• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Website integrity

Website integrity






Total Views
Views on SlideShare
Embed Views



1 Embed 1

http://www.slideshare.net 1



Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

    Website integrity Website integrity Presentation Transcript

    • Website Integrity
      Presented by: Jeannie Wu
    • Agenda
      What risks do companies face re: their websites?
      What tools are there for managing web content?
      What tools are there for detecting problems with corporate websites?
    • Introduction to Websites
      Two main purposes:
      e-commerce activities
      to provide information
      The need for trust has increased as a result of:
      anonymity of e-commerce
      increasing reliance on complex and powerful IT systems
      From an e-commerce perspective, consumers need the assurance that corporate websites live up to their promises and that their private information will be protected while businesses need to differentiate themselves from their competitors
    • What risks do companies face regarding their websites?
      Cyber intrusions
      Unauthorized content
      Privacy breaches
      Copyright and trademark infringements
    • Potential Consequences
      Assets decreases in value
      Trade secrets stolen
      Increases in litigations
    • Issues with Managing Web Content
      Content audit and control
      Tracking changes
    • Web Content Management Tools
      Content Life Cycle
      1. Organization
      Extensible Markup Language (XML), Resource Description Framework (RDF)
      2. Workflow
      Design flexible rules, define roles and responsibilities
      3. Creation
      Authoring, conversion, digital rights management (DRM), editing tools, metadata tagging
      4. Repositories
      Relational database structures, files system objects, or both
    • Web Content Management Tools
      5. Versioning
      Version control, check-in/check-out templates, multi-languages, rollback
      6. Publishing
      delivery methods testing, personalization, user testing
      7. Archives
      Data retention and destruction
    • Web Content Management Tools
      Content Management Systems (CMS)
      Proprietary web content management system (WCMS)
      Examples: Microsoft Office SharePoint Server and IBM Lotus Web Content Management
      Open source WCMS
      Examples: WordPress, Joomla, and Drupal
      Hosted - Software-as-a-Service (SaaS)
      Examples: Clickability, CrownPeak, and OmniUpdate
      Internally developed
    • WCMS considerations:
      Integration with company’s IT infrastructure and enterprise systems
      Features and functionalities
      Level of customization and companion products
      Vendors and solutions
    • Benefits
      Open source:
      Benefits: lower costs, increased security and transparency, and better support
      Benefits: subscription basis, no requirement of hardware, software, and infrastructure, vendor maintains and upgrades the software
    • Common Problems with Corporate Websites
      Network failure
      Broken links
      Security issues
      Unauthorized changes
      Defacement of the website
      Connectivity or system outage issues
      Hijacking of the website
    • Tools for Detecting Problems with Corporate Websites
      Web server monitoring
      A monitoring system includes “a set of monitors, mechanisms for alerting administrators if failures occur, and a historical log of data collected by monitors”
      monitoring system should provide three different types of information: exceptions, trends, and historical data
    • Tools for Detecting Problems with Corporate Websites
      Testing the security of the website
      Authentication mechanism
      Role-based authorization
      Input validations
      Custom cryptographic algorithms and management of keys
      Logging controls
    • Tools for Detecting Problems with Corporate Websites
      Tools available in the market:
      Software package monitoring system
      Freeware scripts and solutions
      Third parties that provide website integrity services
    • Example of third party website integrity services
      Content test – catches corrupted updates and content change
      Edit test – detects unauthorized changes to the web site
      Domain Name System (DNS) test – the domain is checked on hundreds of DNS servers to ensure that it maps to the intended IP address
      Ping test – confirms that the web server responds to basic internet requests
      Fetch test – confirms that the web server is operating and responds in a reasonable amount of time
      Others: process, CPU, and memory monitoring
    • Conclusions
      There are many different types of website risks and if these risks are not minimized the company’s website integrity may suffer, resulting in declined reputation and profitability
      Top management should get more involved to ensure that proper controls and tools (website content management tools and web monitoring tools) are in place to minimize these risks