7. Downloadable widgets

According to Yankee Group, consumers are using devices such as the Q and the Nokia E62 to download widgets that give them quick access to Web applications. These widgets can be easily moved to PCs, which, according to Holbrook, represent another entry point into the technology ecosystem that IT struggles to control.

The risk here is that these tiny programs use processing power on the PC and the network. And beyond that, any software that gets downloaded without being vetted represents a potential threat. "It's not more likely to be infected with a virus, but you're downloading something you might not have a lot of trust in," Holbrook says.

WebEx mitigates this risk using a threefold approach. It educates users on the risks of software downloads; it uses Reconnex to monitor what's installed on user PCs; and it disables some of the users' default access rights, restricting their download capabilities.

8. Virtual worlds

Business users are beginning to experiment with virtual worlds such as Second Life, and as they do, IT needs to become more aware of the accompanying security concerns. It would be short-sighted, Holbrook says, to simply block the use of these virtual worlds. "It's an application that people are just now figuring out how it can be useful in a business setting," he says.

At the same time, using Second Life involves downloading a large amount of executable code and putting it inside the corporate firewall, Gartner points out in a recent report. In addition, there's really no way to know the actual identities of the avatars who populate the virtual world.

One option that Gartner suggests is enabling employees to access their virtual worlds over the company's public wireless network or encourage them to do it from home. A third option is for companies to evaluate tools to create their own virtual environments that would be hosted internally within the enterprise firewall.