Web Enterprises Employees
Discussion forum of Web 2.0 in the Enterprise
In today's dynamic and global business environment, enterprises face ever-increasing pressure to stay competitive and achieve sustainable growth through agility and innovation. The traditional ways of addressing business challenges overlook a rich resource - employees. Collaborative Web 2.0 technologies enable enterprises to foster employees' critical thinking and creativity while providing a platform to capitalize on their innovations for product and process improvement.
The seminar showed how Web 2.0 technologies enabled business processes to improve productivity at individual, team and corporate levels by providing a platform to do their diversified task. This paper divided into two parts: the first part is forum summary which is presented by Mr. Lionel Louie. The second part is analysis of its security and privacy and recommended some approaches for prevention.
The speaker Mr. Lionel Louie is the director of Fusion Middleware Solution for Oracle Greater China, manages technical product sales support, marketing and business development. He is responsible for evangelizing Oracle middleware technology initiatives around J2EE, Web Services, SOA, Portal, Security, Identity Management and Content Management in the Greater China Region.
Decade, most industries numerous move their business from real world into virtual domain. Enterprises face pressure on keeping competitive and achieve sustainable growth through agility and innovation in global business environment. Web 2.0 is the business revolution in the computer industry by moving the business to internet platform.
The broadband cost continue decline along with internet access increase sharply, the network program and the website devote to join the interpersonal relation. The Web 2.0 era allows the netizen to control own data. The organization share information for Knowledge Management (KM) and capture the end-user generation content for Customer Relationship Management (CRM).
The successful stories showed the competencies of Web 2.0 generated services, not packaged software. Drivers of Web 2.0 in the enterprise tap into the passion of every individual, pockets of knowledge in minds of key employees and harness collective intelligence across entire business ecosystem. The rise of mass collaboration by peering, being open sharing and acting global are the success factors.
Web 2.0 embodies approach of software as a service (SAAS) and open development. Its platforms enable web user to upload content, the service provider are easily accessible to hackers upload malicious content and spread through innocent user who visit their sites and got infection. The sites owner potentially responsible for damages incurred. Threat Mitigation Management is recommended for avoiding some security holes. Also, recommended Information Lifecycle Management approach to save the storage cost and organize the unstructured content.
Part 1: Forum Summary
The speaker start with sharing some key messages from two books “2005 - The World is Flat” and “2006 - The Long Tail”. In which, delivered the Ten Forces that Flattened the World and Three Forces of Long Tail.
The Ten Forces include the area of open-sourcing, in-sourcing or outsourcing / off-shoring, supply chaining, in-forming, wireless, etc. Those are hot topics discussing in the worldwide.
The Three Forces of Long Tail issued “Make it”, “Get it Out There” and “Help me Find it”. That means make a niche product then distribute it, let your customer find and buy it easily. The company can gain more market share once a differentiated product is created and sell it strategically.
After that the speaker delivered the technology trends, evolution of Web technology and business innovation, how Web 2.0 utilizes and benefits the enterprises, and gave some successful implementation as case study.
Today's Information System trends to Content, Software and Delivery Industries. The consumer demand for internet-enabled services or product is strong and end-user computing power continues to grow. Timely access and storage access are regarded for doing business in virtual domain.
For many years ago, IT make used for handling data processing by personal computer. After that, assist enterprises to manage internal business in LAN environment, and transformed to doing global business in Internet-based environment. At present, enterprises trend to examine the Wireless LAN technologies for assist their business move faster and reduce cost.
The Web 2.0 concept and technology allow the organization to produce their idea. Like Yahoo!, eBay and Facebook provide a virtual media platform to end-user generating their own information. Also, it allows organization create an internal platform for sharing business information.
Evolution of Web technology
Web 2.0 technology allow end-users own the data and control (Read/Write) it over, however, Web 1.0 allow user retrieve information only. Enterprises can build on the interactive facilities of Web 1.0 to provide network as platform computing, allow users to run software-applications entirely through a browser. The dynamic platform created by Web 2.0 may have architecture of participation that encourages web users to add value to the application. Contrast to very old traditional websites, it is limited visitors to viewing and content can modify by the website owner. Web 2.0 sites often feature a rich, user-friendly interface based on Ajax, Flex or similar rich media. And allow users to create social-networking communities.
Evolution of Business Innovation
The traditional business innovation model started at top management. Execution requires time to implement and receive feedback. Management must be creativity and insight of employees largely untapped. Employees are key pathways to foster refinement.
Today's businesses transform to harness collective intelligence, starve for new ways to combine data, processes, systems and people. IT caught in the middle of business to build, deploy enterprise solutions to meet the changing business environment.
Best Practices of Utilize Web 2.0
There are many successful stories utilize Web 2.0 by creating social networking, start pages, social book marking, peer production news, social media sharing and online storage. Web 2.0 concept and technologies captures the incredible development of interactive Web sites enabling people to create and collaborate.
- Yahoo! is the first great internet success story by moved its business of creating many types of content, its role as a portal to the collective work of the net's users remains the core of its value.
- Flickr associate a social network with user generated content for users work together to collaborate on photo projects and use each others' tags to find new photos. Also, Flickr provide an API for web services to integrate photo collections with blogs and other apps.
- Del.icio.us is a site that pioneered a concept called “Folksonomy” to organize bookmarks. It is a style of collaborative categorization of sites using freely chosen keywords, often referred to as tags.
- Wikipedia is a collaborative dictionary being edited in real-time by anyone. Their peer-review network allows volunteers from all around the world write article on its free content encyclopedia.
Benefit of Web 2.0 in the Enterprises
The coverage of Web 2.0 fuels business innovation by foster efficient knowledge worker collaboration. It improves information consumption and reuse for marketing analyst and knowledge management; moreover, it relief customer relationship on enabled communities and collaborative processes. Like Oracle, their WebCenter Services allow end-users create their own mashups, presence awareness and chat provide real-time interactions within applications, user interfaces.
The Web 2.0 concept and technology benefit the enterprise; nevertheless, some inhibitors occurs, such as security, privacy, employees' motivation under knowledge management, mounting storage costs, compliance and regulations, etc.
Part 2: Evaluation
Web 2.0 Contribution
The Web 2.0 technology constitutes a knowledge-oriented environment for enterprise sharing information and capturing the generated contents from outsider and insider. Although enterprise thinking opportunities of providing wireless-based service, Web 2.0 still offers contribution to enterprises. This IT technology assist in maintain customer relationship and knowledge management.
Web 2.0 Privacy and Security Vulnerabilities
In the survey of IBM researcher, hackers camouflage 100% of Web attacks. Lamb said that about 50% of Web exploits obfuscated or encoded in 2006, 80% were camouflaged throughout 2007 on average, but jumped to almost 100% by the end of the year. It seems a big concern for enterprise to take action on it immediately.
(1) Implementation Faults
According to Net-Security.org, the article “Top 10 Web 2.0 Attack Vectors” stated that “AJAX, RIA and Web services are three important technological vectors for the WEB 2.0 application space. With these new technologies come new security issues, and ignoring them can lead to big disasters for the corporate world. Increased WEB 2.0 security awareness, secure coding practices and secure deployments offer the best defense against these new attack vectors.”
“AJAX also increases the possibility of so-called cross-site scripting flaws, which occur when the site developer doesn't properly code pages, experts said. An attacker can exploit this type of vulnerability to hijack user accounts, launch information-stealing phishing scams or even download malicious code onto users' computers, experts have said. Big-name Web companies such as Microsoft, eBay, Yahoo and Google have all experienced cross-site scripting flaws on their Web sites.” stated by CNet in article “The security risk in Web 2.0”.
(2) Unwary Usage
Web 2.0 benefits the enterprises to create collaborative relationship with customers, and allows users to create social-networking communities, in the meanwhile, the idea of Web applications exposing their personal information on the air. There are traps for unwary individual and employer to open a back door to malware or hackers.
In ComputerWorld “Web 2.0 miracle or disaster?” stated that “Facebook allows subscribers control over their privacy settings (although their advertising program, Beacon, has been called intrusive in its tracking of users' actions in affiliated sites). A problem arises when users do not think through the choices made or ignored when they set up their account.”
Enterprise might take action, such as Threat Mitigation Management, to prevent the security hole, increase their reliability to retain the customer loyalty. Educate their employees and provide guideline for netizen in using their web services to avoid privacy exposed and computer attacked.
The accumulating storage and content management are other concerns, understanding the Information Lifecycle Management (ILM) is help to cut storage costs and serve business users better. Also, Knowledge Management is also helps in setup the knowledge-oriented environment; nevertheless, enterprises proactive motivate the staff voluntarily to participle into sharing their knowledge is another countermeasure.
(1) Threat Mitigation Management
“Threat mitigation is a continuous process for the lifetime of the application or service. An application or service is built on a set of assumptions and infrastructure and if these change, threat assessment is redone. Threat modeling is normally developed based on usage scenarios so that mitigation techniques are applied to address these scenarios. If the usage scenarios change, then threat assessment must be redone.” stated in TrustStix.com, Web 2.0 security.
Enterprise could integrate threat mitigation management into their development efforts. Threat modeling help anticipate attacks by seeing how adversaries assess your system. To create a threat profile for a system by employ a data flow approach. Investigative techniques such as threat trees and threat model directed code reviews to reveal vulnerabilities in system architecture and implementation. And, use threat modeling to verify security features and increase the resilience of software systems. It is a structured approach for identifying, evaluating, and mitigating risks to system security.
(2) Information Lifecycle Management (ILM)
During the content generating in the knowledge-oriented environment, there are many unstructured information and increasing the storage. Enterprise necessary to handle the accumulated storage, preserver and deliver the content and documents related to organizational processes.
“ILM involves a set of policies, processes and tools used to align the business value of information with the most appropriate and cost-effective IT infrastructure, from the time that information is created to the time it is destroyed”, stated in the article at CioInsight.com, Technology: Can Information Lifecycle Management Add Value to Your Data.
Appendix I: Speaker at Seminar
Mr. Lionel Louie is director of Fusion Middleware Solutions for Oracle Greater China. Lionel manages technical product sales support, marketing and business development for Oracle Fusion Middleware. He is responsible for evangelizing Oracle middleware technology initiatives around J2EE, Web Services, SOA, Portal, Security, Identity Management and Content Management in the Greater China Region.
Prior to the current position, Lionel was sales consulting director for Oracle Hong Kong and South China. He was responsible for managing a team of consultants to provide both technology and applications presales consultancy services. He has more than 19 years experience in the enterprise software industry and has held positions in product development, product management and technical sales consulting services. Before Oracle, Lionel worked at IBM Canada and Tandem Computers Hong Kong, where he held various product development and technical sales support positions. Lionel received a Bachelor's degree in Computer Science from University of Toronto and a Master's degree in Business Administration from York University in Canada.
- CNet NEWS.com The security risk in Web 2.0, [Online], Available: http://www.news.com/The-security-risk-in-Web-2.0/2100-1002_3-6099228.html [28 Jul 2006]
- ComputerWorld IBM researcher: Hackers camouflage 100% of Web attacks, [Online], Available: http://www.cw.com.hk/article.php?type=article&id_article=1104 [14 Feb 2008]
- ComputerWorld Web 2.0: miracle or disaster?, [Online], Available: http://www.cw.com.hk/article.php?type=article&id_article=1095 [12 Feb 2008]
- InformationWeek Engineering Content Management For A Web 2.0 World, [Online], Available: http://www.informationweek.com/blog/main/archives/2008/01/recession_fears.html [29 Jan 2008]
- Net-Security.org Top 10 Web 2.0 Attack Vectors, [Online], Available: http://www.net-security.org/article.php?id=949 [9 Oct 2006]
- CoInsight.com Technology: Can Information Lifecycle Management Add Value to Your Data?, [Online], Available: http://www.cioinsight.com/c/a/Technology/Technology-Can-Information-Lifecycle-Management-Add-Value-to-Your-Data/1/ [26 Jun 2006]
- TrustStix Inc. Web 2.0 Security, [Online], Available: http://www.net-security.org/article.php?id=1108 [21 Jan 2008]
Need an essay? You can buy essay help from us today!