Security Issues on the Internet  -- Girish Warrier Lets assume that you have a website of your own. Your website
allows transactions online. You type in your website's domain to see those
lovely articles, beautiful pictures that you meticulously engineered to
put on your site. Alas! You see unfamiliar things. Things that you have never intended to publish
have come up on your monitor. Something has gone haywire. Did you type
the domain name wrong? You check with the network administrator and to
his dismay, he too looks at the page with the same amount of astonishment
as you feel. Where did things go wrong? Did you think of hackers, viruses
and lurking cyber goons? Enough to give you an aversion. How do you prevent this? An efficient
firewall is the armor your network needs to combat most of these threats. Does your website offer online transactions too? You may have been wondering
about the safety and security aspects involved in online transactions.
Just consider a scenario where you stay at a hotel and pay your bill through
credit card - there is nothing to stop the clerk to make a copy of your
credit card information. For any kind of transaction, all that is important
is your credit card number and the expiry date. Keeping this in mind would
you stick with the myth of avoiding e-commerce? You will be looking for
greater security for that golden number that you hold.
Enabling online transaction on your website is not all that simple. Let
me describe what it would mean.
Online payments To verify online credit card details you would need to sign
up for a merchant account like, www.linkpoint.com
or www.authorize.net for accepting
payments online. In addition to this you would need to apply for a digital
certificate from an authenticating agency. Encryption and SSL Using a Digital Certificate (Digital ID) in conjunction
with SSL encryption provides complete security for all parties involved
in a transaction. Secure Socket Layer (SSL) is again a service that is
universally accepted on the World Wide Web for authenticated and encrypted
communication between clients and servers. The most commonly used agencies
are Thawte and Verisign. Both have online applications to speed up the
process. Also, usually hosting companies have a tie-up with these companies. Is encryption the only means of security? Valid question !!! For greater security, the network must
have firewalls.
Firewalls Firewalls are tools that are used to enhance the security
of computers connected to a network, such as a Local Area Network or the
Internet. Firewalls deny or accept all messages and sites based on a list
that is stored in the system. This is usually decided by a system administrator. The two kinds of firewall mechanisms are namely packet filtering
and stateful packet inspection. The former does not check the content
of a message where as the later checks the content, thereby providing
more security.
Are there any tools to monitor the security aspects of
a website? To maintain security of network and data resources, continuous
monitoring of network activity becomes mandatory. Our system administrators
detect anomalous readings by the automatic notification during monitoring.
We at Stylus have effective secure procedures that are based on the computer
security policy. Procedures address topics like retrieving programs from
the network, connecting to the site's system from home or while traveling,
using encryption, authentication for issuing accounts, configuration,
and monitoring. We ensure the integrity of system software on a regular
basis.
We have a security policy and a clear high-level document
plan for organization-wide computer and information security. It provides
a framework for making specific decisions, such as online credit card
use and how to configure merchant account services etc. Internet/ecommerce security isn't a luxury, it's a necessity. The two
arms of website security are firewall and encryption, which when combined
can guarantee safe transaction and secure transfer of information to the
right place. The monitoring of tools that will maintain vigilance on your
hardware and software security has to be of primary importance. The security
policies and procedures are the salient processes that any software corporate
must consider. As the business use of the Internet increases day by day,
network security will become crucial to the development of the Internet.
Useful links
|