Risks in Web 2.0 applications

Standing guard over t'Internet

Just been reading Rudman, R. J. (2010) “Incremental risks in Web 2.0 applications.” The Electronic Library 28 (2) 210-230, as you do on your average Saturday morning. It’s written from the point of view that as libraries access and implement more Web 2.0 applications they’re increasing their surface area that is open to attack. Ok, I’m with it so far (I think). When the author starts detailing protocols for risk and control frameworks it all starts to go way over my head BUT it is useful in making you think about security and looking at your activities from the IT department’s point of view; after all without a good working relationship with your IT department life online would be very hard indeed. So that you don’t have to read it, here’s the take home message:

Work closely with the IT dept in all that you do in order to implement a security program that at the very least:

  • take a multi-layered technological approach using filters, anti-malware, anti-virus software (this is where you need your IT buddies, cos if you’re like me you’ll need to phone a friend on this one – shouldn’t be your job as a librarian anyway!)
  • Web 2.0 policy – detailed yet enforceable, continuous tweaking may be necessary; users should be aware of their ultimate accountability
  • Training for all users on acceptable use and security features.

I think what it boils down to is that as a Library 2.0 zealot it behoves you to learn some basics that mean you’ll be doing your bit to keep your library and authority safe, just some rudimentary knowledge of stuff like phishing attacks would be good for everyone to know. I really think you can’t afford to stick your head in the sand because those threats are there. Without going into detail, we had a phishing attack at work a few weeks ago and it’s caused mayhem, our email and web traffic has been blacklisted by a lot of our stakeholders. My personal email filter places those emails that I send myself when at work in the spam folder; I’ve been bothered to go and fish them out and tell Outlook that emails from there are not spam but how many of those people we contact have known to do this? What a right royal pain in the arse.


Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at WordPress.com.

Up ↑

%d bloggers like this: