A richer, but more dangerous web

Thus far, Web 2.0 has been about allowing people to create and share content and to collaborate online on a much wider scale than ever before. On a social level we have witnessed the phenomenal growth of sites such as Facebook and MySpace, but beyond this it is debatable whether Web 2.0 has yet resulted in significant changes in the way in which we use the Internet.

However, as the adoption of Rich Internet Applications (RIAs) becomes a reality we will start to see a second stage in the evolution of Web 2.0 and greater changes in our use of the Internet.

RIAs have the features and functionality of traditional desktop applications, providing interface behaviours that are far richer and more responsive than those of a standard web browser. RIAs bring greater interactivity and usability to web-deployed applications and are driving a change in the way enterprises use the Internet. Moving forward, Web 2.0 will mean a change in the way in which consumers interact with businesses, as RIAs will enable companies to offer much more user-friendly and truly interactive customer services online. The result will be a second stage in e-commerce – online shopping, banking and networking will take off like never before.

The accessing of media-rich, collaborative sites by employees is already cause for concern in terms of both employee productivity and security. Businesses and individuals are creating and uploading content to the web with little or no control over what is hosted, and this trend is set to increase. As businesses capitalize on RIAs by expanding their online services, more and more data will be stored online – and as the explosion in social networking has already shown us, the more opportunities the Internet gives us, the more points of access it gives criminals.

Organized cyber criminals are using increasingly sophisticated methods to harvest our confidential data and this further evolution of the web offers them even greater pickings. RIAs have created potential hideaways for information thieves – and use of our Honeyjax technology, which seeks out emerging Internet threats, has confirmed that such sites are being used for targeted attacks.

RIAs create environments that are far more open and interactive than traditional websites, and browsers configured to run rich media applications can leave gaps in a company’s IT infrastructure, thus increasing its potential exposure to malicious attacks. Furthermore, much of the malware designed to capitalize on these vulnerabilities is able to avoid detection by traditional anti-virus and firewall software. In a business environment, this can lead not only to a compromise of an individual’s online identity, but will also put company data at risk.

At best the evolving Web 2.0 will change the way people interact with online services and applications – at worst it could create a lawless cloud of personal and business information that can be hacked and exploited for nefarious means. In order to avoid financial and corporate data theft, businesses must have robust policies that automate security so that the responsibility of avoiding malicious websites does not lie with individual users. The key to protection is in prevention: the IT department can manage access to Web 2.0 sites by creating and automating web use policies with technology that mitigates against any potential security vulnerabilities. Tools exist that can emulate behaviour within Web 2.0 applications to uncover threats before they spread.

By embracing Web 2.0 and Rich Internet Applications in the right way business can become more productive and dynamic by nature. However, it is imperative that both businesses and consumers are aware of the risks that accessing these sites and sharing confidential data on the web pose. By implementing a simple layered approach to security, enterprises will be able to protect both their employees and their businesses.

Latest articles:

Bulletin Archive