Web 2.0 in Enterprise Needs a Lock

Culture of sharing needs to be reminded about TMI at work.

SAN FRANCISCO -- The culture of participation fostered by Web 2.0 applications like blogs, wikis and widgets has turned end-users into content creators and developers. But when consumers come to the office, they need to leave their open mindset at the door.

A peer-to-peer discussion led by Charles Renert, senior director of advanced content research at Websense, showed how easily collaboration tools can insert malicious code into trusted sites.

Collaboration and social networking tools have already made strong inroads into the enterprise, both through sanctioned channels and through unauthorized downloads. Earlier this week, IBM introduced the IBM Mashup Center, a bundle of tools for non-technical users and developers. And Gartner predicts that the market for enterprise social software will more than double in the next three years, reaching $707.7 million by 2011.

Businesses realize that to attract younger customers, they need to provide the kind of open online environment they're used to from MySpace and Facebook. But how do you explain to the guy who posted shots of his naked self guzzling a margarita on a consumer photo-sharing site that putting his account data into a comment on your financial services company's blog is a no-no?

"Any technology that allows the end user to write script is dangerous. If I can get you to come to my wiki or blog, and I have JavaScript there, I can do all kinds of nefarious things," an IT administrator for a financial institution pointed out.

Sans security controls, company-hosted blogs and wikis make it all too easy to post malware. Then, the trusting, sharing culture of Web 2.0 encourages others to click on the link. Even reading blog comments could activate malicious JavaScript.

This article was first published on InternetNews.com. To read the full article, click here.

Comment and Contribute


(Maximum characters: 1200). You have characters left.