Welcome to Worklight!

Consumer Web 2.0 tools and services like personalized homepages, gadget and widget frameworks, instant messaging, social networks, and others were built to be easy-to-use, open and ubiquitous. Security, compliance, data integration and other “enterprise-grade” traits were not a design consideration. As such, these technologies are not appropriate for use within the enterprise. But the popularity of Web 2.0 is spilling over to the enterprise. A recent Yankee Group survey found that 86% of non-IT employees are using at least one consumer Web 2.0 tool at work already.

The question is: can you leverage the convenience of consumer Web 2.0 tools and technologies while achieving the level of enterprise security and governance needed to be acceptable?

To address this challenge, companies must consider the following:

Authentication – how do you leverage existing authenticatioin mechanisms such as SSO and Web authentication while enabling secure access via Web 2.0 front ends?

Authorization – how do you apply existing authorization policies to enterprise data and services to Web 2.0 front ends without duplicating authorization logic and while avoiding overloading existing backends?

Application Security – how do you ensure the security of Web 2.0 front ends that run within untrusted third party containers such as personalized homepages, social networking sites and RSS readers and side by side with untrusted gadgets, applications and feeds?

Application Provisioning – how do you allow users to add applications to their Web destination of choice, maintaining the seamless ‘add-to’ experience while ensuring the integrity of the provisioning process and preventing unsanctioned distribution of the applications?

Scalability – how do you protect enterprise application servers from data-intensive consumer interfaces like RSS and AJAX that continuously poll servers for updates?

Integration – how do you connect to a wide variety of enterprise applications and data sources without falling into endless integration projects?

Self-service – how do you allow staff to define information views without requiring them to be programmers or getting IT involved?

Governance – how can you monitor and audit online activities? How do you retain information required by regulation?

Customization and Development – consumer-oriented web services are unique in how easy they make it for users to create new applications or customize existing ones. How can this be replicated in the enterprise?

Multitude of Web 2.0 Interfaces – there is a wide range of diverse “Web 2.0”-style services and technologies available. But there is very little in common between them (for example, SIP-based Instant Messaging, RSS, and a Google web page gadget). How do you support these consumer platforms without custom development each time?

The popularity of Web 2.0 in the enterprise introduces two new types of information security threats:

Previously-existing threats made more dangerous due to the proliferation of usage patterns popularized by Web 2.0 technologies (e.g. through user-generated content)

Threats associated with new Web 2.0 technologies (such as RSS)

Two of the most pernicious of these new threats include Cross-Site Scripting, Cross Site Request Forgery, and vulnerabilities associated with various client tools. WorkLight deals effectively with each of these threats and many more, making Web 2.0 tools safe for use in the enterprise.

Personal Blog – Out on the Town in NYC

A bit of a departure from the normal posts I wanted to get a little bit personal today.  Nothing serious, just a little light-hearted post about my first vacation as a married man.  I’m taking my lovely wife Natalie to the Big Apple, New York City!  And I’m trying to think of the best ways to go about spending our time in the big city.  I have a few ideas and I wanted to share them (don’t worry, Natalie doesn’t read this blog).  Maybe I can get some feedback from our wonderful readers?  Let me know what you think…

Central Park Horse Ride

Central Park is an obvious choice for activity in New York.  The carriage rides are especially historic, and I think it’s something my wife has always wanted to do.  I’ve heard that the Mayor was going to get rid of the carriage rides, so maybe it’s something we need to do before it’s gone.  Has anyone had any experience taking a carriage ride through Central Park?  Is it good?  Should I go for it or not?  Let me know!

I know Central Park is probably a gorgeous place anyway, so not sure if we really need the horse carriage to enjoy ourselves, but I think it’s still such a classic NYC thing to do that it makes a lot of sense.

Seeing a Broadway Show

Obviously we can’t go to NYC without seeing a legit broadway show.  I’ve never actually seen one, although I’ve seen some when they went on roadtrips here in Seattle and once in San Francisco.  Now the question is, what show should I see?

Wicked, The Musical

Wicked is, I think, the most popular musical among women (at least that’s the sentiment I get from my wife and her friends).  So this is probably an obvious choice.  Now I just need to find some tickets, and see if they don’t completely drain my bank account (I’ve heard broadway tickets can be a bit, eh, expensive, to say the least).

Are there any other shows that we should see?  Let me know!  I’ve heard “Book of Mormon” is excellent and hilarious, but it is also sold out for like 3 years.  I hate to get ripped off by a ticket reseller.  Maybe that one will have to wait until the hype dies down and I can get something for a reasonable price.

Also, are all broadway show’s musicals?  Or are some simple dramas or comedies?  I know the classic experience is the musical experience, but I’m not sure I’ll enjoy it so much.  My wife will, but I kinda think I’ll be sitting there bored, drinking wine, for 2 and a half hours.  Who knows, maybe it won’t be so bad.

Any other options?

What other options do I have?  I’m think the general touristy stuff like Empire State Building, Freedom Tower, Ellis Island, and maybe a Yankee or Met Game (if they are still in season, I don’t even know).  But other than that, what other stuff can I do? I need some feedback from you guys!