Expose your own online risks

Even with front-page identity theft news, many IT executives fail to understand the risks inherent in conducting business online. And for those who do, addressing those risks can seem an arduous challenge given how complex Web sites and Internet apps have become.

With Watchfire WebXM 4.0, however, leaving Web channels out of your overall security strategy is a thing of the past. The solution has evolved from a strong Web quality and accessibility reporter to an all-inclusive application that analyzes sites for more than 245 compliance and security troubles. More than just give visibility into problems via executive dashboards, WebXM allows managers to assign and track specific issues that affect an enterprise's Web presence.

WebXM 4.0 is built around a core Windows .Net application -- with which you schedule scans of your Web environments -- and the reporting engine. Using the hosted version of this solution, I first conducted an automated inventory of several large sections of a corporate site and five international Web sites in their entirety. Setting up scans is quick, with a wizard asking what types of data you want collected. Similarly, "Web spaces" can be effortlessly grouped and given permissions in any way you desire. For example, I placed international sites within logical geographical folders and set user permissions to allow each region's Web manager to view statistics pertaining only to his or her site.

The default Asset Management reports show the expected facts, such as number of pages, technical details about domains and servers, and page age. Yet, the unusual clarity of reports helps you quickly take action. For example, displaying a Network Inventory revealed several servers with SSL certificates close to expiring -- and other sites that had weak, 40-bit certificates when they should have 128-bit encryption.

Digging deeper into the page reports, I had no trouble spotting duplicate pages, nor did I have difficulty finding pages with obsolete information. WebXM's user interface makes it easy to drill down from the overview report to specific pages so that remedial action can be taken to rectify any problems that come up.

To look for more serious issues, I turned to several of the seven optional modules: Security, Privacy, Compliance, Quality, Accessibility, Corporate Standards, and Brand Monitoring. Giving you insight into broken links and slow pages, the Quality module helps you keep visitors returning to your site. Perhaps more important, the Accessibility module performs more than 170 accessibility checks to help you meet the United States' Section 508 guidelines and the United Kingdom's Disability Discrimination Act.

WebXM 4.0 hits its stride helping organizations meet privacy and security regulations. The Compliance module, for example, points out Web forms that don't have proper opt-out language. Other reports inventory third-party links that lack proper disclosures, improper privacy practices, and pages that don't meet specific legislation, including COPPA (Children's Online Privacy Protection Act) and HIPAA (Health Insurance Portability and Accountability Act). This information is essential for e-business, marketing, legal, and other executives accountable for compliance.