place the proper security measures; essentially allowing technology designed for consumer use onto their corporate networks.
Even employees simply accessing Web 2.0-enabled sites from the corporate network can put a company at risk, particularly as these technologies gain popularity. The Secure Enterprise 2.0 Forum, an industry group seeking to promote the secure use of Web 2.0 for business, says that the number of hacking attempts on Web 2.0 sites rose during the first quarter of 2009. The group says it analyzed databases containing information of successful hacking attempts during that period to determine the rise in Web 2.0 site hacks, which totaled 21 percent of all incidents.
Social networking sites, wikis, and community blogs were the most popular targets for hackers during the first quarter, they say, followed by media and retail Web sites. Often hackers will embed malicious code on these sites that is unknowingly downloaded by site visitors, therefore infecting their systems.
Websense recommends that companies accessing or deploying Web 2.0 protect themselves by implementing technologies that perform real-time analysis of Web content, prevent URL re-directs, spyware prevention, detect malicious code embedded on "trusted" Web sites, and stop the posting of confidential information on blogs or wikis.
Other findings of Websense's survey include:
- 95 percent of all respondents currently allow employees to access Web 2.0 sites and applications, and 62 percent of IT managers in the survey said Web 2.0 is necessary for their business.
- 86 percent of respondents said they feel pressured to allow more access to Web 2.0 sites and applications; 30 percent said that pressure comes from company executives and directors, 34 percent said from marketing, and 32 percent said from sales.
- 47 percent of respondents said that their users have attempted to bypass established Web security policies.
Only registered users can write comments.
Please login or register. |
