1. Suppose your company has an e-commerce Website for selling different types of goods and services. Discuss the followings:
Answers
Answer:
Supposed your business had an e-commerce Web site where it sold goods and accepted credit card payments. Discuss the major security threats to this Web site and their potential impact. What can be done to minimize these threats?
E-commerce involves transactions of any kind of business done over an electronic system. This kind of business involves transactions that take place over Internet. E-commerce utilizes internal networks that interface with the World Wide Web. The nature of this kind of business, introduces internal and external risks to both the website and the business systems to which it is connected too. An E-commerce website can be faced some security threats that have to be addressed, to avoid any losses and intrusions. According to my e-commerce website, things have been run well but then later have to face some security threats .here are some of them.
E-commerce websites are vulnerable to fraud from internal and external sources. Fraud incidents include credit card fraud, which exposes the website to threat from clients and any other external sources and internal fraud. Any fraudulent transactions being entered into the system from employees. Such transactions can also be introduced into the system by hackers or Trojan Horses, which resemble the real customers’ transactions. To prevent fraud, Fraud scoring must be used. It is a system of predictive fraud detection models or technologies that payment processors use to identify the highest-risk transactions in card-not-present environment that require additional verification. All card-not-present transactions must be authorized before they are processed. The authorization response will typically be approval or decline. You should develop a process for handling transactions after the authorization response has been received and apply it consistently.
A website that has been invaded by viruses and malicious software, can come crushing which will make the website lose the entire information causing losses to the e-commerce business. This can cause the clients to lose trust in the business, and as a result they can close their accounts on the website. Loss of information on a website can be devastating for both the business owner and the client especially if the information was not backed up.
One of the greatest threats to an e-commerce is poor management. When the management is not committed to ensuring security and does not support budgets for purchase of anti-virus software licenses, that keep internal networks robust will cause pose a big security threat. The lack of proper anti-virus makes the e-commerce vulnerable to viral attacks. To minimize or reduce this threat, Management should commit to regular IT security audits of the e-commerce website to ensure that security is optimized and all potential problems are dealt with as soon as they occur.
E-commerce security issues relate to internal business networks and an interface between transactions done by the customer and the network. Hackers pose a threat to the security of the network, because they can gain access to internal systems via the e-commerce website. Such threats can be avoided by using a firewall between the website and the internal network, and by encrypting all the transaction data.