Web 2.0, a term coined in 2004, has changed the nature of the Internet and how people use it forever – and its benefits apply not only to individuals but to businesses too. However, for businesses to make the most of Web 2.0, they need to understand the challenges it poses, as well as the benefits, writes Martin Tassev, MD of LOOPHOLD Security Distribution.
Web 2.0 refers to the shift of the Web from being a repository of static information to a highly collaborative and dynamic medium for communication. The user experience has changed from being passive to highly interactive, and users have moved from being merely content viewers to content creators. This is evident in the plethora of social-networking sites, video-sharing sites, wikis, blogs, Web-based communities and Web applications that have sprouted up in the last five years or so.
Harnessing Web 2.0 for the enterprise
Web 2.0 is based on collaboration, allowing users to add value and improve applications as they use them. For example, the success of Wikipedia – or any social network – relies on user participation. Businesses can take advantage of applications that work in this way, not only allowing them to attract more customers, but also to learn more about them and improve their offerings through customer contributions. Marketing, customer support, and research can be streamlined, making these business processes more dynamic and more effective.
The benefits of utilising Web 2.0 for business purposes have been demonstrated by many companies in the last few years. But the very characteristics that make Web 2.0 so attractive for business are the very same ones that have given rise to a number of challenges and problems.
The application management problem
From Salesforce and SAP, to Twitter, Facebook, YouTube, BitTorrent and hundreds more, a large portion of today's network traffic is made up of applications. This means that port and protocol details for setting and enforcing application usage has been eroded, as such security measures cannot differentiate between 'the good, the bad, and everything in between' when it comes to applications. This leads to misuse of the corporate network, a decline in productivity, and exorbitant bandwidth usage.
This means organisations should invest in a security solution that can accurately identify network applications, and control their usage. Each organisation has unique requirements when it comes to application use so it is essential that they choose a security solution that allows for easy customisation, while at the same time being easy to manage and configure.
The dynamic Web/threats problem
Web content can come from anywhere and anyone, and is generated on a continuous basis. This makes it hard to verify the source of content – content on one website might not originate from that website, for example. The participatory nature of Web 2.0 also means that anyone can contribute – even hackers, and those that 'contribute' malware. Because content cannot be 'pre-classified', businesses should not rely on security tools that attempt to do so.
Organisations need to ensure that their security solution is able to effectively scan and disinfect both inbound and outbound traffic – in real time – thus not relying on pre-classification of content.
The data leakage problem
The bi-directional nature of the Web means that sharing is easy. This is great for encouraging participation, but the problem is that it is now much easier to accidentally disclose sensitive data than ever before. This is made worse by the increasingly blurred lines between employees' personal and work lives, and the use of certain platforms for both social and business purposes. Aside from the potential for accidental disclosure, these factors also make the intentional disclosure of sensitive information far easier.
To prevent a business disaster caused by data leakage, organisations should invest in a solution that not only blocks outbound email containing company confidential information, but is able to prevent anything that contains the 'Company Confidential' watermark from being leaked over any application or email service. And the solution should also allow for more than just the control of files, but of any communications sessions detected on-the-fly that contain sensitive information.
Enterprise 2.0 is here to stay. And the Web as we know it today is constantly evolving, creating new opportunities and challenges for businesses. One thing is certain – businesses wishing to gain – or keep – their competitive advantage can't discount these opportunities in fear of new threats. Instead, they should opt for a security solution that provides the freshest intelligence and practices to help them effectively manage content in this new dynamic environment.