The internet facilitates open and easy communication across the globe, and has made e-commerce possible. However, because of its unregulated nature, it poses a threat to the security of e-commerce systems. Hence, as an e-business owner, you should be ready to address an array of e-commerce security issues.
Here are some of the common problems created by hackers:
o Denial-of-service (DoS) attacks that will prevent authorized users from accessing your website. If this happens too often, your customers will walk away.
o Gaining access to sensitive data such as price lists, catalogues and intellectual property, and copying, changing or destroying the same. Who hasn’t been a victim of virus attack at some time?
o Altering your website. Unscrupulous rival companies might resort to such tactics in order to spoil your company’s image.
o Directing your customers to another site. You do the hard work, and someone else reaps the benefits.
Hence, you should introduce adequate e-commerce security control measures to reduce the risk to your systems. But remember, these controls should not be so restrictive that they impact the efficiency of your business.
Authentication: This is the technique of positively identifying someone seeking to access your e-commerce system. This usually involves any or all of the following:
o Assigning a user name and password combination to registered visitors.
o Instituting a two-factor verification process that requires confirmation of information known only to authentic users. For example, asking for an authentication token and a personal identification number.
o Scanning a person’s unique physical attribute such as a fingerprint or facial-feature.
Access control: In this type of control, access is restricted based on a need to know. This limits the number of people who can access a particular piece of information, and therefore reduces the risk of misdemeanor.
Encryption: This technique uses technologies like virtual private networks (VPNs) and secure socket layers (SSLs) to protect information that is being displayed on a computer or transmitted over a network. Companies like banks, which deal with sensitive information will most certainly encrypt data.
Firewall: This is either software or hardware that protects a server, network or computer system from attack by viruses and hackers. It is also a safeguard against user negligence. Many companies use the Kerberos protocol which uses symmetric secret key cryptography to restrict access to authorized employees.
Intrusion detection system (IDS): It inspects all inbound and outbound network activity and identifies any attempt being made to gain illegal access. If IDS suspects an attack, it generates an alarm or sends out an e-mail alert.
The importance of e-commerce security cannot be overemphasized. If your business strategy envisages the use of the internet, make sure that your systems are adequately protected. Books like “The Business of E-commerce: From Corporate Strategy to Technology” and “Security Becomes A Business Requirement For E-Commerce Companies” from amazon.com might be useful in order to deepen your understanding. You might also like to check out the e-commerce security products and services available at x-cart.com.
