	Breaking eBusiness and Search News
Advertise \| Newsletter \| Sitemap \| News Feeds

WebProNews Search

Part of the iEntry network

Security Around Social Initiatives

Dan Morrill
Expert Author
Published: 2007-11-19

WebProNews RSS Feed

Read Write Web has a great digest of the entire last round of social applications, from open social to Facebook, android, Bebo and box.net.

Understanding these applications from a security viewpoint is important because not only are people coding around these application frameworks, but no programmer is perfect, errors and coding bugs are going to happen, and users on the corporate network are going to use them.

Not only are they going to use them, they will use them long before corporate security comes in and officially blesses or condemns the applications.

Platforms here, platforms there - everyone's launching a platform it seems. Today's newest platforms, a content storage platform from Box.net and a content publishing platform from social network Bebo, are just the latest. Facebook, OpenSocial, Android - who can tell them all apart? What is a platform? It's a technical welcome mat that allows developers from outside of a company tie their software to the software offering the platform. How's that for an explanation? Feel free to share your one-line explanation, too. Source RRW

Following the think evil act good viewpoint here is a quick image from RRW to put the whole thing into context.

Where security needs to be worried about is cross-site portability and identity. If someone can do a cross-site scripting involving any one of the open platforms, then the entire content or identity tree for that user can be compromised.

A coding error, buffer over/under run or other problem can also provide an entry point into the corporate network if they are tied not just to the browser, but also to a hybrid application like can be made with Adobe Air or SilverLight.

Looking at how the applications and platforms interact to secure data, identity, corporate data, and privacy information is important in working through the risk management process that any company has to go though when evaluating the newer applications and systems.

There is a lot of very good information at RRW to start working on how the company is going to use the new platforms to bring customers closer.

Comments

View All Articles by Dan Morrill

Receive Our Daily Email of Breaking eBusiness News

About the Author:
Dan Morrill has been in the information security field for 18 years, both civilian and military, and is currently working on his Doctor of Management. Dan shares his insights on the important security issues of today through his blog, Managing Intellectual Property & IT Security, and is an active participant in the ITtoolbox blogging community.

WebProNews RSS Feed

More Expert Articles Articles

Contact WebProNews

TOP NEWS

WebProBlog

The official blog of WebProNews.

Go to WebProBlog

WebProNews is part of the iEntry network

Internet Business:	Marketing:	Small Business:
WebProNews	MarketingNewz	SmallBusinessNewz
WebProWorld	AdvertisingDay	PromoteNews
EcommNewz	SalesNewz	EntrepreneurNewz

Software:	Search Engines:	Web Design:
WebMasterFree	Jayde B2B	DesignNewz
NetworkingFiles	SearchZA	FlashNewz
SecurityConfig	SearchNewz	WebSiteNotes

Developer:	IT Management:	Security:
DevWebPro	ITManagement	SecurityProNews
DevNewz	SysAdminNews	SecurityConfig
TheDevWeb	NetworkingFiles	NetworkNewz

The iEntry Network consists of over 100 web publications reaching millions of Internet Professionals. Contact us to advertise.

eBUSINESS RESOURCES

Ten most recent posts.

Featured Software

About WebProNews

WebProNews is the number one source for eBusiness News. Over 5 million eBusiness professionals read WebProNews and other iEntry business and tech publications.

WebProNews provides real-time coverage of internet business.

Free Email Newsletters:

WebProNews	SearchNewz
WebProWorld	DevWebPro
Marketing	SecurityNews

Plus over 100 other newsletters!

Send me relevant info on products and services.