Adopting Web 2.0 to increase collaboration within organisations opens the door to significant security risks which need to be addressed, according to Gartner.
Although these risks are manageable, enterprises must put security measures in place at an early stage of development of Web 2.0 apps, according to the analyst.
Speaking at the Gartner IT Security Summit in Sydney, Gartner fellow Joseph Feiman said many of the concepts of Web 2.0 technologies -- such as blogs, wikis and social networks -- run against traditional IT security practice.
He said the use of the technology means companies relinquish a "level of control that they historically would not tolerate", meaning a rethink of security is essential.
Feiman said issues to consider are how to protect internal users and the business from malicious code, RSS feeds and information leakage through blogging, for example.
Blogging can be a positive for building communities and brand awareness, he added, but also has the potential to reveal company secrets or provide an outlet for disgruntled employees.
Gartner added that control of content and intellectual property is much more difficult as Web 2.0 apps can easily be reused and redistributed by third parties.
Because of this, Feiman said enterprises must choose which content they are willing to make public.
Other recommendations from Gartner include the use of secure coding -- to assume all public content will be reused -- and to educate internal users and make use of Web vulnerability tech.
By the end of 2007, Gartner predicts 30 percent of large companies will have some kind of Web 2.0-based business initiative up and running.
