The likes of MySpace, Facebook, Twitter, Wikipedia and YouTube are becoming useful and legitimate tools for more forward-thinking businesses, nonprofits and politicians alike to disseminate information to constituents and gain new followers that may not have been reached otherwise. As a result, simply blocking such sites at most organizations is no longer the conventional wisdom.
In fact, most experts agree that denying access is simply an antiquated measure to protect against standard internet threats given the commercial benefits that could be gained when a business leverages social networking sites to trumpet new products, engage new and old customers, launch new marketing campaigns, and more – especially when a still languishing economic climate demands that every means to interact with customers and clients is used.
As a result of this growing business need to enlist social networking for continuous outreach and growth, web filtering requirements are changing. Security measures now must allow for legitimate use of such sites while still protecting the overall infrastructure from malware threats and data leakage incidents, according to Forrester Research findings.
The question then is: “Just how can IT security leaders enable access to these sites without neglecting security measures that safeguard critical data and disallow the establishment of yet another vector of attack for malware?”
Preventing access to Web 2.0 sites altogether isn't the right move. But, having no controls in place when it comes to the use of these sites isn't either. Along with asking how one allows access, one must decide what the limits should be and even take a step further in deciding what educational campaigns should be adopted to teach responsible practices for using this technology. The World Wide Web was once viewed as a modern-day Wild West and now, with social networking leading the way online, Web 2.0 may be an even more complex, enlightening and dangerous new version. In such an environment, people are bound to get hurt. To avoid this, we need to strike a balance. But that will take a lot of work on all of our parts, supported by technologies, policies and, yes, end-user education.