Infrastructure
News
5/24/2007
04:18 PM
Connect Directly
RSS
E-Mail
50%
50%

Web 2.0: Workers See Friend, Employers See Foe

Most companies are more concerned with blocking Web site categories, such as those labeled "adult" or "gambling," than with targeting individual Web sites, a new report notes.

When the Defense Department recently banned department personnel from visiting social networking and entertainment sites such as MySpace, YouTube, and 11 others, it cited bandwidth constraints and security concerns as the primary criteria. In the business world, however, while these sites don't exactly boost productivity, companies are much more concerned with shutting out banner and pop-up ads as well as adware likely to install cookies on company-owned PCs.

Barracuda Networks, a maker of e-mail and Web filtering technology, this week reported that the top sites its customers blocked over the past month demonstrate this trend. The top 10 sites blocked -- including Doubleclick.net, Googlesyndication.com, Omniture Inc.'s 2o7.net, Rad.msn.com, and Atwola.com -- are all related to marketing and advertising to Internet users. Meanwhile, sites like MySpace, World of Warcraft, and YouTube are still likely to be blocked by Barracuda customers, but none of them make the company's Top 20 list of most blocked sites.

Web-based content is blocked for three reasons primarily: to avoid legal liability for any illegal activity in which their workers might be engaged, to reduce the risk of malware infections, and to prevent drops in productivity that accompany access to nonessential Web content.

Although it's almost intuitive that a company would want to block any site that promotes worker procrastination, the fact is most companies are more concerned with blocking Web site categories, such as those labeled "adult" or "gambling," than with targeting individual Web sites like MySpace or YouTube, said Stephen Pao, Barracuda's VP of product management.

"Companies will block applications under the category 'streaming media' rather specifically block YouTube or XMRadio.com, although this does ultimately block access to those sites," Pao said.

Another school of thought is that Web 2.0 sites that promote social networking and multimedia content have some value to workers despite any distractions they might cause. Half of the 162 customers that security research firm and vendor Sophos polled between May 16 and 22 said that employees should be able to access MySpace and that the key message is that good productivity is the result of good management, whereas access to a wide variety of Web sites isn't necessarily to blame for poor productivity. One-quarter of the respondents to the Web-based poll were opposed to blocking access to MySpace because the effort would be too complicated and time consuming, while the rest of the respondents worried about employee "backlash" at having MySpace access taken away, meaning they might try to circumvent Web filters or try to access the site in some other way.

This doesn't mean that opening corporate networks up to social networking or gaming sites is a good idea. As end users become hip to more mainstream threats like phishing (does anyone still click on random e-mails from PayPal or financial institutions?), malware writers are building threats directly into Web sites that user frequent.

"Interactive Web sites have become a vector by which infections can occur," said Ron O'Brien, Sophos senior security analyst. In April alone, Sophos identified 245,790 Web pages hosting malicious code, and that total grows daily.

In March, Sophos issued an advisory to warn companies about the ongoing threat of malicious code being posted to MySpace, in particular the SpaceStalk spyware Trojan horse embedded in a QuickTime movie on the MySpace page of MAMASAID, a French rock band. SpaceStalk's JavaScript code downloaded from the Net additional malicious code onto users' computers to steal information.

Companies have to weigh carefully the benefits of how much rope they give their users. It was once debatable whether Web-based apps like VoIP, P2P networking, and IM had any business value, yet these emerging technologies have for the most part become a good fit in today's work environments. With the right amount of foresight and security precautions, the same might someday be said of MySpace and YouTube.

Comment  | 
Print  | 
More Insights
2014 Next-Gen WAN Survey
2014 Next-Gen WAN Survey
While 68% say demand for WAN bandwidth will increase, just 15% are in the process of bringing new services or more capacity online now. For 26%, cost is the problem. Enter vendors from Aryaka to Cisco to Pertino, all looking to use cloud to transform how IT delivers wide-area connectivity.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - July 22, 2014
Sophisticated attacks demand real-time risk management and continuous monitoring. Here's how federal agencies are meeting that challenge.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.