The Dangers of Web Access
As companies rely more heavily on the Web in their move toward Enterprise 2.0, they face an increasing number of security and network problems.
A Web survey of companies with an average of 1,000 employees conducted by Osterman Research on behalf of PureWire, a Web security software as a service (SaaS) vendor, found the majority of the 139 respondents concerned about the Internet.
Fears that the Internet is an entry point for malware topped their list of concerns, with the impact of the Web and Web security on network bandwidth coming in second and enforcement of Web usage coming in third.
While many companies have established corporate policies against downloading certain types of files and have deployed systems that will block such downloads, they are not adequate solutions, the survey found.
The security problem is partly due to the outdated enterprise approach to Web security and partly due to Web 2.0 technologies, Paul Judge, chief technology officer at PureWire, told InternetNews.com.
Seventy-six percent of the respondents to the survey expressed concern over the Web as an entry point for malware, 55 percent worried about the impact of the Web and Web security on network bandwidth, and 44 percent about employee productivity losses from Web surfing.
The remote workforce is a source of worry -- 49 percent of the respondents were concerned about enforcing Web usage and Web security policies for their remote workforce, and 48 percent were concerned about supporting remote workers with various Web applications.
Those fears about remote workers are well founded, as they often engage in risky behavior, a study sponsored by Cisco (NASDAQ: CSCO) has found.
"The Web and Web applications pose a serious conundrum - the productivity gains and cost savings from the use of these tools can be significant and will become more important given the pressures resulting from the current economic crisis, but these tools create enormous risk for organizations of any size," the survey concluded.
That conclusion has a point. Browser add-ons, or plug-ins, such as Adobe (NASDAQ: ADBE) Flash, are becoming a growth industry, and Microsoft (NASDAQ: MSFT) has said that these are becoming a favorite target for attackers.
Browsers remain a target
Meanwhile, IBM (NYSE: IBM) is betting on the browser as an application platform, a move which will increase corporate exposure to the Web.
And the browsers themselves are not so safe, either. Mozilla and Microsoft both had to issue patches for their respective browsers earlier this month.
"Attackers have moved from e-mail to the Web because the traditional approach to the Web is outdated and new developments like Web 2.0 introduce challenges to Web security," PureWire's Judge said.
Enterprises are trying to do something about the security threat from the Web. The Osterman Research survey found that 79 percent of its respondents have established corporate policies against downloading certain types of files, 76 percent have deployed systems that selectively block downloads of certain file types, 69 percent of them use tools to block or monitor the use of Web applications at the firewall, and 31 percent use a Web security gateway to monitor the use of Web applications.
January 05, 2009
Learn how to securely connect to remote servers and widen your systems administration skill set with these SSH tips.