Industry View

New Ways to Approach Security in a Web 2.0 World

Web 2.0 technologies have ushered in a new age of security threats. Brian Foster, vice president of product management with Symantec, shares his insight on what you need to do to safeguard your company in today's business environment

By Brian Foster, Symantec

Security and Risk

The growing sophistication of today's attacks calls for more scalable security. Enterprises now need proactive security measures that can adapt to protect against the most proximate and pressing risks the particular organization faces. For example, while traditional antivirus, antispyware, and other signature-based protection measures, which are primarily reactive, may have been sufficient to protect an organization's vital resources a few years ago, they need to be combined with more proactive behavior-based technologies in the Web 2.0 world.

A more effective security approach addresses a range of considerations, from the level of risk associated with a threat to the information requiring protecting and the reputation of those who attempt to access the organization's systems and information. In a Security 2.0 environment, proactive technologies automatically analyze application behaviors and network communications to detect and block suspicious activities, while device and application control features allow administrators to deny specific device and application activities deemed high risk. These next-generation technologies can even block specific actions based on the location of the user. Better yet, an endpoint that is not in compliance with security policies is automatically remediated, thereby further protecting corporate information assets.

Standard Operating Procedure

Perhaps one of the most significant changes that Security 2.0 calls for is the need to turn security into a standard business process. Although the traditional approach to enterprise security has involved individual groups with an organization working in silos, with often disconnected processes and technologies, a next-generation security strategy combines standard security with data management, thereby embedding security throughout the organization's business processes. These processes are then standardized and automated to drive down the cost of day-to-day security activities while also providing more proactive protection.

With enterprises facing both internal and external threats to information in an increasingly connected, collaborative Web 2.0, a new approach to protecting information and interactions is required.

Security 2.0 represents the future of security. It will enable organizations to not only protect their information assets against a growing range of threats but also to take advantage of new opportunities in an interconnected environment. This new approach to protection moves security from simply locking down systems to helping keep users and information protected.

Evolutionary and dynamic, Security 2.0 is essential in a Web 2.0 world.

• Email
• Print
• Comments
• Digg This
• SlashDot

• Sophos: Facebook Malware Attack Puts Work Computers at Risk
• Web 2.0 Applications and Sites (and Security Concerns)
• Security and the Generational Divide
• Does Your Generation Pose an Office Security Risk?
• Industry View: Web Application Security Today - Are We All Insane?
• Social Networking Security Risks