Web 2.0 security measure checklist

With the proliferation of Web 2.0 technologies, networking has undergone a paradigm shift and so has the threats to the workplace. As more and more people take to the social networking space, more and more data becomes available to hackers to target their attacks. Read this early story at News.com for a glimpse of personalized attacks.

In this context, I am reproducing the list of measures mentioned at TechNewsWorld.com. The list is divided into three sub-class of measures.

Basic steps to strengthen defenses in a Web 2.0 world include the following:

  • Continued Education of Computer Users
    • Don't click on strange links (avoid tempt-to-click attacks)
    • Do not release personal information online
    • Use caution with IM and SMS (short message service)
    • Avoid social networking sites
    • Don't e-mail sensitive information
    • Don't hit "reply" to a received -email containing sensitive information
    • Require mandatory VPN (virtual private network) use over wireless networks
  • Host-Based Technology
    • Require hard drive encryption on all laptops
    • Control the use of portable storage media by managing desktops
    • Require the use of personal/desktop firewall software
    • Require the use of personal/desktop anti-malware software
    • Consider implementing document management systems
  • Network-Based Technology
    • Deploy network intrusion prevention (IPS)
    • Consider network admission control (NAC)
    • Implement information leakage detection and prevention
    • Consider IP reputation-based pre-filtering solutions

How does your enterprise's security measure up to the list here?