E-commerce & Security
-
Upload
netstartersl -
Category
Technology
-
view
319 -
download
1
description
Transcript of E-commerce & Security
![Page 1: E-commerce & Security](https://reader036.fdocuments.us/reader036/viewer/2022082700/54847b95b4af9faf148b45af/html5/thumbnails/1.jpg)
E-commerce & SecurityNetstarter Tech Talk April 10th 2014
![Page 2: E-commerce & Security](https://reader036.fdocuments.us/reader036/viewer/2022082700/54847b95b4af9faf148b45af/html5/thumbnails/2.jpg)
Agenda
General E-Business Security Issues Security Questions Threats and Attacks E-Commerce Security
![Page 3: E-commerce & Security](https://reader036.fdocuments.us/reader036/viewer/2022082700/54847b95b4af9faf148b45af/html5/thumbnails/3.jpg)
Introduction
In the past decade there have been two major developments;- Computerization: almost every aspect
of business as well as human life is “computerized”.
- Networking & Internet: the entire world is now a network of networks, connecting millions of computers, devices and sharing petabytes of data every second.
![Page 4: E-commerce & Security](https://reader036.fdocuments.us/reader036/viewer/2022082700/54847b95b4af9faf148b45af/html5/thumbnails/4.jpg)
General E-Business Security Issues
Any E-Business needs to be concerned about network security.
The Internet is a “public” network consisting of thousands of interconnected private computer networks.
Private computer network systems are exposed to threats from anywhere on the public network.
Businesses must protect against the unknown. New methods of attacking networks and Web sites, and
new network security holes, are being constantly discovered or invented.
An E-Business cannot expect to achieve perfect security for its network and Web site.
![Page 5: E-commerce & Security](https://reader036.fdocuments.us/reader036/viewer/2022082700/54847b95b4af9faf148b45af/html5/thumbnails/5.jpg)
Security Questions
How is the data protected once it is delivered to the E-Business?
How are credit card transactions authenticated and authorized?
The biggest potential security problem in an E-Business is of human, rather than electronic, origin.
The weakest link in any security system is the people using it.
![Page 6: E-commerce & Security](https://reader036.fdocuments.us/reader036/viewer/2022082700/54847b95b4af9faf148b45af/html5/thumbnails/6.jpg)
Facts
According to PriceWaterhouseCooper Hacking cost United States companies
$1.5 trillion in 2000 World Trade Center insurable loss
$50 billion One year of hacking equals 30 Trade
Center attacks.
![Page 7: E-commerce & Security](https://reader036.fdocuments.us/reader036/viewer/2022082700/54847b95b4af9faf148b45af/html5/thumbnails/7.jpg)
Threats and Attacks
Mainly there is two types of attacks Technical attacks▪ An attack perpetrated using software and
systems knowledge or expertise.
Non technical attacks▪ An attack that uses chicanery to trick people
into revealing sensitive information or performing actions that compromise the security of a network.
![Page 8: E-commerce & Security](https://reader036.fdocuments.us/reader036/viewer/2022082700/54847b95b4af9faf148b45af/html5/thumbnails/8.jpg)
Technical attacks Hacking▪ Denial of Service attack▪ Packet Sniffing▪ Spoofing▪ Keystroke Monitoring▪ Viruses / Malware▪ Cracking▪ Zero-day incidents▪ Botnets (hijacked computers).▪ Web site defacement.
Non technical attacks Social Engineering
Threats and Attacks
![Page 9: E-commerce & Security](https://reader036.fdocuments.us/reader036/viewer/2022082700/54847b95b4af9faf148b45af/html5/thumbnails/9.jpg)
E-Commerce Security
Today’s most ecommerce solutions are pre-build customizable solutions provided by varied range of organizations. Most of these solutions has built in reliable security features.
Customizations to these applications should be done in accordance with solution provider guide lines and standard coding methods.
![Page 10: E-commerce & Security](https://reader036.fdocuments.us/reader036/viewer/2022082700/54847b95b4af9faf148b45af/html5/thumbnails/10.jpg)
E-Commerce Security contd.. Tools such as passwords, firewalls, intrusion
detection systems, and virus scanning software should be used to protect an E-Business’s network and Web site.
Transaction Security and Data Protection Use a predefined key to encrypt and decrypt the data
during transmission Use the secure sockets layer (SSL) protocol to protect
data transmitted over the Internet. Move sensitive customer information such as credit
card numbers offline or encrypting the information if it is to be stored online.
![Page 11: E-commerce & Security](https://reader036.fdocuments.us/reader036/viewer/2022082700/54847b95b4af9faf148b45af/html5/thumbnails/11.jpg)
E-Commerce Security contd..
![Page 12: E-commerce & Security](https://reader036.fdocuments.us/reader036/viewer/2022082700/54847b95b4af9faf148b45af/html5/thumbnails/12.jpg)
E-Commerce Security contd..
Remove all files and data from storage devices including disk drives and tapes before getting rid of the devices.
Shred all hard-copy documents containing sensitive information before trashing them.
Security is only as strong as the weakest link.
Security Audits and Penetration Testing
Can provide an overall assessment of the firm’s current exposure and vulnerabilities.
This is an outsourced item.
Consultant will provide a comprehensive recommendation to address list of vulnerabilities.
![Page 13: E-commerce & Security](https://reader036.fdocuments.us/reader036/viewer/2022082700/54847b95b4af9faf148b45af/html5/thumbnails/13.jpg)
Conclusion
E-Commerce will continue to grow and the threats to it too will evolve. In order to safe guard privacy and trust on E-Commerce its critical organizations actively plan and implement strategies prevent security breaches. This will value added to the business.
![Page 14: E-commerce & Security](https://reader036.fdocuments.us/reader036/viewer/2022082700/54847b95b4af9faf148b45af/html5/thumbnails/14.jpg)
Thank You