Security Admins Speak Up: More Awareness, Controls Needed for Web 2.0

A majority of security professionals surveyed for a recent study acknowledged that Web 2.0 applications are essential to their organizations but believe such tools open up a range of security holes.

Among the 2,100 IT security administrators questioned for the “Web 2.0 Security in the Workplace” study from Check Point Software and the Ponemon Institute (News - Alert), 82 percent said that social networking, Internet applications and widgets have lowered the security postures of their organizations. Those surveyed pointed to viruses, malware and data loss as the top Web 2.0 concerns.

Most of the security pros interviewed believe their fellow employees are essential in helping to mitigate security risks associated with Web 2.0 apps. But some also feel those employees rarely, if ever, consider corporate security when browsing the Web, using social networks, downloading files, streaming videos, or using file sharing sites.

Overall, the study found that security can sometimes be seen as an afterthought by users. Combine that with the growing number and sophistication of security threats and the rise in the number of easily downloadable tools, and protecting a company’s sensitive data becomes a true challenge.

Most admins feel that employees should be held most responsible for opening up security holes as a result of the misuse of Web 2.0 tools and that user education and awareness are needed to maintain security. Further, half of those surveyed place high importance on reducing security risks, with most saying they plan to set up a solution to guard against vulnerabilities from the Web 2.0 over the next five years. Many IT admins don’t believe their organizations currently have the resources to secure critical Web applications, so the right tools are critical in this regard.

To compile its survey results, Ponemon interviewed IT security admins in the U.S., U.K., France, Japan, and Australia across a range of small, medium and large businesses.