Security tips for the Web 2.0 world

The reaction of enterprises to new Web 2.0 flows is very different. Here are some tips to help you choose the most appropriate security and practice development policy for your organization. These tips are built on the limits set by many social networking websites and rules of mini devices, instant messaging. In addition, we also provide some expert level tips in new Web 2.0 policy propaganda to employees in the company.

The first tip: 'Keeping' business secrets in the Web 2.0 world

There is no perfect way to eliminate a hundred percent risk of information leakage in the blog environment. Therefore, using a combination of methods such as defensive barriers, proactive detection software and blocking programs is a wise choice.

• We try to reassess whether it is necessary to update the anti-virus program, the malicious code protection program for Web traffic? We will look at how to aggregate, following the advice of Gartner experts: antivirus software, URL link filters, application controls, popular Website services and safe search techniques. .

• Establishment of a blog oversight committee, a group of employees who oversee blogging activities within the company and manage the needs of employees.

• Continuously update policies on user rights, membership rules, trade secrets and many other policies to manage blogs and social websites such as MySpace and YouTube.

• Consider whether or not to implement monitoring and content filtering techniques, update URL filtering tools.

Second tip: Protect your network and data before mini devices?

One of the biggest threats to the network and security data today comes from ultra-compact devices. Too sophisticated? Right! Can't fix it? Not really! Let's start with some of the following precautions:

• Provide rules that specify who is entitled to use these devices and in which case.

• Determine exactly how much salary the device has in the organization and check whether employees use their personal equipment when working. Evaluate whether the antivirus software in use can truly protect your corporate network from malware from external devices.

• Back up policies and regulations with technology and technology. Only allow devices owned inside the enterprise to operate on the network. Consider using applications to remove unknown access from USB ports. Deploy data protection rules such as sensitive data encryption so that data is safe even if the mini device is lost. If necessary, upgrade the software to remove malware from devices such as USB.

Third tip: Manage security risks from instant messaging

Most organizations do not completely prohibit the use of instant messaging (IM) programs at work. Experts have advised that many dangers should be considered from the IM and implement the necessary security policies and regulations.

• Check the technology used in the business and balance with other factors before deciding whether to prohibit the use of IM.

• Consider the issue of incorporating IM with the built-in rules of using e-mail at the early stages through IM and follow best practice cases.

• Predetermine industry regulations and internal regulations for IM storage and develop appropriate plans accordingly.

• Immediately suspend IM messages that violate industry regulations and notify leaders or authorized personnel.

Fourth tip: Tell staff to understand, make employees follow

All the most modern technology in the world cannot help you ensure information security if your own employees do not understand and follow the rules set forth. Then:

• First, you need to understand your employees, use the most effective media to conduct seminars or give specific messages about rules and regulations to each employee. The mothers of children often like what is as simple as possible, such as short, coherent, easy-to-read, easy-to-remember memos. And gentlemen often like messages or e-mails because it's fast and detailed.

• Use interactive communication techniques, such as video games, quick test questions. This method is simple but effective, causing excitement for employees because it is entertaining, but still provides an educational effect.

• Avoid using the order style, the superior told the subordinate to follow, because it is very easy to cause adverse reactions to young employees. Propagating with tons of money once a year will not bring any effect, because such time is not enough for the regulations to remain in the minds of employees.

• Try to provide funny, funny and unique messages or e-mails such as sending letters with a type of word 'Do you know?' at the beginning of each paragraph, both entertaining and educational.

• With face-to-face meetings with staff, do not just say what is done and done (like desktop coding), but also explain why you should do so. Encourage questions from staff and give answers as concise, as concise but accurate as possible. That not only satisfies the minds of employees, makes them feel respected, listened to, but even managers learn more ideas to improve policies, regulations and actions so that set the highest efficiency.

• Provide security information that can be applied to devices outside the workplace. As the risk of having a card when sharing songs on the iPod level is an example. Everyone will be interested in things that can help personal life first.

• Organize specialized talks by security experts or business staff about the importance of information security. That will be convincing for employees who are interested in business issues rather than following their usual way of equating with IT issues.