Web Use, Security Cause Concern for Webmasters

Stephen Yagielowicz

LOS ANGELES — The changing nature of Internet security is causing a strange mix of caution and complacency, as companies seek solutions for their digital safety needs.

SC Magazine, the journal of secure business intelligence, reports that most businesses downplay the threat of malicious websites, with less than half of companies that use web filtering technology experiencing security breaches attributed to unsafe Internet access by employees or other network users.

Citing a GFI Software survey of 200 small- to medium-sized businesses that claims that 40 percent of respondents were the victims of security incidents resulting from staff visits to websites that host malware, while 55 percent of companies with web monitoring solutions do not feel that infected websites are a major threat; SC Magazine states that 70 percent of survey respondents say web use is not a problem within their organization.

There are of course a wide range of problems faced by network administrators and company management teams.

For example, the survey found that of those companies deploying a security solution, 24 percent chose to do so primarily to monitor employee productivity; 13.5 percent did so to conserve bandwidth and improve network speed; while 11.5 percent are motivated by a desire to prevent employees from accessing inappropriate websites.

“Protecting the network from malicious websites and downloads should be a top priority for IT managers in addition to concerns over employee productivity and bandwidth management,” stated GFI Software’s Phil Bousfield. “Web monitoring solutions that equip IT administrators with an additional layer of network defense against online threats and provide employees with the tools they need to make better, safer decisions while online go a long way in helping SMBs balance the benefits of Internet access with the risks it creates.”

Against this backdrop comes a call by World Wide Web creator Sir Tim Berners-Lee, who is asking the Internet security community to cooperate more fully with the official standards body, the World Wide Web Consortium (W3C), to develop a more secure web.

Berners-Lee told RSA Conference Europe attendees that innovative web applications are making web pages as powerful as desktop applications — with an equally impressive roster of security concerns.

“Web applications are exciting because it’s a connected, portable platform,” Berners-Lee stated. “I would like to see the security community come to the W3C and join the groups building that environment. Use your expertise of security to make it a secure, powerful environment.”

Berners-Lee also supports the establishment of robust “Do Not Track” standards as a means of enhancing user privacy, with a goal of finalizing those new standards next year.

“It may be difficult to get consensus on where the line is drawn here,” Berners-Lee stated. “But it’s worth a shot.”