Saturday, May 18, 2024

Web 2.0 in Enterprise Needs a Lock

Datamation content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

SAN FRANCISCO — The culture of participation fostered by Web 2.0 applications like blogs, wikis and widgets has turned end-users into content creators and developers. But when consumers come to the office, they need to leave their open mindset at the door.

A peer-to-peer discussion led by Charles Renert, senior director of advanced content research at Websense, showed how easily collaboration tools can insert malicious code into trusted sites.

Collaboration and social networking tools have already made strong inroads into the enterprise, both through sanctioned channels and through unauthorized downloads. Earlier this week, IBM introduced
the IBM Mashup Center, a bundle of tools for non-technical users and developers. And Gartner predicts that the market for enterprise social software will more than double in the next three years, reaching $707.7 million by 2011.

Businesses realize that to attract younger customers, they need to provide the kind of open online environment they’re used to from MySpace and Facebook. But how do you explain to the guy who posted shots of his naked self guzzling a margarita on a consumer photo-sharing site that putting his account data into a comment on your financial services company’s blog is a no-no?

“Any technology that allows the end user to write script is dangerous. If I can get you to come to my wiki or blog, and I have JavaScript there, I can do all kinds of nefarious things,” an IT administrator for a financial institution pointed out.

Sans security controls, company-hosted blogs and wikis make it all too easy to post malware. Then, the trusting, sharing culture of Web 2.0 encourages others to click on the link. Even reading blog comments could activate malicious JavaScript.

This article was first published on To read the full article, click here.

Subscribe to Data Insider

Learn the latest news and best practices about data science, big data analytics, artificial intelligence, data security, and more.

Similar articles

Get the Free Newsletter!

Subscribe to Data Insider for top news, trends & analysis

Latest Articles