New Generation of Internet Threats

By Bob Hinden  |  Posted 2010-04-29

How to Integrate Data Loss Protection in Web 2.0 Security Strategies

Social networking sites and Web 2.0 applications have become pervasive in the enterprise. As Web-based tools bridge gaps between communities and wipe away physical borders, they enable people and businesses to communicate in real time. While instant messaging, Web conferencing, and peer to peer file-sharing and social networking sites can provide a wealth of advantages in the enterprise, they are becoming the newest entry points for Internet threats, compliance violations and data loss.

The Web 2.0 world has made security more complex, and organizations are looking for a comprehensive approach to security that reduces-not multiplies-the number of threats, as well as eases management and regulatory challenges faced by IT managers.

For many companies, social networking and Web 2.0 applications have moved well beyond just personal use to help businesses market their products and optimize workforces.

For example, human resources may be using LinkedIn to research employee prospects, sales teams may leverage Facebook to legitimately interact with customers, and marketing departments may utilize Twitter to share headlines or expand the visibility of their latest news announcement.

The ease of sharing information, combined with real-time communications, makes many of these tools very compelling. And such trends are expected to continue, with enterprise spending on Web 2.0 technologies projected to reach $4.6B globally by 2013. Businesses can't ignore the opportunity to increase productivity by leveraging these new tools.

New Generation of Internet Threats

New generation of Internet threats

While social networking and Web 2.0 applications are increasing our ability to collaborate, they have also fueled a new generation of Internet threats.

The nature of social networking sites enables users to build a network of contacts based on an element of trust that expands outside of a business. This allows users to easily exchange or propagate information, images and files-often without requiring identification or validating information beyond a log-in and password.

The number of incidents of malware distributed by social networking and P2P file-sharing sites is rapidly increasing. These new tools are ideal to use for social engineering-based attacks, which attackers are very quick to exploit and which put sensitive data at risk. Therefore, organizations should ensure their intrusion prevention system (IPS) goes beyond detection mode and is focusing on the real prevention of threats.

Nearly 80 percent of data loss is unintentional. This is predominantly due to employee negligence or unknowingly violating security policies written in the corporate handbook. For example, an employee might e-mail a confidential document to the wrong person or use a Web-based, P2P file-sharing site to send large files to a business partner. However, without reading the fine print, they may unknowingly lose ownership and control of sensitive data after uploading their files.

It is critical to alert employees about what constitutes sensitive information in the organization, and it's just as important to educate them on acceptable or unacceptable outlets for specific types of data classification. To reduce the risks that come with the benefits of Web 2.0 applications in the enterprise, organizations should look to implement technology solutions to help sensitize employees to risky behavior through self-learning techniques.

Web Browser Virtualization Technology

Web browser virtualization technology

To effectively protect against Web 2.0 threats at the user client, leading-edge enterprises are implementing technology solutions and an array of behavioral and analysis techniques that enable employees to take advantage of collaborative tools without compromising security.

For example, organizations are leveraging Web browser virtualization technology that can isolate both known and unknown threats-providing advanced heuristics to stop users from going to dangerous sites. Today, social networking and Web 2.0 applications are available to nearly anyone with a browser. Luckily, Web browser virtualization technology helps companies separate corporate data from the Internet and allow users to freely surf the Web with full protection.

As with all security, multilayered protection focused on prevention is critical to safeguarding your business. A good strategy for Web 2.0 protection will include the following seven features:

1. Application control: Implement granular security controls for Web 2.0, social networking and Internet applications

2. Compliance: Log and archive records to meet regulatory or e-discovery requirements

3. Web filtering: Monitor and control employee use of the Web

4. Malware prevention: Stop spyware, rootkits and worms at the gateway

5. Bandwidth control: Control the use of bandwidth-intensive applications such as file sharing and video streaming

6. Web-browser virtualization: Provide a dual browser mode, allowing users to separate corporate data from the Internet

7. Self-learning capabilities: Analyze user behavior and preconfigured policies, alerting users when sensitive data may be at risk

Security in the Web 2.0 world is complex and has left companies challenged with how to manage this generation of threat vectors. An effective Web 2.0 security strategy will complement network protection with comprehensive endpoint security, and allow organizations to easily integrate new security services on existing infrastructure without exhausting limited IT budgets. It will be critical for organizations to implement solutions focused on better security, simple management and with enough flexibility to evolve with the changing security needs of the business.

Bob Hinden is a Check Point Software Fellow. Previously, Bob was a Chief Internet Technologist at Nokia Networks. Bob has worked on the Internet since its early days as a DARPA research project to the current Internet, and has seen threats from the start, from a few hackers showing off to their friends to the sophisticated and coordinated cybercrime it has evolved into today.

Bob is the chair of the Administrative Oversight Committee (IAOC) and the IPv6 working group at the Internet Engineering Task Force (IETF). Bob has been active in the IETF since 1985 and is the author of 36 Request for Comments (RFC). Prior, Bob served on the Internet Architecture Board (IAB) and was Area Director for Routing in the Internet Engineering Steering group from 1987 to 1994. He is also a member of the RFC Editorial Board. Bob was the co-recipient of the 2008 IEEE Internet Award for pioneering work in the development of the first Internet routers.

Bob holds a Bachelor's of Science degree in Electrical Engineering and a Master's of Science degree in Computer Science from Union College, Schenectady, NY. He can be reached at

Rocket Fuel