Make Web Mashups secure

With the advent of mashups, innovative developers all over the enterprise are seeking new ways to leverage the value of corporate information through the use of external Web applications, APIs, or services. Although the thought of this adventure has sent many corporate security specialists running behind their firewalls, mashups are here to stay. Indeed, they have strategic value for many enterprises, so you'd better figure out how to live with them.

The risks, however, are real. When multiple data sources and services live inside and outside the firewall, mashed into Web apps, vulnerabilities may emerge. So, what are those potential holes and how should you plug them? First you need to understand how the various types of mashups work and then create a strategy to apply appropriate security for creating and maintaining mashups.

Here's how to deal with the risks around mashups -- and how your enterprise can have its cake and eat it too.