2. Agenda What risks do companies face re: their websites? What tools are there for managing web content? What tools are there for detecting problems with corporate websites?
3. Introduction to Websites Two main purposes: e-commerce activities to provide information The need for trust has increased as a result of: anonymity of e-commerce globalization, increasing reliance on complex and powerful IT systems From an e-commerce perspective, consumers need the assurance that corporate websites live up to their promises and that their private information will be protected while businesses need to differentiate themselves from their competitors
4. What risks do companies face regarding their websites? Cyber intrusions Unauthorized content Privacy breaches Copyright and trademark infringements
6. Issues with Managing Web Content Bottlenecks Consistency Navigation Content audit and control Tracking changes Integration
7. Web Content Management Tools Content Life Cycle 1. Organization Extensible Markup Language (XML), Resource Description Framework (RDF) 2. Workflow Design flexible rules, define roles and responsibilities 3. Creation Authoring, conversion, digital rights management (DRM), editing tools, metadata tagging 4. Repositories Relational database structures, files system objects, or both
8. Web Content Management Tools 5. Versioning Version control, check-in/check-out templates, multi-languages, rollback 6. Publishing delivery methods testing, personalization, user testing 7. Archives Data retention and destruction
9. Web Content Management Tools Content Management Systems (CMS) Commercial Self-hosted Proprietary web content management system (WCMS) Examples: Microsoft Office SharePoint Server and IBM Lotus Web Content Management Open source WCMS Examples: WordPress, Joomla, and Drupal Hosted - Software-as-a-Service (SaaS) Examples: Clickability, CrownPeak, and OmniUpdate Internally developed
10. WCMS considerations: Integration with company’s IT infrastructure and enterprise systems Features and functionalities Level of customization and companion products Costs Vendors and solutions
11. Benefits Open source: Benefits: lower costs, increased security and transparency, and better support SaaS: Benefits: subscription basis, no requirement of hardware, software, and infrastructure, vendor maintains and upgrades the software
12. Common Problems with Corporate Websites Downtime Network failure Broken links Security issues Unauthorized changes Defacement of the website Connectivity or system outage issues Hijacking of the website
13. Tools for Detecting Problems with Corporate Websites Web server monitoring A monitoring system includes “a set of monitors, mechanisms for alerting administrators if failures occur, and a historical log of data collected by monitors” monitoring system should provide three different types of information: exceptions, trends, and historical data
14. Tools for Detecting Problems with Corporate Websites Testing the security of the website Authentication mechanism Role-based authorization Input validations Custom cryptographic algorithms and management of keys Logging controls
15. Tools for Detecting Problems with Corporate Websites Tools available in the market: Software package monitoring system Shareware Freeware scripts and solutions Third parties that provide website integrity services
16. Example of third party website integrity services Content test – catches corrupted updates and content change Edit test – detects unauthorized changes to the web site Domain Name System (DNS) test – the domain is checked on hundreds of DNS servers to ensure that it maps to the intended IP address Ping test – confirms that the web server responds to basic internet requests Fetch test – confirms that the web server is operating and responds in a reasonable amount of time Others: process, CPU, and memory monitoring
17. Conclusions There are many different types of website risks and if these risks are not minimized the company’s website integrity may suffer, resulting in declined reputation and profitability Top management should get more involved to ensure that proper controls and tools (website content management tools and web monitoring tools) are in place to minimize these risks