How IT Can Safely and Profitably Befriend Web 2.0 at Work - Page 4

Crucial Web 2.0 solution features

Once the security policies have been set, IT should look for a single Web gateway control point for Web, data and e-mail security. Look for the following four features in a Web 2.0 security solution:

1. Real-time, in-line content and security scanning, with the ability to examine all Web traffic including encrypted Secure Sockets Layer (SSL) traffic, and to quickly classify never-before-seen Web content. To be effective in a Web 2.0 environment, a solution must be able to block only the specific offending content at any layer within the site, while still allowing access to the overall site.

2. Integrated data security to monitor and enforce data protection polices for sensitive data as it travels through Web traffic, e-mail traffic or on endpoints such as laptops and USB drives. Monitoring data in motion limits the exposure to data loss through spyware by only allowing protocols sanctioned by IT. For ease of use, make sure that the Web and data security solutions are integrated on one platform, with centralized management and reporting.

3. Flexibility to set granular security policies depending upon employee role. Different functions need access to different types of Web 2.0 sites, and will have different ways of using those sites. Flexible policy controls and the ability to block specific content on a page allows you to let employees use iGoogle, for example, but block any specific widgets on the mashup page that may be malicious or inappropriate.

4. Web 2.0 security updates from a security research team that proactively searches billions of Web sites and e-mails, as well as comments and links posted to blogs and social networking sites in order to discover Web 2.0 threats as they emerge. Proactive research is the only way to identify and prevent threats that evade traditional anti-virus detection.

Jim Haskin is CIO and Senior VP of Marketing at Websense, Inc. Bringing more than 20 years of experience in his dual role, Jim is responsible for IT direction and execution, as well as worldwide marketing. Prior to joining Websense, Jim served as group leader at Acxiom Corporation. Before Acxiom, Jim was VP of global services for Manufacturing and Distribution at Siebel Systems, Inc.

Jim has a Bachelor's of Science degree in information systems from the University of Maryland and a Master's degree in business administration from the University of California, Irvine. He can be reached at [email protected].