Network Security News

Web 2.0 wave ran over all the aspect s of Net activity. The concept of user-brought content is already several years old, yet the amount of such services grows. However, the old-style thinking hasn't yet prepared an adequate security model and Network codex of ethics, to meet the challenges of Web 2.0. ZDnet elaborates this in Security risks of Web 2.0 tools should not be overlooked by enterprises, individuals.

It is said: like it or not, the use of Web 2.0 technology use in enterprises is here to stay. Even longstanding enterprise software providers, such as Salesforce.com, have created tools for integrating social networks into the customer support and lead generation process. And you’d be hard-pressed to find a Fortune 500 company that doesn’t, at the very least, have a corporate blog.

Over the last few weeks, two organizations issued study results focusing on the use of social networking within the enterprise. RSA Conference, in its “What Security Issues Are You Currently Facing?” report, surveyed nearly 150 C-level executives and professionals charged with directing, managing and engineering security infrastructures within their respective organizations.

Social networking and security was a consideration, however it appears that organizations thus far claim to have been minimally impacted by social network threats. According to the survey, 84 percent of respondents allow Twitter and Facebook in the enterprise, however only 3 percent were seriously affected by the recent Facebook and Twitter phishing attacks.

“The fact that only 3 percent of people surveyed said that their companies had been impacted shows how big the problem really is,” said Mike Murray, chief information security officer for Foreground Security. “The problem is that the security technology they have in place doesn’t allow them visibility into the threats. Current technologies are not looking for threats that take advantage of human weakness. It’s like having your hands over your eyes. It’s such a bad problem they can’t even see it.”

In another study, Frost & Sullivan issued its “Web 2.0 Tools: Consumer Technologies Entering the Enterprise World” report. The firm surveyed more than 1,400 Web 2.0 tools users who work fulltime within a U.S. organization. According to the report, there are many perceived risks of Web 2.0 tools in the enterprise, including fear over confidential information inadvertently being published, allowance of malware onto corporate networks, network bandwidth issues and loss of employee productivity. Respondents ranked social networks as the tool with the largest perceived risk, above blogs, wikis and team spaces. While to the users social networks presented the greatest risk, that risk is still perceived as only “moderate.”

The main problem is there is not possible to control, or even to monitor how personal data are spread, what kinds of distributed networks responding to given credentials are prone to attacks and free from vulnerabilities and/or bugs. Web 2.0 interconnects many people, it creates a dynamic, quickly changing context in which all the communications happen. Inability to comprehend the scale of possible data leaks and credentials compromising may lead to situations akin to the recent Twitter staff credentials 'crack'.

It is not safe any more to store personal data on the Net unless one wishes to post it to public domain. Even the simplest, base security precautions, along with enough knowledge of modern Net threats is enough to protect one's data on the Net as reliably as reliable is the persons running service data are located on.

This article was brought to you by the developers of IPHost Network Monitor, network and server monitoring software.