August 5th, 2009
Security risks of Web 2.0 tools should not be overlooked by enterprises, individuals
Like it or not, the use of Web 2.0 technology use in enterprises is here to stay. Even longstanding enterprise software providers, such as Salesforce.com, have created tools for integrating social networks into the customer support and lead generation process. And you’d be hard-pressed to find a Fortune 500 company that doesn’t, at the very least, have a corporate blog.
Over the last few weeks, two organizations issued study results focusing on the use of social networking within the enterprise. RSA Conference, in its “What Security Issues Are You Currently Facing?” report, surveyed nearly 150 C-level executives and professionals charged with directing, managing and engineering security infrastructures within their respective organizations.
Social networking and security was a consideration, however it appears that organizations thus far claim to have been minimally impacted by social network threats. According to the survey, 84 percent of respondents allow Twitter and Facebook in the enterprise, however only 3 percent were seriously affected by the recent Facebook and Twitter phishing attacks.
“The fact that only 3 percent of people surveyed said that their companies had been impacted shows how big the problem really is,” said Mike Murray, chief information security officer for Foreground Security. “The problem is that the security technology they have in place doesn’t allow them visibility into the threats. Current technologies are not looking for threats that take advantage of human weakness. It’s like having your hands over your eyes. It’s such a bad problem they can’t even see it.”
In another study, Frost & Sullivan issued its “Web 2.0 Tools: Consumer Technologies Entering the Enterprise World” report. The firm surveyed more than 1,400 Web 2.0 tools users who work fulltime within a U.S. organization. According to the report, there are many perceived risks of Web 2.0 tools in the enterprise, including fear over confidential information inadvertently being published, allowance of malware onto corporate networks, network bandwidth issues and loss of employee productivity. Respondents ranked social networks as the tool with the largest perceived risk, above blogs, wikis and team spaces. While to the users social networks presented the greatest risk, that risk is still perceived as only “moderate.”
The fact that both studies indicate a lukewarm concern toward Web 2.0 tools in the enterprise is alarming, and to Murray’s point shows that those surveyed may not understand the larger problem at hand. Earlier this year Kaspersky Labs issued a report stating that attacks through social networks are 10 times as effective as distributing malware through email. That Web 2.0 tools, including social networks, pose a larger security risk to individuals is a misconception. Any of these types of attacks could present serious ramifications for businesses.
Next: Methods to address the madness –>
Pages: 1 2
Jennifer Leggio, aka "Mediaphyter," writes about the "social business" side of social media - including enterprise, security and reputation issues. See her full profile and disclosure of her industry affiliations.
For daily updates on Jennifer's activities, follow her on Twitter.
Subscribe to Social Business via Email alerts or RSS.
