Raising the red flag on Web 2.0

Security professionals are raising the red flag on the increasing pervasiveness of Web 2.0 technologies in the enterprise, saying that while it offers the benefit of rich applications, the risks associated with Web 2.0 can no longer be overlooked.

The move towards Web 2.0 technologies may well be another race between functionality and security, and for now at least, security seems to be at the tail end.

Security professionals are raising the red flag on the increasing pervasiveness of Web 2.0 technologies in the enterprise, saying that while it offers the benefit of rich applications, the risks associated with Web 2.0 can no longer be overlooked.

In the enterprise, for instance, a Web 2.0-enabled architecture involves applications built as Web services that provide cross-platform access and functionalities for users. "Like submitting a record to a database or changing a piece of data (for example)," says Oliver Lavery, a consultant with Toronto-based IT security firm Security Compass.

"The problem is that what's being exposed there are very detailed, technical procedure calls -- Web service calls -- using all these new technologies that haven't really been tested and [the industry doesn't] have a lot of experience securing them," Lavery says.

The increasing use of these new tools, without proper understanding of the security issues that may arise as a result, is giving attackers new avenues to explore, says Lavery.

Web 2.0-enabled social networking sites present another attack vector for the bad guys, as well. Web sites such as MySpace and Facebook have allowed people to actively interact and connect in real-time in ways they have never been able to before.

On the surface, the Web 2.0 craze may seem like a consumer phenomenon. But many security experts agree that its pervasiveness is going beyond people's homes and into the workplace, as employees access these sites from their office computer.

"The most dangerous part of any computer system are the people who run it," says University of Calgary professor Tom Keenan.

The use of mobile devices, like laptops that typically travel back and forth between the home and office, is not helping the situation either, added Keenan, who is also the IT security spokesperson for the Canadian Information Processing Society.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Mari-Len De Guzman

CIO Canada
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?