Software // Enterprise Applications
News
10/3/2007
12:56 PM
Connect Directly
RSS
E-Mail
50%
50%

Study: Companies Dive Into Web 2.0 Without Securing Risks

A Forrester Research study reveals the vast majority of enterprises adopt Web 2.0 technologies without preparing to fend off the related threats.

While the majority of enterprises are using Web 2.0 technology, they're not prepared to deal with the security risks that come along with it, according to a study released Wednesday.

Forrester Research surveyed 153 IT professionals and found 96% said they are not only using Web 2.0 technologies but their companies are finding value in them. The problem is that the companies may have made the leap into Web 2.0 without thinking about the security consequences. A full 90% reported that they are at the least "very concerned" about related threats.

"Today, the Internet is beleaguered with threats such as phishing, viruses, spyware, and botnets, all threatening to challenge your business operations," said Chenxi Wang, a principal analyst with Forrester, in a written statement. "Forrester's study ... reveals that most companies are slow to respond to the latest threats, or aren't sure what to do to adequately secure. We have found that most companies that have implemented any kind of Web protection have only installed URL filtering and signature scanning. Yet, malware writers are now using the Web as a primary vehicle to propagate a plethora of new threats undeterred by traditional security means. The need for more effective Web protection has never been greater."

The study, which was commissioned by security software vendor Secure Computing, showed that there's a gap between security perception and the reality.

According to Forrester, while nearly 97% of those surveyed said their companies are prepared for Web-borne threats, 68% admitted there is room for improvement. The survey also showed that 79% reported being hit with malware attacks fairly frequently. And 46% of them reported spending more than $25,000 in the last fiscal year for malware cleanup alone.

Business managers and marketing heads like the idea of the customer-generated content that Web 2.0 offers. An automobile maker, for instance, might start a social network, allowing customers to write about their experiences and post pictures and video of road trips.

The problem is that malicious hackers are increasingly focusing their attention on using Web 2.0 technologies as entries into unsecured companies. Hackers and spammers, for instance, can create their own pages on social networking sites and riddle them with malicious code to infect their social networking peers. One worm planted in a MySpace page infected more than 1 million users. And malware writers are beginning to target vulnerabilities in Ajax-based applications, which help make the Web 2.0 sites so dynamic.

Comment  | 
Print  | 
More Insights
Building A Mobile Business Mindset
Building A Mobile Business Mindset
Among 688 respondents, 46% have deployed mobile apps, with an additional 24% planning to in the next year. Soon all apps will look like mobile apps – and it's past time for those with no plans to get cracking.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest September 23, 2014
Intrigued by the concept of a converged infrastructure but worry you lack the expertise to DIY? Dell, HP, IBM, VMware, and other vendors want to help.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.