Web 2.0 poses new threats to company data

Blogs, social networks and other Web 2.0 services threaten the integrity of company information systems, research firm Gartner has warned. The warning is contained in a report on the effects of consumer-oriented digital technologies on enterprise systems.

Blogs, social networks and other Web 2.0 services threaten the integrity of company information systems, research firm Gartner has warned. The warning is contained in a report on the effects of consumer-oriented digital technologies on enterprise systems.

"Some of these services create a risk of information leaks, others offer potential new channels for malicious infection," said Rich Mogull, research vice-president at Gartner. "But eliminating their use is increasingly difficult and impractical."

He warned that smartphones and other advanced tools are targets for malware, and that as these are currently used mainly by executives, particular caution is required. Bans are unenforceable, he said.

At a minimum, such devices should communicate with the corporate systems over a secure socket layer virtual private network, Mogull said. They should also be encrypted to protect data in case they were lost or stolen.

Mogull suggested firms:

● Set clear policies on what is and is not allowed, especially with blogs.

● Detect and block incoming Java-Script exploits.

● Block any undesirable services, such as social networks.

● Use content monitors and filters and data loss prevention tools to enforce policies on all communications channels.

Web 2.0: beyond the buzz words >>

Survey shows Web 2.0 being used in business >>

David Lacey's security blog
Managing security from one of the UK's leading security experts

Comment on this article: computer.weekly@rbi.co.uk

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

  • Passive Python Network Mapping

    In this excerpt from chapter two of Passive Python Network Mapping, author Chet Hosmer discusses securing your devices against ...

  • Protecting Patient Information

    In this excerpt from chapter two of Protecting Patient Information, author Paul Cerrato discusses the consequences of data ...

  • Mobile Security and Privacy

    In this excerpt from chapter 11 of Mobile Security and Privacy, authors Raymond Choo and Man Ho Au discuss privacy and anonymity ...

SearchNetworking

SearchDataCenter

SearchDataManagement

Close