Security in E-business Essay Example
Security in E-business
With the growth of Electronic commerce as experienced in the modern world, many brick-and-mortar retail stores are continuously investing in technology thereby setting up e-business divisions in addition to the physical outlets. The increased reliance of the internet to gather information by individuals has driven most companies to develop online platforms and adapt to electronic marketing and sales which in turn has brought about online loyalty programmes and online delivery of rewards as well. According to Chaffey (2012), E-commerce enables the intergration of information and communication technologies (ICT) in the business operations. This entails interacting with all the businesses stakeholders through the use of ICT, for instance in e-marketing. Due to the risk poised by hackers. A business may consult professional firm to ensure its networks are secure and inaccessible to unauthorized personnel.
Through e-business, businesses should be in a position to enhance more sales through a broader distribution to customers that would otherwise not be reached offline. The modern market has become very diverse with most businesses adapting to this by intergrating use of information and communication technology. Those whose strategies are aimed at not only boosting sales, but also developing ties and a long-term relationship with the customer through confidentiality have an upper hand in the long-term benefit of the business. The business should therefore put in place strict guidelines to safeguard its operations and sensitive information from third parties and unauthorized access. This can be achieved trough storing sensitive information on a different machine from the one that receives and sends information. The access to the machine should be restricted to the appropriate person who would be held accountable for any breach or carelessness. (Forman et al, 2009).
E-business affords businesses the opportunity to tie its data processing methods both within and external, in a more proficient and supple manner hence meeting their customer needs and requirements. Smith and Chuffey (2008) notes that, e-business has brought about the need for businesses to have in place more concealed and safeguarded networks for their business practices which are not as open and public so as to enhance information security and confidentiality this ca ne achieved through use of private network and restricted access to information.
Despite the large number of benefits accrued from e-business, it can be costly and destructive if the information is accessed by third parties with ill objectives. There is a greater risk poised to e-business security wise, as compared to the traditional business approaches. With the large number of people who rely on the internet for their business activities, there is the dire need to ensure that their information is secure. These include customer’s information, staff and employee files, suppliers data among other confidential information. Hackers are a constant threat to the privacy and security of such private data. Hence there is a need by businesses to put in place measures to secure information from hackers. This can be achieved through fire walls and data encryption among other methods (Beynon,2004).
Some business information is intended to be kept confidential and can be shared with other parties only to a specific extent. With e-business such confidential information often finds itself in the hands of third parties such as competitors, and who might have ill motives hence the need to keep such data confidential and only accessible by the expected and planned recipient. Businesses should therefore put in place secure transmission methods of conveying this type of information. It should also be protected from unauthorized access and kept under safe custody (Prince, 2007).
It is easy to manipulate and alter electronic information. E-business therefore is faced by the risk of data being manipulated or altered by people with personal interests. For instance when doing electronic transactions, the customer needs to be certain that he/she is dealing with the intended seller so as to be assured that he/she is making the payment to the rightly intended person. According to Larose & Riffon (2007), the authenticity of e-business transactions needs to be assured to the parties involved. This can be achieved through the application of Virtual private network (VPN) which restricts the access of a network only to limited trusted individuals. This is also enhanced by use of other checks to identify oneself. This can be through the use of credit cards, digital signatures and passwords among other techniques.
The integrity of information conveyed electronically needs to be assured. The recipient of such information should be assured that the message received is the same as the message sent by the sender. It is therefore of essence for businesses to see to it that the data is in no way altered during the exchange either accidentally or intentionally. Data back ups are important so as to enable recovery in case of such instances. Lack of physical evidence of transactions is a challenge experienced in e-business. The lack of prove can make someone deny the execution of a transaction incase of a misunderstanding. However this can be resolved by the use of digital signatures which can be used as the evidence of transaction (Aiken & Boush, 2006).
With respect to physical security, the servers and Other PC’s with important information should be kept in a safe room whose access is restricted only to those authorized or with a clearance. Any point that could be used as an access to these rooms should be kept in check. These include windows, ventilation ducts, and ceilings among other points. Such rooms should also be guarded or secured in a way that to access them one should have a password or any other electronic identification methods (Quinn, 2006). Computers should not be placed directly on the floor to prevent destruction incases of instances such as flooding and there should be fire extinguishers in place incase of fire accidents. Back up information should be collected on various intervals and kept in a location that is secured and away from the premises.
Information that has high sensitivity should be protected by all means. This can be achieved through minimal retention of sensitive information such as credit card numbers and other personal information. Even when retained, such information should not be retained on networks that can be accessed through the internet. This information should also be retained for lesser periods of time and completely deleted when they are no longer needed. Information backups should be protected and secured as much as the original copies or information. According to Paul (2000), where information is no longer needed it should be disposed in the most appropriate manner to ensure it is completely destroyed.
Sensitive data should not be conveyed through emails. If emails are used the data should then be coded or encrypted. Such emails should not be stored or forwarded. If such information is deemed necessary for retention, it should be secured with as much dedication as any other sensitive information. Amor (1999) notes that, it is important for system administrators to constantly review the security measures and see to it that everything is as expected in terms of restricting unauthorized access to information and networks. Employees should be made wary of threats poised on e-business and taught how to maintain basic security measures like closing down workstations. Any inquiries regarding personal or sensitive business or customer information should be directed to the right individuals who are well aware of information safeguarding techniques. Any suspicious activities with regard to individuals and networks should be reported to the appropriate authority so that the necessary measures can be taken.
Aiken, K. D., & Boush, D. M. (2006). Trustmarks, objective-source ratings, and implied investments in advertising: Investigating online trust and the context-specific nature of Internet signals. Journal of the Academy of Marketing Science, 34(3), 308-323
Amor, D. (1999). The e-business revolution.Prentice Hall. Upper Saddle River:
Beynon D. P. (2004). E-Business. Palgrave, Basingstoke
. Financial Times/Prentice Hall. Harlow, UK. Fifth edition. E-business and e-commerce managementChaffey, D. (2012).
Forman, C., Ghose, D. & Goldfarb, A. (2009). Competition Between Local and Electronic Markets: How the Benefit of Buying Online Depends on Where You Live, Journal of Management Science, 55(1), 47-57.
LaRose, R., & Rifon, N. J. (2007). Promoting i-safety: Effects of privacy warnings and privacy seals on risk assessment and online privacy behavior. Journal of Consumer Affairs, 41(1), 127-149
Paul, T. (2000). Electronic Commerce — strategies & models for business-to-business trading, pp.31, John Wiley & Sons, Ltd,
Prince, J. T. (2007). The Beginning of Online/Retail Competition and Its Origins: An Application to Personal Computers, International Journal of Industrial Organization
Quinn, (2006). Ready for the Digital Future, Supply Chain Management Review.
: at the heart of eBusiness. Butterworth Heinemann, Oxford, UK. 3rd editioneMarketing eXcellenceSmith, P.R., & Chaffey, D. (2008)
More Important Things