Web 2.0 has the potential be great for businesses. Applications such as social media, peer-to-peer (P2P) file sharing, instant messaging, streaming media and mobile applications enabled companies to build dynamic networking communities and foster ad hoc collaboration for employees, customers and partners.
Yet the promise of Web 2.0 does not come without pitfalls. Though Web 2.0 applications can enhance productivity by easing collaboration, they can also crush productivity by delivering malware in unique and unpredictable ways.
Recognizing Web 2.0 threats
Every interactive or social media application can open a potential access point into your network. Connections in Web 2.0 environments are often user-defined, based on social relationships rather than authentication. Web 2.0 threats not only aim at individual users, but at everyone in their entire evolving networking community, propagating quickly and unpredictably. There is no default setting built into Web 2.0 to prevent users from downloading a file or linking to a site recommended by a ”friend” who is actually a criminal only pretending to be a friend.
Web 2.0 applications enable workers to inappropriately tweet, blog, swap files, gamble, date, shop, play games, listen to music or watch videos on the job. These non-business activities can leak sensitive or confidential information, and contain offensive or discriminatory content prohibited by internal, governmental or industry regulations. In addition, media-rich Web 2.0 applications can deplete bandwidth reserves. During a major news or sports event, video traffic can steal bandwidth away from mission-critical applications. Productivity gets hit two ways: workers either are distracted from their work, or do not have the necessary bandwidth to produce it.
Take a layered approach. Look to consolidated solutions that integrate multiple defenses like anti-virus, anti-spam, anti-spyware, intrusion prevention, application firewall and content filtering in a single platform. Not only does this reduce complexity and costs by eliminating separate consoles to administer, it also helps close security gaps that emerging threats could exploit.
Enforce authentication policies. Though you will not always prevent users from accessing malicious sites using signature updates alone, you can add a layer of deep packet inspection at your gateway to analyze traffic payloads and stop users from downloading malware into your network.
Deploy firewall services. Configure content filtering and application firewalls to block inappropriate outbound traffic, and alert appropriate management authorities. In additon, apply deep packet inspection to identify and block botnet attacks and other malicious payloads buried in excessively large streaming media.
Implement bandwidth management controls. To offset productivity threats, deploy bandwidth management tools to restrict the bandwidth available to non-productive applications.
Run wireless and VPN traffic through firewalls. Assume all entry points to your network are intrinsically unsafe. Route all traffic traversing your network via wireless, mobile or VPN technology through a comprehensive security firewall.
The trusting, collaborative and open nature of the Web 2.0 environment inherently lends itself to malicious exploitation. As with any emerging technology, businesses must ultimately weigh the potential of Web 2.0 against its inherent risks. By establishing and enforcing network security best practices, IT can minimize these risks and help businesses realize the full potential of Web 2.0 applications.