| |
In person-to-person transactions, security is
based on physical cues. Consumers have come to
accept the risks of using credit cards in places
like department stores because they can see and
touch the merchandise and make judgments about
the store. On the Internet, without those physical
cues, it is much more difficult to assess the
safety of a business. Also, serious security threats
have emerged. By becoming aware of the risks of
Internet-based transactions, businesses can acquire
technology solutions that overcome those risks:
|
| |
On the Internet it is often difficult to assess
the safety of the online system of a business.
Over time, serious security threats have emerged
on the Internet. By becoming aware of the risks
of Internet-based transactions and data transmissions,
businesses can acquire technology solutions that
overcome those risks. Some of the security risks
that businesses will be up against are:
- Spoofing- The low cost of Web site creation
and ease of copying existing pages makes it
all too easy to create illegitimate sites that
appear to be published by established organizations.
In fact, con artists have illegally obtained
credit card numbers by setting up professional-looking
storefronts that mimic legitimate businesses.
- Unauthorized disclosure- When transaction
information is transmitted "in the clear,"
hackers can intercept the transmissions to obtain
your customers' sensitive information.
- Unauthorized action- A competitor or disgruntled
customer can alter your Web site so that it
refuses service to potential clients or malfunctions.
- Data alteration- The content of a transaction
can be intercepted and altered en route, either
maliciously or accidentally. User names, credit
card numbers, and dollar amounts sent "in
the clear" are all vulnerable to such alteration
|
| |
A
Server ID, also known as a secure certificate
(digital certificate), is the electronic equivalent
of a business license. Server IDs are issued by
a trusted third party, called a Certification
Authority (CA). The CA that issues a Server ID
is vouching for your right to use your company
name and Web address, just as the office of the
Secretary of State does when it issues Articles
of Incorporation. CAs can also issue digital certificates
to individuals. Before issuing a Server ID, the
CA typically reviews your credentials - such as
your organization's Dun & Bradstreet number
or Articles of Incorporation - and completes a
thorough background checking process to ensure
that your organization is what it claims to be,
and is not claiming a false identity. Then the
CA issues your organization a Server ID, which
is an electronic credential that your business
can present to prove its identity or right to
access information.
Server IDs work in conjunction with Secure Sockets
Layer (SSL) technology, which is the industry-standard
protocol for secure, Web-based communications.
After you install your Server ID and you manually
activate SSL, a secure communications channel
is created between your server and your customer's
browser. Your site can communicate securely with
any customer who uses Netscape Navigator, Microsoft
Internet Explorer, or most popular e-mail programs.
To learn more about SSL, please read the following
pages:
A Network Firewall – is basically
a secure gate between your organizations data
and the Internet. The firewall then filters traffic
based on your requirements. Firewall security
is designed to detect and deflect unwanted attempts
to penetrate your server security. All data traffic
inbound to your server solution flows to the firewall.
There, data packets are inspected and evaluated
against a security policy that you define. All
data packets are compared to your security policy
before being forwarded or rejected by the firewall.
By employing these security methods, in addition
to a detailed system analysis and policy employment,
you can greatly reduce the risk of malicious hacking
and unauthorized access to your system.
|
Domain
Registration 
