by Joe McKendrick
August 10, 2010 at 4:50 pm
· Filed under 2.0 Design Thinking, Enterprise 2.0, Enterprise Software, FASTforward'09, Web 2.0
Now, a word about Enterprise 2.0 security… It doesn’t have to spoil the party, but it needs to be addressed in ever-security-conscious enterprises.
A new survey out of the Ponemon Institute, for one, finds plenty of angst over Web 2.0 security in enterprise settings. In fact, 82 percent of the 2,100 IT security administrators responding to the survey believe social networking, Internet applications and widgets “have significantly lowered the security posture of their organization.”
The threats come in several forms, the survey reports — viruses, malware and data loss.
But viruses, malware and data loss have been threats on the Web for almost a decade now. So what’s new about any of this?
The problem, said Dr. Larry Ponemon, chairman and founder of the Ponemon Institute, is the same one that has been plaguing the Web since the mid 1990s. That is, not enough people are thinking enough about online security, at least not until something bad happens. “Security can be seen as an afterthought for corporate users of Web 2.0 applications; the growing number and sophistication of security threats, coupled with the proliferation of online and easily downloadable tools, is exacerbating the challenges of protecting sensitive information,” he said. “Most IT administrators do not believe their organizations have sufficient resources dedicated to securing critical Web applications.”
Okay, let’s appoint a committee.
Better yet, Ponemon recommends, put employees themselves in charge of security issues. Unfortunately, the IT security administrators surveyed “believe employees rarely or never consider corporate security threats in their everyday business communications – when downloading Internet applications, Web browsing, opening links, video streaming, utilizing peer-to-peer (P2P) file sharing sites and engaging in social networking outlets.” Fifty-two percent of US respondents believe end-users rarely or never consider security issues in their daily business communications.
Nevertheless, according to more than half of respondents in the US, the most responsible party for minimizing Web 2.0 security risk should be the end-user, followed by information security (CISO) and corporate IT (CIO).
So, it’s going to take plenty of education and awareness to get users on board with addressing the security issues that come with Enterprise Web 2.0.
So the takeaway is that Enterprise Web 2.0 adoption is so widespread and end-user driven that only end-users themselves can keep security in check.
An executive summary of the survey findings is available here.
Permalink
16 Tweets
What struck me most about the results is the idea that ” the IT security administrators surveyed ‘believe employees rarely or never consider corporate security threats in their everyday business communications.’” Though I am independently employed now, I honestly cannot recall any information or education from IT about these risks when I was employed by others.
We hear all the time about IT blocking access to various sites, but rarely do they provide sound explanations as to why. In the absence of a good explanation, people assume the IT folks are just being risk-averse control freaks who treat employees like children who can’t be trusted.
These results reinforce the need for better education and training about digital technologies, including the accompanying risks and responsibilities. Thanks for sharing them, Joe.
Courtney Hunt
Founder, Social Media in Organizations (SMinOrgs) Community
 |
ChrisAugust 31st, 2010 at 3:56 pm |
Employees will continue to violate policy. Here is another take:
http://www.peer2peerterminator.com/security
Its going to be an uphill battle…
Plenty of Angst About Enterprise Web 2.0 Security: Anything New Here? http://eqent.me/c0spKo
This comment was originally posted on Twitter
fast forward.. Plenty of Angst About Enterprise Web 2.0 Security: Anything New Here? http://ow.ly/18wbCL
This comment was originally posted on Twitter
Plenty of Angst about Enterprise Web 2.0 security: Anything new here? http://bit.ly/9UtrDk
This comment was originally posted on Twitter
“Plenty of Angst About Enterprise Web 2.0 Security: Anything New Here? by Joe McKendrick” – #E20 http://bit.ly/d7j8TO
This comment was originally posted on Twitter
Plenty of Angst About Enterprise Web 2.0 Security: Anything New Here? #e20 http://tinyurl.com/2wb6lc6
This comment was originally posted on Twitter
from @joemckendrick Plenty of Angst About Enterprise Web 2.0 Security: Anything New Here? http://bit.ly/doW15F
This comment was originally posted on Twitter
RT @BillIves: from @joemckendrick Plenty of Angst About Enterprise Web 2.0 Security: Anything New Here? http://bit.ly/doW15F
This comment was originally posted on Twitter
The FASTForward Blog » Plenty of Angst About Enterprise Web 2.0 Security: Anything New Here? http://ow.ly/2odCH
This comment was originally posted on Twitter
The FASTForward Blog » Plenty of Angst About Enterprise Web 2.0 Security: Anything New Here? http://ow.ly/2odFf
This comment was originally posted on Twitter
 |
Heiko02August 12th, 2010 at 2:19 am |
RT @Stefan63atIBM: The FASTForward Blog » Plenty of Angst About Enterprise Web 2.0 Security: Anything New Here? http://ow.ly/2odFf
This comment was originally posted on Twitter
Are #security threats a necessary risk for Enterprise 2.0? Who’s responsible? Good post: http://j.mp/bhW9Bs /via @BillIves
This comment was originally posted on Twitter
52% of IT admins believe end-users rarely or never consider #security issues in their daily business http://j.mp/bhW9Bs
This comment was originally posted on Twitter
Best way to mitigate #security threats for #e20? “Plenty of education and awareness”~@joemckendrick http://j.mp/bhW9Bs
This comment was originally posted on Twitter
RT @eric_andersen: 52% of IT admins believe end-users rarely or never consider #security issues in their daily business http://j.mp/bhW9Bs
This comment was originally posted on Twitter
Plenty of Angst About Enterprise Security: A new survey finds plenty of angst over Web 2.0 security in enterprise http://j.mp/aGKkPf
This comment was originally posted on Twitter
Plenty of Angst About Enterprise Web 2.0 Security: Anything New Here?. From FastForward, the blog. http://ow.ly/2q8pV
This comment was originally posted on Twitter
» Subscribe to the RSS feed for these comments
HTML-Tags:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>
Additional comments powered by BackType
