Web 2.0: a two-edged sword for enterprises

Stuart Corner
Thursday, 16 September 2010 16:31

Business IT - Security

A survey of Australian enterprises undertaken by McAfee shows enterprises keen to exploit the benefits of Web 2.0 but many being burned by security breaches resulting from doing so.

McAfee surveyed 58 Australian organisations as part of a 17 country survey of over 1000 organisations of all sizes. It reports that "About one in two organisations in Australia experienced some sort of security incident the previous year from the use of Web 2.0 applications - virus infections and a threat on greater volumes of spam were the most common."

The financial loss associated with these security incidents was high. McAfee says: "On average, large organisations spent almost $2 million in 2009 because of security incidents."  Nonetheless McAfee says: "Experts agree that the benefits of using Web 2.0 exceed the risks."

More than 66 percent of Australian organisations surveyed reported using Web 2.0 solutions for many business functions, the most common of which were IT and sales/marketing. However McAfee found users not overly sold on the benefits of these.

"Sixty-eight percent of organisations that use Web 2.0 report that expanded use of Web 2.0 technologies could create new revenue streams for their organisations. However, perceived importance of Web 2.0 solutions was tempered. Forty-two percent of respondents who reported using Web 2.0 solutions agreed they were important to business, but 47 percent were neutral."

Nonetheless McAfee sees this situation changing. "Some of the technologies have not reached maturation, and uses are still being explored. However, respondents see great potential for Web 2.0 in the future, and the data suggest that this belief drives adoption."

McAfee reports that "Forty percent of surveyed organisations have increased security measures since allowing access to Web 2.0 applications'¦Increased firewall protection was the most commonly reported measure, followed by greater levels of web filtering'¦

"While industry experts recommend both policy and technology solutions, as many as 71 percent of organisations do not budget for Web 2.0-specific security solutions, and some have incurred high, unanticipated losses."

The study concludes that "Successful organisational use of Web 2.0 is a complex balancing act that requires analysing challenges and opportunities, mitigating risks, and combining policy, employee education and technology solutions to ensure security.

"Web 2.0 advancements will continue to bring new opportunities and threats, thus requiring agility and continued evolution of resources. Successful organisations will be those that determine where and how to embrace emergent tools to add new value and agility to their organisations.

"To succeed will require careful, on-going efforts to safeguard assets, including infrastructure, data, and employees, along with measured and educated adoption of new cyber technologies."