First of all, from a communications standpoint, web 1.0 Internet applications being unidirectional are somewhat similar to the traditional media were information can easily be controlled. Web 2.0 is multi-directional and is all about openness and freedom which tears down the traditional way information administrators have protected critical information in the past. With web 2.0, information does not come from one source neither does it go to one destination. Information reception is often instant since users tend to be permanently logged in and can easily be received and responded in real time and through mobile devices.
Web 2.0 implies interactivity, end-user engagement, and most importantly, decentralization of the sources of online content. It is therefore important to note the importance of security in developing web 2.0 applications, in end user choice of applications and also on how end users make use of these applications.
It is impossible to overlook the need for security since the core of this idea of web 2.0 is decentralization. There are therefore two dimensions to this security issue. One is how to control these generally amateur users from unknowingly exposing insecure or personal information on such platform and also how to protect even genuine users from one another. This is often a major part of the agenda in Secure Enterprise 2.0 forums of related industries around the world.
The other concern is how to protect the service providers’ application servers, end user devices as well as end user personal information from professional hackers who are deliberately out for users information. There are a variety of strategies hackers employ to achieve these objectives. These include, but are not limited to Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF), Phishing (especially now that there are so many sites and one cannot tell if genuine or not), Injection Flaws or even Insufficient Anti-automation. Users of Google, Yahoo, Justin.tv and others have been victims of such attacks at some point or another.
Web 2.0 technologies even extend to very sensitive aspects of our lives these days through interactive self services industries – banking as a good example. Everything has even gone mobile and the risks keep growing. As effective as it may be, the risks of something going wrong by far outweigh the benefits presented by any web 2.0 model. The consequence of not prioritizing security in a web 2.0 model ultimately implies that it might become a risky alternative. Ultimately, protecting Web 2.0 users who are predominantly uninformed, unsuspecting and vulnerable people rank very high. In web 2.0, security is a matter of priority.
No comments:
Post a Comment