Here are some of the common problems created by hackers:
• Denial-of-service (DoS) attacks that will prevent authorized users from accessing your website. If this happens too often, your customers will walk away.
• Gaining access to sensitive data such as price lists, catalogues and intellectual property, and copying, changing or destroying the same. Who hasn't been a victim of virus attack at some time?
• Altering your website. Unscrupulous rival companies might resort to such tactics in order to spoil your company's image.
• Directing your customers to another site. You do the hard work, and someone else reaps the benefits.
Hence, you should introduce adequate e-commerce security control measures to reduce the risk to your systems. But remember, these controls should not be so restrictive that they impact the efficiency of your business.
Authentication: This is the technique of positively identifying someone seeking to access your e-commerce system. This usually involves any or all of the following:
• Assigning a user name and password combination to registered visitors.
• Instituting a two-factor verification process that requires confirmation of information known only to authentic users. For example, asking for an authentication token and a personal identification number.
• Scanning a person's unique physical attribute such as a fingerprint or facial-feature.
Access control: In this type of control, access is restricted based on a need to know. This limits the number of people who can access a particular piece of information, and therefore reduces the risk of misdemeanor.
Encryption: This technique uses technologies like virtual private networks (VPNs) and secure socket layers (SSLs) to protect information that is being displayed on a computer or transmitted over a network. Companies like banks, which deal with sensitive information will most certainly encrypt data.
Firewall: This is either software or hardware that protects a server, network or computer system from attack by viruses and hackers. It is also a safeguard against user negligence. Many companies use the Kerberos protocol which uses symmetric secret key cryptography to restrict access to authorized employees.
Intrusion detection system (IDS): It inspects all inbound and outbound network activity and identifies any attempt being made to gain illegal access. If IDS suspects an attack, it generates an alarm or sends out an e-mail alert.
The importance of e-commerce security cannot be overemphasized. If your business strategy envisages the use of the internet, make sure that your systems are adequately protected. Books like "The Business of E-commerce: From Corporate Strategy to Technology" and "Security Becomes A Business Requirement For E-Commerce Companies" from amazon.com might be useful in order to deepen your understanding. You might also like to check out the e-commerce security products and services available at x-cart.com.
Hi, I'm Akhil Shahani, a serial entrepreneur who wants to help you succeed. If you like to work smart, check out http://www.SmartEntrepreneur.net . It's full of articles and resources to help you start and grow your business successfully. Please visit us & download our special "Freebie of The Month" at http://www.smartentrepreneur.net/freebie-of-the-month.html
No comments:
Post a Comment