How to Integrate Data Loss Protection in Web 2.0 Security Strategies

Web browser virtualization technology

To effectively protect against Web 2.0 threats at the user client, leading-edge enterprises are implementing technology solutions and an array of behavioral and analysis techniques that enable employees to take advantage of collaborative tools without compromising security.

For example, organizations are leveraging Web browser virtualization technology that can isolate both known and unknown threats—providing advanced heuristics to stop users from going to dangerous sites. Today, social networking and Web 2.0 applications are available to nearly anyone with a browser. Luckily, Web browser virtualization technology helps companies separate corporate data from the Internet and allow users to freely surf the Web with full protection.

As with all security, multilayered protection focused on prevention is critical to safeguarding your business. A good strategy for Web 2.0 protection will include the following seven features:

1. Application control: Implement granular security controls for Web 2.0, social networking and Internet applications

2. Compliance: Log and archive records to meet regulatory or e-discovery requirements

3. Web filtering: Monitor and control employee use of the Web

4. Malware prevention: Stop spyware, rootkits and worms at the gateway

5. Bandwidth control: Control the use of bandwidth-intensive applications such as file sharing and video streaming

6. Web-browser virtualization: Provide a dual browser mode, allowing users to separate corporate data from the Internet

7. Self-learning capabilities: Analyze user behavior and preconfigured policies, alerting users when sensitive data may be at risk

Security in the Web 2.0 world is complex and has left companies challenged with how to manage this generation of threat vectors. An effective Web 2.0 security strategy will complement network protection with comprehensive endpoint security, and allow organizations to easily integrate new security services on existing infrastructure without exhausting limited IT budgets. It will be critical for organizations to implement solutions focused on better security, simple management and with enough flexibility to evolve with the changing security needs of the business.

Bob Hinden is a Check Point Software Fellow. Previously, Bob was a Chief Internet Technologist at Nokia Networks. Bob has worked on the Internet since its early days as a DARPA research project to the current Internet, and has seen threats from the start, from a few hackers showing off to their friends to the sophisticated and coordinated cybercrime it has evolved into today.

Bob is the chair of the Administrative Oversight Committee (IAOC) and the IPv6 working group at the Internet Engineering Task Force (IETF). Bob has been active in the IETF since 1985 and is the author of 36 Request for Comments (RFC). Prior, Bob served on the Internet Architecture Board (IAB) and was Area Director for Routing in the Internet Engineering Steering group from 1987 to 1994. He is also a member of the RFC Editorial Board. Bob was the co-recipient of the 2008 IEEE Internet Award for pioneering work in the development of the first Internet routers.

Bob holds a Bachelor's of Science degree in Electrical Engineering and a Master's of Science degree in Computer Science from Union College, Schenectady, NY. He can be reached at rhinden@checkpoint.com.