Downloaded 148 times
More Related Content
Similar to E-commerce & Security
E-commerce & Security
- 1.
- 2. General E-BusinessSecurity Issues Security Questions Threats andAttacks E-Commerce Security
- 3. In thepast decade there have been two major developments; - Computerization: almost every aspect of business as well as human life is “computerized”. - Networking & Internet: the entire world is now a network of networks, connecting millions of computers, devices and sharing petabytes of data every second.
- 4. Any E-Businessneeds to be concerned about network security. The Internet is a “public” network consisting of thousands of interconnected private computer networks. Private computer network systems are exposed to threats from anywhere on the public network. Businesses must protect against the unknown. New methods of attacking networks andWeb sites, and new network security holes, are being constantly discovered or invented. An E-Business cannot expect to achieve perfect security for its network andWeb site.
- 5. How isthe data protected once it is delivered to the E-Business? How are credit card transactions authenticated and authorized? The biggest potential security problem in an E-Business is of human, rather than electronic, origin. The weakest link in any security system is the people using it.
- 6. According toPriceWaterhouseCooper Hacking cost United States companies $1.5 trillion in 2000 WorldTrade Center insurable loss $50 billion One year of hacking equals 30Trade Center attacks.
- 7. Mainly thereis two types of attacks Technical attacks ▪ An attack perpetrated using software and systems knowledge or expertise. Non technical attacks ▪ An attack that uses chicanery to trick people into revealing sensitive information or performing actions that compromise the security of a network.
- 8. Technical attacks Hacking ▪ Denial of Service attack ▪ Packet Sniffing ▪ Spoofing ▪ Keystroke Monitoring ▪ Viruses / Malware ▪ Cracking ▪ Zero-day incidents ▪ Botnets (hijacked computers). ▪ Web site defacement. Non technical attacks Social Engineering
- 9. Today’s mostecommerce solutions are pre- build customizable solutions provided by varied range of organizations. Most of these solutions has built in reliable security features. Customizations to these applications should be done in accordance with solution provider guide lines and standard coding methods.
- 10. Tools suchas passwords, firewalls, intrusion detection systems, and virus scanning software should be used to protect an E-Business’s network andWeb site. Transaction Security and Data Protection Use a predefined key to encrypt and decrypt the data during transmission Use the secure sockets layer (SSL) protocol to protect data transmitted over the Internet. Move sensitive customer information such as credit card numbers offline or encrypting the information if it is to be stored online.
- 12. Remove allfiles and data from storage devices including disk drives and tapes before getting rid of the devices. Shred all hard-copy documents containing sensitive information before trashing them. Security is only as strong as the weakest link. Security Audits and Penetration Testing Can provide an overall assessment of the firm’s current exposure and vulnerabilities. This is an outsourced item. Consultant will provide a comprehensive recommendation to address list of vulnerabilities.
- 13. E-Commerce willcontinue to grow and the threats to it too will evolve. In order to safe guard privacy and trust on E-Commerce its critical organizations actively plan and implement strategies prevent security breaches.This will value added to the business.
- 14.
Editor's Notes
- #2 Ecommerce & Security