The term Web 2.0 was coined by Darcy DiNucci, an information architecture consultant, and was popularised by Tim O’Reilly founder of O'Reilly Media. It is defined as the use of Internet applications which allow sharing and collaboration characterised specifically by the change from static to dynamic or user-generated content and the growth of social media platforms. Web 2.0 websites thus enable users to create, share, collaborate and communicate their work with others, without having web design or publishing skills.
Since it stimulates interactivity, enterprises benefit from the increased engagement between employees and consumers through almost synchronously communication at a lower cost. Specifically, Web 2.0 technologies and tools allow greater employee participation in projects and idea-sharing, strengthening relationships with customers, and improving communications with partners. Web 2.0 sites are thus essential for the next generation of employees, or Employee 2.0, entering the workforce expecting technology they routinely use as a part of their working environment. This increasing trend forces managers and senior employees to rethink the significance of the participative culture as a vital part of young employees’ lives and they need to make decisions about their corporate culture and security.
Web 2.0 security vulnerabilities
The growing popularity Web 2.0 sites has proportionally increased the risk of malware attacks and data leakage when companies allow employees to access social networking sites through corporate computers. Social networking sites enable self-publishing and high interaction between users and attract large numbers of visitors, making them extremely attractive to hackers. Since Web 2.0 platforms enable anyone to upload content, these sites are susceptible to hackers wishing to upload malicious content.
The same technologies that invite user participation also make them easier to corrupt with malware such as worms that can shut down corporate networks, or spyware and keystroke loggers that can steal company data. Further, with the ability to post photos, video, and audio recordings to sites, employees can inadvertently ‘leak’ confidential company information.