However, there is no need to panic. With a greater understanding of the latest web applications and some forward planning, "Web 2.0" can bring a new era of more dynamism, collaboration and customer interaction to your business.
New technologies and applications always bring up novel security considerations that in the past were not an issue. It seems that analysts agree; in August, Gartner warned companies of the added security risks to be faced as a result of Web 2.0 applications. And according to the latest research from Forrester, Web 2.0 is already infiltrating many organisations, but businesses are still unprepared for the potential threats it brings.
What are the risks?
There are a number of concerns businesses should be aware of when dealing with the latest Web 2.0 technologies:
- Loss of control.
- Privacy issues and possible leaking of company information.
- Increased exposure to security flaws and consequent attacks.
All of the risks mainly stem from the loss of control that the use of Web 2.0 applications results in. In order to use these new technologies, companies have to hand over a certain amount of control of their technology - something that has probably never arisen as an issue in the past.
This aspect is especially notable in the context of social networking sites, which allow people to stay in touch with each other and build relationships. It may seem like a nice idea to set up an online profile that allows you to get customer feedback on your product or service, but consumer-generated content will involve handing things over to your customers to a certain extent. And what happens if the comments made by users aren't all as positive as you'd like?
Online networking raises other issues too, because a new breed of virus writers has also noticed the potential market. MySpace.com, which is used as a marketing tool by a lot of firms to build their brand online, has been the target of the Samy and Spaceflash worms, which changed user profiles without their knowledge. This malicious code can be spread through profiles set up by hackers, putting your firm further at risk.
And that's not all firms need to be concerned about. While having a company blog, where you post all your latest news and developments, can help you build better relationships with your customers, you may find it somewhat of a problem should the same medium be used by a disgruntled employee who wants to let off steam about their job.
Content control
Carefully choosing which content you want in the public domain is paramount. These days, businesses face a more difficult job in keeping control of their intellectual property, with Web 2.0 applications making content much more open to being distributed and reused by parties outside your firm.
For example, your blog content could be picked up and posted on another blog, linked back to your own. While it may seem like a good idea to publicise announcements to customers on your blog, if the information is in any way commercially sensitive or confidential, you may want to reconsider, as it may end up splashed all over the web before you have time to draw breath.
Back door attack
Meanwhile, some Web 2.0 applications use newer technologies, such as AJAX (synchronous JavaScript and XML).This programming technique was used in Google Maps, for example, to allow users to drag the map around with the mouse. However, experts have warned that AJAX could also provide a back door for hackers to launch an attack on a web server or to use sites to make attacks on visitors.
The potential for mistakes when using these new technologies to create a company website is also higher. If the developer fails to code the pages properly, companies can be exposed to cross-site scripting flaws, which can be used by malicious users to hijack accounts, or download harmful code to a user's PC.
If all this sounds a little overwhelming, don't panic. In the next issue, we'll give you tips and advice on how to tackle these security concerns so you can still enjoy all the benefits Web 2.0 has to offer.