Web 2.0 In Business Here To Stay; Security Needs Boost

Websense has revealed the findings from a global survey of 1,300 information technology managers across ten countries, asking about their perceptions of Web 2.0 in the workplace, testing their understanding of Web 2.0 technologies and assessing their organisations’ level of security preparedness. Web 2.0 sites and applications allow user-generated content and comprise the majority of the top 100 most visited sites on the Internet, including search engines like Google and Yahoo, resources like Wikipedia and news sites like CNN. Key findings from the Web2.0@Work survey include:

Web 2.0 in Business is Here to Stay

Web 2.0 has made an impact in the workplace and will continue to change the way organisations conduct business as more Web 2.0 applications make their way into the corporate environment. Though many Web 2.0 services were designed for consumer use rather than business use, organisations across all industries are already using them to increase collaboration and information exchange, streamline processes, engage key stakeholders and generate revenue. Specifically:

* 95 percent of respondents currently allow employee access to some Web 2.0 sites and applications – most commonly Webmail, mashups and wikis

* 62 percent of IT managers believe that Web 2.0 is necessary to their business

IT Experiences Pressure from All Sides

Employees are clamouring for even more use of Web 2.0 in the workplace, leaving IT departments to find the right balance between preventing security risks while still allowing safe and flexible access. The pressure for more Web 2.0 access is coming not from rogue employees, but rather from lines of business and top-level executives:

* 86 percent of IT managers reported feeling pressured to allow more access to more types of Web 2.0 sites and technologies

* 30 percent of respondents reported pressure coming from C-level executives and director level staff

* 34 percent reported pressure coming from marketing departments

* 32 percent reported pressure coming from sales departments

IT Professionals Are Overconfident in Their Security

Though many organisations already allow access to some types of Web 2.0 sites and applications, a dangerous security gap exists. The majority of respondents reported feeling confident in their organisation’s Web security, though they admit to not having the necessary security solutions to protect from all threat vectors. Additionally, a surprising number of respondents appear to be confused on what exactly constitutes Web 2.0 – and what they don’t know could put their organisations at risk.

* 80 percent of respondents reported feeling confident in their organisation’s Web security, despite the fact that the numbers show they are ill-equipped to protect from Web 2.0 security threats:

- 68 percent do not have real-time analysis of Web content
- 59 percent cannot prevent URL re-directs
- 53 percent do not have security solutions that stop spyware from sending information to bots
- 52 percent do not have solutions to detect embedded malicious code on trusted websites
- 45 percent do not have data loss prevention technology to stop company-confidential information from being uploaded to sites like blogs and wikis, hosted on unauthorised cloud computing sites, or leaked as a result of spyware and phishing attacks
- Only 9 percent report having security solutions in place to cover all threat vectors

* There is confusion even among IT professionals about what constitutes Web 2.0: Only 17 percent of respondents correctly identified all the items in the survey that can be considered Web 2.0

* Only half identified wikis, video uploading sites like YouTube and hosted software/ cloud computing sites like Google Docs to be Web 2.0

* 47 percent of respondents report that users in their organisation try to bypass their Web security policies, demonstrating that new policies are needed to provide the flexibility for employees to access the Web for their jobs while preventing inappropriate use or security threats.