Online games are the bane of corporations for three reasons: They waste employee time, eat up network bandwidth and pose scary security risks.
Sophos, in the survey cited in this IT Wales story, addresses the third issue. The survey said more than 90 percent of 450 system admins canvassed want to block unauthorized games and 62 percent said this ability is essential. Getting 62 percent of system admins to agree to anything -- much less 90 percent -- is pretty impressive.
The immediate topic of the story is Second Life, a site that enables the creation of virtual communities. The overriding concern, however, is about Web 2.0 in general, which is an evolving vision of the Internet as host to an expanding array of highly interactive and collaborative sites.
We're not engineers, but it seems that all that collaboration likely would require leaving a lot of doors (and ports) ajar that in the past were firmly nailed shut. It's logical to conclude that all this cutting edge stuff will provide crackers with new approaches to attack corporate networks. And it's not like the bad guys were struggling to find attack vectors before.
Ultimately, threats from Web 2.0 applications fall into two categories. There are vulnerabilities that are incurred during legitimate use of this new vision of the Internet. These threats are at least somewhat manageable because they are known. Others -- such as interactive games and mashups -- pack a double whammy: They are dangerous and they are hidden. This is a powerful and worrisome extension of the type of silent threat posed by such things as rogue access points and portable storage devices.