logo image

Identifying Security Issues for E-Businesses Essay

The advent of the Internet has made online business possible. Through the World Wide Web, businesses are now able to reach out to more people all over the world yet there are threats to the security of online business worldwide. This paper seeks

Need essay sample on "Identifying Security Issues for E-Businesses"? We will write a custom essay sample specifically for you for only $ 13.90/page

to identify these security threats such as viruses and Trojan horses and their causes such as the vulnerabilities of the computer system. Methods of social engineering are also explored. In order to effectively combat these threats to online security of an e-business, effective measures should be undertaken more than just the installation of antivirus software.

This paper then presents a framework for managing these security threats. 1 Introduction The Internet has become a very important part of the lives of humans whether at home, in the government sectors and most especially in the conduct of businesses. Because of the worldwide connectivity fostered by the Internet, businesses have recognized the importance of reaching out to customers located in different areas of the world. Although there are a number of benefits being offered by online businesses, there are also threats that seek to hack into the system and get information for the purposes of gaining undue financial advantage.

This paper seeks

Need essay sample on "Identifying Security Issues for E-Businesses"? We will write a custom essay sample specifically for you for only $ 13.90/page

to present the benefits that can be derived from online business with a focus on the kinds of security threats that challenge the viability and profitability of these businesses. The strategies and methods in preventing these threats are also explored in this paper. This study uses qualitative approach in dealing with the topic. This worldwide reach of the Internet makes it a great tool for marketing. In fact a lot of businesses are using it to promote their own products and services.

In addition to this, a number of businesses are now conducting operations online and they are reaching customers worldwide [1]. How do they do this? They present an overview of their products and services online and customers can make orders in their websites through email or through the system being used by the business. The customer usually pays the business through credit cards, which can facilitate transactions online and the business will deliver the product or service as agreed upon by both of them. For products, they are usually shipped and delivered to the address provided by the customer.

Some online services are provided right after the payment or these services may also be delivered at the address delivered by the customer, depending on the nature of service. Business operations online makes the life of both customers and businesses easier. On the part of customers, they no longer have to go to physical shops and stores to buy goods and services. They simply have to connect to the Internet, visit the websites of online businesses and after a few clicks, they just need to wait for their orders to arrive.

The system is very convenient and the customers save time and efforts in buying the services [1]. Businesses, on the hand, are freed from the necessity of putting up and maintaining shops and other matters necessary to make the business run, thereby generating important savings, which can then be used for other purposes [2]. There are security threats in the Internet, however, and these should be addressed if the business were to become viable and profitable in the long run.

Examples of this would be Trojan horses and other viruses; spam emails and messages online; and other social engineering tactics. These security threats are presented more comprehensively in the succeeding sections. In order to manage these threats, mere antivirus software is not enough. Instead there should be an overall framework and strategy to deal with these threats so that every aspect of the business is covered [3] [4]. The benefits of this comprehensive protection system are also presented in a succeeding section of this paper.

2 Security Threats for Online Businesses The purpose of this study is to discover what the security threats are for e-business and how can these threats be prevented to ensure the functionality and the longevity of the e-business. As a result, the interests of both the business and the customers are protected, making the online business process profitable for both customers and the businesses. If such a framework for preventing and managing security threats is arrive at, then online businesses can take care of these threats in a systematic and effective manner [5].

2. 1 A Survey of Online Security Threats Alongside the development of information technologies and the Internet as a whole, there has been a proliferation of viruses and other security threats in the Internet. The number of viruses has grown and more of them keep cropping up everywhere in the Internet landscape [6]. A discourse on security threats impinge upon the overall discussion of the overall security or insecurity of the system of a business or any organization with online presence for that matter.

As such, an overview of the insecurity of computer systems would be in order prior to a presentation of the security threats to online businesses. 2. 1. 1 Insecurity of Computer Systems The configuration and design of a computer system, including the operating system used, make intrusion into the system possible. There are people who seek to derive profit from intruding into computer systems. There are also novice hackers, usually teenagers, who just want to experience the thrill of hacking.

Nonetheless, the motivations of hackers vary and yet the overriding need for ensuring security and stability of the online business’s computer system should be kept intact [7]. The concept of vulnerabilities is very important in identifying and establishing counter-measures against intrusions into the system of an online business. It is through these vulnerabilities that hackers enter and gain access to important information from the websites and other databases [8]. Most software have their flaws through bugs and incomplete security fixes.

Through these flaws, hackers are able to gain entry to the system Although the developers of the software conduct testing of codes there are still potential exploits that are not discovered. Exploits are small programs that can be embedded in the overall system of the software. These exploits are what viruses and Trojan horses use to induce the computer or the system to perform in a way that its users neither anticipate nor designed [8]. Networks, whether they are local-area networks or wide-area networks, can be accessed by multiple users.

Because of this, any file or document transmitted over the network may be accessed by others. Those who are intent at doing so, may actually “eavesdrop” on confidential matters passed on by other users in the network. Worse, they can also modify the files, wreaking havoc and misunderstanding within the organization. Due to the developments in information technology, there are now powerful program that seeks to eavesdrop on private online conversations although such program is not connected in the network [8].

Human beings, because of carelessness, may also give away important information such as passwords and usernames to secure networks. These individuals may also be deceived into giving away their usernames and passwords through deceptive messages through email or other means of communication. This kind of deception has been called social engineering and it has been used in stealing online identities. Social engineering practices include phishing, which involve sending information to users that seek to elicit confidential information from the target [8].

When hackers fail to gain access to a network or to a database, they may embark to disable the system altogether. This can be done through denial of service attacks. This can be targeted to individuals by making their passwords unusable through incorrect attempts. This may also come in the form of overloading a system or a network, causing it to block all users when a network provider or a system is flooded by a flurry of messages or activities, it may cause the system to malfunction or stop working altogether [8].

There may also be indirect attacks to systems through a third party computer that has been taken over through a virus. This makes it difficult to track the actual attacker. In addition to this, there are also backdoors that bypass the authentication process. Through this, the hacker can gain entry within going through the verification of user process. Lastly, there are also direct access attacks in which the actual computer or any retrieving device is accessed and by employing several tactics such as booting the system from a CD and reading all the data of the disc [8] [10].

2. 2 People’s Behavior Regarding Online Transactions The author of this paper has conducted interviews with eight (8) people who are regularly using the internet. The purpose of the interview was to determine their behaviors online and the way that they kept confidential information such as usernames and passwords. In terms of keeping usernames and passwords, five interviewees reported being careful of theirs. Three interviewees, however, said that they trust their partners (i. e. girlfriend or boyfriend) enough to give them some of their usernames and passwords.

In most cases, however, they try to make sure that information pertaining to their usernames and passwords are kept intact and protected. To protect themselves from identity theft, they make use of antivirus software at home just so they are alerted of viruses and Trojan horses that seek to gain entry to their own systems and other online accounts. All of the people interviewed were already making use of at least one online business such as Amazon. com. So far, they were content with what they experienced and they have not yet experienced any significant security attacks directed to them. 3 Dealing With Security Threats

Antivirus software is helpful in dealing with security threats such as viruses and Trojan horses, yet it is not enough in effectively dealing with security threats directed at an online business. What is needed is an overall framework and strategy in which the antivirus software is but a part of. There should be an assessment of the current state of security in the online business. Based on this assessment, the needs of the business will be identified and the appropriate strategies will be determined in response to these needs. In the previous section, the concept of vulnerability has been tackled.

Reducing vulnerability is therefore very important in ensuring security for an online business. Messages should be encrypted and protected so that no one can easily break codes, passwords and other information that are sensitive. This would also involved an intensive training for the personnel of the online business to handle sensitive information very carefully. Social engineering tactics may be difficult to prevent totally since human beings are liable to mistakes and they can easily overlook details and other safety precautions, yet, a training on handling personal information would be necessary for this purpose.

Methods of protecting passwords and usernames should be posted in the workplaces of personnel who are connected to the conduct of online business. Since there are really good hackers in the world who can break into systems and it may be costly to overhaul or create a fail-proof system, then it would be more advisable to install a stable operating systems and keep the system and other software—operations, applications and antivirus—up to date. There are downloads and security fixes that can be found in the websites of the software providers.

To provide a cushion for the effect of intrusions and to prevent losing thousands of dollars, information should be backed-up and insurance may be put in place [9]. In short, there are three processes at work in ensuring the security of the online business: prevention, detection and response. Prevention includes the installation of antivirus software and the education and training of business personnel to combat social engineering tactics. Encrypting messages and sensitive information also falls under this.

Likewise, a firewall, which is intended to protect the system should also be installed properly. Intrusion detection systems are also necessary to ensure that viruses that enter can be filtered right away. Responding to security intrusions may range from legal action, and the tracing of the intruder and more importantly, the restarting of operations and the continuation of the online business. References [1] Janal, D. S. (2000). Dan Janal’s Guide to Marketing on the Internet. New York: John Wiley and Sons. [2] Royer, S. (2005). Strategic Management and Online Selling.

London: Routledge. [3] Brathwaite, T. (2002). Securing E-Business Systems: A Guide for Managers and Executives. New York: John Wiley and Sons. [4] Reuvid, J. (2004). The Secure Online Business Handbook. New York: Kogan Page. [5] Clark, D. L. (2002). Enterprise Security: The Manager’s Defense Guide. New York: Addison Wesley Professional. [6] Stoll, C. S. (2000). The Cuckoo’s Egg: Tracking a Spy Through the Maze of Computer Espionage. New York: Pocket. [7] Anderson, R. (2001). Security Engineering: A Guide to Building Dependable Distributed Systems.

New York: Wiley. Retrieved 6 Oct 2007 from http://www. cl. cam. ac. uk/~rja14/book. html. [8] Schell, R. (1996). The Internet Rules but the Emperor Has No Clothes. Proceedings of the 12th Annual Computer Security Applications Conference. Retrieved 6 Oct 2007 from http://csdl2. computer. org/comp/proceedings/acsac/1996/7606/00/7606xiv. pdf [9] Glossbrenner, A. & Rosenberg, J. (1995). Online Resources for Business. New York: Wiley. [10] Peikari, C. & Chuvakin, A. (2004). Security Warrior. New York: O’Reilly Media.

Can’t wait to take that assignment burden offyour shoulders?

Let us know what it is and we will show you how it can be done!
Sorry, but copying text is forbidden on this website. If you need this or any other sample, please register

Already on Businessays? Login here

No, thanks. I prefer suffering on my own
Sorry, but copying text is forbidden on this website. If you need this or any other sample register now and get a free access to all papers, carefully proofread and edited by our experts.
Sign in / Sign up
No, thanks. I prefer suffering on my own
Not quite the topic you need?
We would be happy to write it
Join and witness the magic
Service Open At All Times
Complete Buyer Protection
Plagiarism-Free Writing

Emily from Businessays

Hi there, would you like to get such a paper? How about receiving a customized one? Check it out https://goo.gl/chNgQy

We use cookies to give you the best experience possible. By continuing we’ll assume you’re on board with our cookie policy