Following up on a post about the top Web 2.0 security threats I thought I would take a quick look at what I mentioned as one of the biggest security threats to any company: information leakage.
All the delightful modern collaboration tools we use--blogs, wikis, SaaS applications, etc.--just make it easier for your corporate information to walk out the door. Regardless of the systems or applications your company uses, odds are any piece of data can (and will) be accessed, e-mailed, written down, or just remembered by a large percentage of your staff.
Information Leakage: Web 2.0 applications promote user-generated content and thus blur the line between work and private life. As a result, users may publish as part of their Web presence, information considered sensitive by their employer. Even if users are careful and do not leak information that is by itself sensitive, the aggregation of many small data items may be unacceptable.
Generally speaking, information leakage is nearly impossible to contain, regardless if data is Web 2.0 browser-based or not. Think back to the last time you used a public Web terminal at an event or hotel--I can't remember a time when I couldn't just hit the back button or history tab that at a bare minimum revealed the last users' e-mail address.
So what can you do to protect your business? The truth is that there are few non-draconian methods available to protect your data and ensure that people are using collaborative tools effectively. In this case, prevention is the best medicine. … Read more