- Event Registration
- Events Calendar
- Gartner Blog Network
- Videos
- Podcasts
- Photographs
- Gartner Books
- Analyst Coverage Areas
- Press Release RSS Feed
- Attribution Guide
- Products & Services
- Company Profile
- Investor Information
- Executive Profiles
- Board of Directors
- Acquisition History
- Gartner Policies
- Office of the Ombudsman
- North America
- Europe
- Australia / New Zealand
- S.E. Asia / North Asia
- India and Korea
- Japan
- Latin America / Mexico
- CURRENT
- VIEW ALL
Corporate Use of Virtual Worlds Needs Careful Evaluation, Says Gartner
Five Major Security and Risk-Management Issues to Consider
Egham, UK, August 7, 2007 — Media hype and enthusiasm for virtual worlds must be tempered with a realistic assessment of the security and risk-management issues they expose enterprises to, Gartner warned today. Companies that are sensitive to brand issues, as well as social and ethical positioning, must exercise particular caution in uncontrolled virtual worlds, such as Linden Lab's Second Life, and should consider more heavily moderated, targeted alternatives, such as There, Kaneva and Activeworlds, analysts advised."The risks enterprises face as a result of their involvement in virtual worlds are real and can be significant. They shouldn't be ignored - but neither should the potential opportunities and benefits that arise from using these new environments for corporate collaboration and communications," said Steve Prentice, vice president and distinguished analyst at Gartner. "When planning enterprise activities in virtual worlds, an enterprise's awareness of the risks, as well as a reasoned and objective analysis of them, will enable it to objectively evaluate the overall situation and offset risks against often-nebulous benefits."
Mr Prentice said that the issues facing corporations could be broadly grouped into five major categories and offered the following advice to enterprises:
1. IT-Related Security Risks
IT-related security risks are primarily centered on unverified applications being downloaded to managed desktop systems, and on issues regarding firewall permeability. There are no indications that these client applications represent a higher risk than other similar applications, but Gartner said that at this time, the high frequency of updates makes the control of a large application difficult.
2. Identity Authentication and Access Management
Individuals interact in virtual worlds via avatars, which are computer-generated representations of themselves. However, because new accounts can be opened with ease (and at no cost), many individuals have multiple avatars. Thus, it's difficult (if not impossible) to ensure that any specific avatar actually represents the person with whom it's associated. This lack of verifiable identity control or access management is a major deficiency in public virtual worlds and is having a significant impact on the potential use of virtual worlds for internal collaboration purposes. Gartner recommends that companies seriously evaluate the availability of "private" virtual-world environments, which are hosted internally and exist entirely inside the enterprise firewall.
3. Confidentiality
Virtual worlds aren't secure environments. Gartner believes that discussions involving confidential and commercially sensitive information shouldn't take place inside Second Life or any other virtual world - or in an open, internet-supported social-networking site. Worldwide legal systems (especially in the US) have become increasingly aggressive in demanding access to electronically stored records. By moving to a private virtual world (built by using tools such as GarageGames' Torque Game Engine or Sun's Java-based Project Wonderland); or developed using established applications (such as Forterra Systems' Olive) that are entirely contained inside the enterprise firewall, the issues of privacy, confidentiality and identity can be controlled. Non-US organisations may wish to avoid virtual worlds that are subject to US jurisdiction because this may result in stored information being subject to legal scrutiny.
4. Brand and Reputation Risk Management
Uncontrolled virtual worlds represent an environment fraught with danger for enterprises that are sensitive to brand and reputation issues. Enterprises should exercise extreme caution in their virtual-world activities. Enterprises that are sensitive to brand and reputation issues should consider confining their activities to controlled virtual environments to minimise (but not eliminate) their potential exposure.
5. Productivity
Considerable scepticism remains regarding the practical benefits of virtual worlds to enterprise activities, with many senior executives viewing them as time- (and therefore money-) consuming diversions that lead to significant amounts of wasted time as well as computing and bandwidth resources. As social networking sites enter the mainstream of daily life for a growing segment of the population, some enterprises are re-evaluating their restrictions on the basis that networking and collaboration are important elements of worker productivity and morale. Gartner's take is that productivity may decline during the extensive learning and adoption phases of virtual worlds, but this shouldn't prevent enterprises from looking beyond the initial phases toward the productivity benefits that may ensue. Whilst unconstrained use of virtual worlds for all staff is probably inappropriate and unnecessary, enterprises should keep an open mind and evaluate trials carefully to avoid premature and inappropriate decisions regarding access and value.
Contacts:
Laurence Goasduff
Gartner
+ 44 1784 267 195
laurence.goasduff@gartner.com
Carina Forsling
Gartner
+46 8 624 6324
carina.forsling@gartner.com
About Gartner:
Gartner, Inc. (NYSE: IT) is the world's leading information technology research and advisory company. Gartner delivers the technology-related insight necessary for its clients to make the right decisions, every day. From CIOs and senior IT leaders in corporations and government agencies, to business leaders in high-tech and telecom enterprises and professional services firms, to technology investors, Gartner is the indispensable partner to 60,000 clients in 10,000 distinct organizations. Through the resources of Gartner Research, Gartner Consulting and Gartner Events, Gartner works with every client to research, analyze and interpret the business of IT within the context of their individual role. Founded in 1979, Gartner is headquartered in Stamford, Connecticut, U.S.A., and has 4,000 associates, including 1,200 research analysts and consultants in 80 countries. For more information, visit www.gartner.com.
