Website Integrity<br />Presented by: Jeannie Wu<br />
Agenda<br />What risks do companies face re: their websites?<br />What tools are there for managing web content?<br />What...
Introduction to Websites<br />Two main purposes:<br />e-commerce activities<br />to provide information <br />The need for...
What risks do companies face regarding their websites?<br />Cyber intrusions<br />Unauthorized content<br />Privacy breach...
Potential Consequences<br />Assets decreases in value<br />Trade secrets stolen<br />Increases in litigations<br />
Issues with Managing Web Content<br />Bottlenecks<br />Consistency<br />Navigation<br />Content audit and control<br />Tra...
Web Content Management Tools<br />Content Life Cycle<br />1. Organization<br />Extensible Markup Language (XML), Resource ...
Web Content Management Tools<br />5. Versioning<br />Version control, check-in/check-out templates, multi-languages, rollb...
Web Content Management Tools<br />Content Management Systems (CMS)<br />Commercial <br />Self-hosted  <br />Proprietary we...
WCMS considerations:<br />Integration with company’s IT infrastructure and enterprise systems<br />Features and functional...
Benefits<br />Open source:<br />Benefits: lower costs, increased security and transparency, and better support<br />SaaS:<...
Common Problems with Corporate Websites<br />Downtime<br />Network failure<br />Broken links<br />Security issues<br />Una...
Tools for Detecting Problems with Corporate Websites<br />Web server monitoring<br />A monitoring system includes “a set o...
Tools for Detecting Problems with Corporate Websites<br />Testing the security of the website<br />Authentication mechanis...
Tools for Detecting Problems with Corporate Websites<br />Tools available in the market:<br />Software package monitoring ...
Example of third party website integrity services<br />Content test – catches corrupted updates and content change<br />Ed...
Conclusions<br />There are many different types of website risks and if these risks are not minimized the company’s websit...
Upcoming SlideShare
Loading in …5
×

Website integrity

1,483 views
1,324 views

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,483
On SlideShare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
9
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Website integrity

  1. 1. Website Integrity<br />Presented by: Jeannie Wu<br />
  2. 2. Agenda<br />What risks do companies face re: their websites?<br />What tools are there for managing web content?<br />What tools are there for detecting problems with corporate websites?<br />
  3. 3. Introduction to Websites<br />Two main purposes:<br />e-commerce activities<br />to provide information <br />The need for trust has increased as a result of:<br />anonymity of e-commerce<br />globalization,<br />increasing reliance on complex and powerful IT systems<br />From an e-commerce perspective, consumers need the assurance that corporate websites live up to their promises and that their private information will be protected while businesses need to differentiate themselves from their competitors<br />
  4. 4. What risks do companies face regarding their websites?<br />Cyber intrusions<br />Unauthorized content<br />Privacy breaches<br />Copyright and trademark infringements<br />
  5. 5. Potential Consequences<br />Assets decreases in value<br />Trade secrets stolen<br />Increases in litigations<br />
  6. 6. Issues with Managing Web Content<br />Bottlenecks<br />Consistency<br />Navigation<br />Content audit and control<br />Tracking changes<br />Integration<br />
  7. 7. Web Content Management Tools<br />Content Life Cycle<br />1. Organization<br />Extensible Markup Language (XML), Resource Description Framework (RDF)<br />2. Workflow<br />Design flexible rules, define roles and responsibilities<br />3. Creation<br />Authoring, conversion, digital rights management (DRM), editing tools, metadata tagging<br />4. Repositories<br />Relational database structures, files system objects, or both<br />
  8. 8. Web Content Management Tools<br />5. Versioning<br />Version control, check-in/check-out templates, multi-languages, rollback<br />6. Publishing <br />delivery methods testing, personalization, user testing<br />7. Archives<br />Data retention and destruction<br />
  9. 9. Web Content Management Tools<br />Content Management Systems (CMS)<br />Commercial <br />Self-hosted <br />Proprietary web content management system (WCMS)<br />Examples: Microsoft Office SharePoint Server and IBM Lotus Web Content Management<br />Open source WCMS<br />Examples: WordPress, Joomla, and Drupal<br />Hosted - Software-as-a-Service (SaaS)<br />Examples: Clickability, CrownPeak, and OmniUpdate<br />Internally developed<br />
  10. 10. WCMS considerations:<br />Integration with company’s IT infrastructure and enterprise systems<br />Features and functionalities<br />Level of customization and companion products<br />Costs<br />Vendors and solutions<br />
  11. 11. Benefits<br />Open source:<br />Benefits: lower costs, increased security and transparency, and better support<br />SaaS:<br />Benefits: subscription basis, no requirement of hardware, software, and infrastructure, vendor maintains and upgrades the software <br />
  12. 12. Common Problems with Corporate Websites<br />Downtime<br />Network failure<br />Broken links<br />Security issues<br />Unauthorized changes<br />Defacement of the website<br />Connectivity or system outage issues<br />Hijacking of the website<br />
  13. 13. Tools for Detecting Problems with Corporate Websites<br />Web server monitoring<br />A monitoring system includes “a set of monitors, mechanisms for alerting administrators if failures occur, and a historical log of data collected by monitors”<br />monitoring system should provide three different types of information: exceptions, trends, and historical data<br />
  14. 14. Tools for Detecting Problems with Corporate Websites<br />Testing the security of the website<br />Authentication mechanism<br />Role-based authorization<br />Input validations<br />Custom cryptographic algorithms and management of keys<br />Logging controls<br />
  15. 15. Tools for Detecting Problems with Corporate Websites<br />Tools available in the market:<br />Software package monitoring system<br />Shareware<br />Freeware scripts and solutions<br />Third parties that provide website integrity services<br />
  16. 16. Example of third party website integrity services<br />Content test – catches corrupted updates and content change<br />Edit test – detects unauthorized changes to the web site<br />Domain Name System (DNS) test – the domain is checked on hundreds of DNS servers to ensure that it maps to the intended IP address<br />Ping test – confirms that the web server responds to basic internet requests<br />Fetch test – confirms that the web server is operating and responds in a reasonable amount of time<br />Others: process, CPU, and memory monitoring<br />
  17. 17. Conclusions<br />There are many different types of website risks and if these risks are not minimized the company’s website integrity may suffer, resulting in declined reputation and profitability<br />Top management should get more involved to ensure that proper controls and tools (website content management tools and web monitoring tools) are in place to minimize these risks<br />

×