Skip to main content

1 Question, Your Thoughts - When Will "Oooh, what about Web 2.0 security??" Become A Non-Issue

We seem to be moving on from the "It can't do what my PC software can" with so much functionality now at our fingertips that it's a non-argument - in fact, here's much more because the web services living on the Internet the sharing of ideas is merely a click away; more at Google Docs ... so what - the ONE reason why you should care

BUT, we still seem to have the chatter around "It's not secure to put your content on the Web" - example from today's CIO Magazine: Web 2.0 applications and sites (and security concerns)

Don't get me wrong, this is a valid question for everyone to asking and the answer may be different for each person/business. However, I believe there are some fundamental human fears bubbling up when this question is asked:
  • How can I protect myself when the data is not able to be touched?
  • I don't really understand how this stuff is shifted around on the Internet and so I ain't comfortable!
  • Once it's out of touch reach what happens if it is lost and will it be my fault?
  • IT Dept: If it's out in the "cloud" and being managed by someone else, what will they need me for?
As I said, questions that need to be answered.

So here's the question - when do you think the tipping point will come and the reaction to the question, "What about Web 2.0 security?" is greeted with a puzzled look saying, "How out of date are you?"
  1. It's already happened
  2. Within 6 months
  3. Within 1 year
  4. Within 2 years
  5. Within 5 years
  6. Never will
What do you think - either:


  1. I didn't vote in the poll because my answer varies depending on the service I use. For example, I use Xero for my accounting software, and I have no question that my data is secure. They have a clearly-worded security policy and they use an external security company to continually audit their systems.

    The other online service that I trust with my data is Google, but they have no security policy (that I could find at least) and because of this I'm very cautious with how I use their Google Apps services. I'm still careful when recommending them to others and I always make sure that my customers understand the risks of hosting their data with Google. Google could easily fix this within 6 months if they follow Xero's lead by providing a clear security policy.

  2. Security should always be an consideration, regardless of 'in the cloud' or not, and that conversation needs to happen on every project (preferable at the start). But you're touching on privacy aspects as well, for example, I personally wouldn't use Xero, primarily because it's hosted in the US, and that data falls under US law. However, Xero's independent audit process is a great idea.

    I often tend to describe security and privacy as a gradient, and 'further' away from you and more you're giving up.

  3. Can't beat for security. I can give my username and password to anyone and they won't be able to login on any machine but those I've authorised. Plus IP addresss rules, SAML support and datacenters with 5 levels of biometric security and bulletproof walls!


Post a Comment