Web 2.0: Issues & Risks

By Cunningham, Patrick | Information Management, January-February 2009 | Go to article overview
Save to active project

Web 2.0: Issues & Risks

Cunningham, Patrick, Information Management


Organizations are moving to the cloud, some faster than others. However, moving to the cloud presents the enterprise with a number of risks to assess. Depending upon an organization's risk appetite, these risks may be significant. At the core of these risks is the inability of many cloud/Web 2.0 vendors to meet regulatory and legal requirements that are commonly encountered by many enterprise customers.


At the top of the list of risks for many organizations is security of information. This may be driven by a need to protect intellectual property, trade secrets, personally identifiable information, or other sensitive information. Putting that information into the hands of a third party is certainly not uncommon. Having the third party place that information into a shared storage environment is somewhat less common. Having that information available on the Internet requires a significant investment in security controls and monitoring. Of concern is that many of the Web 2.0 applications contain no provision for monitoring content or traffic to ensure that sensitive information is not being transmitted inappropriately.

Use of Web 2.0 tools also requires assurance that the pathway to the data is adequately secured. With information theoretically accessible from any point on the Internet, the provider must be assured that the computer/user accessing the data or application is properly authorized. This requires a very high degree of coordination between the enterprise and what may be multiple service providers. The information being stored by the third party needs to be secured from the third party's access as well. This need will likely be met by increased use of file and message encryption and public key infrastructure. Increased encryption, however, will likely mean loss of information when decryption keys are lost or a file becomes corrupted. Nonetheless, ensuring security of information outside the enterprise will be a growth opportunity both for the enterprise and the supplier community.


Today's buzzword for what we knew as "disaster recovery," resiliency refers not only to uptime and availability, but it also has a focus on not allowing critical information to be corrupted or lost.

A challenge for many providers is ensuring that customer information is protected, but with shared data centers and storage devices, information from multiple customers may end up in the same backup media, creating issues when the media is restored and potentially exposing confidential customer information to third parties.

The enterprise will need to pay special attention to the means by which the provider will ensure uptime and access to information, as well as where and how the information will be stored and backed up. Some Web 2.0 suppliers will be unable to customize their offerings to meet these requirements and will be unwilling to make fundamental changes to their business model to meet enterprise resiliency requirements. Free services will typically offer no enterprise-level resiliency. A significant concern is enterprise data managed on consumer-grade systems. While, statistically, Web 2.0 applications "simply don't have downtime," the reality is that an interruption in service by the provider can seriously affect numerous customers.


The current climate for e-discovery assumes, for the most part, that an enterprise knows specifically where its information is being stored, how it is being backed up, and how it is secured. The rules also assume that an enterprise will be able to physically examine storage devices and, when required, examine storage media for evidence of erased and/or deleted files. In the cloud/Web 2.0 environment, the enterprise may have little or no visibility to storage and backup processes and little or no physical access to storage devices. As noted above, the data from multiple customers may be stored in a single repository.

The rest of this article is only available to active members of Questia

Sign up now for a free, 1-day trial and receive full access to:

  • Questia's entire collection
  • Automatic bibliography creation
  • More helpful research tools like notes, citations, and highlights
  • Ad-free environment

Already a member? Log in now.

Notes for this article

Add a new note
If you are trying to select text to create highlights or citations, remember that you must now click or tap on the first word, and then click or tap on the last word.
Loading One moment ...
Project items
Cite this article

Cited article

Citations are available only to our active members.
Sign up now to cite pages or passages in MLA, APA and Chicago citation styles.

Cited article

Web 2.0: Issues & Risks


Text size Smaller Larger
Search within

Search within this article

Look up

Look up a word

  • Dictionary
  • Thesaurus
Please submit a word or phrase above.
Print this page

Print this page

Why can't I print more than one page at a time?

While we understand printed pages are helpful to our users, this limitation is necessary to help protect our publishers' copyrighted material and prevent its unlawful distribution. We are sorry for any inconvenience.
Full screen

matching results for page

Cited passage

Citations are available only to our active members.
Sign up now to cite pages or passages in MLA, APA and Chicago citation styles.

Cited passage

Welcome to the new Questia Reader

The Questia Reader has been updated to provide you with an even better online reading experience.  It is now 100% Responsive, which means you can read our books and articles on any sized device you wish.  All of your favorite tools like notes, highlights, and citations are still here, but the way you select text has been updated to be easier to use, especially on touchscreen devices.  Here's how:

1. Click or tap the first word you want to select.
2. Click or tap the last word you want to select.

OK, got it!

Thanks for trying Questia!

Please continue trying out our research tools, but please note, full functionality is available only to our active members.

Your work will be lost once you leave this Web page.

For full access in an ad-free environment, sign up now for a FREE, 1-day trial.

Already a member? Log in now.

Are you sure you want to delete this highlight?