According to a new survey from Forrester Research and Secure Computing, businesses have not upgraded their security tools to deal with Web 2.0 applications.

The survey found that as companies continue to adopt Web-based applications (Web 2.0 applications), security tools have not evolved to deal with new threats posed by these applications. Technologies such as online collaboration and file-sharing put businesses at risk for attacks.

Some facts from the study:

• 97% of companies consider themselves prepared for malware threats
• 79% say they are victims of malware attacks on a frequent basis
• 68% of companies admit they have room for improvement
• 96% of companies see value in web 2.0 applications
• 5% of companies have taken measures to protect users of web 2.0 applications
• 33% have data leakage prevention in place

You can see an immediate discrepancy - companies consider themselves prepared for threats, yet clearly they are not. Most companies are well protected from traditional attacks, but not from these newer ones. Aside from the threat of malware, there is also the insider threat of employees using these tools to remove data from the company.

“Companies really need to adjust their policies for the Web 2.0 world in general. Internet use policies should include social Web sites, blogs, and the other varieties, and this has to be spelled out specifically,” said Paul Henry, Secure Computing’s vice president of technology evangelism. “Beyond that, these companies simply need stronger technical safeguards; a lot are barely protecting against the initial generations of Web-based threats that we’ve seen.”

Recommendations from the report include upgrading security technologies, revising security policies, and increase training.

Via Zero Day ; Tags: web 2.0, security, business security, it security, malware, insider threats