Rethink Web 2.0 security, Gartner warns

Enterprises should re-examine their approach to IT security, as Web 2.0 will pose a new set of security risks, analyst house says.

Web 2.0 technologies will bring "significant security risks", according to a recent release from Gartner.

Businesses should re-examine their IT security frameworks and take action early to limit risks, the report said Wednesday.

Joseph Feiman, vice president and Gartner fellow, said in a statement that many of the concepts run contrary to traditional IT security practices.

He was referring to how the use of Web 2.0 services requires more participation from users, and a corresponding need for enterprises to free up control to allow users to use the services effectively.

This challenge poses inbound risks such as malicious code in RSS (Really Simple Syndication) feeds. There is also a risk that information will be leaked through inappropriate blogging or sharing through collaboration sites, Feiman said.

On limiting the risks when building Web 2.0 applications, Feiman said that an enterprise should "adopt a secure development life cycle and focus on validating all input, whether it is from an internal user or business partner."