E-COMMERCE AND MARKETING

E-Commerce and Marketing 7

E-COMMERCEAND MARKETING

byStudent’s name

Code+course name

Universityname

City,State

Tableof Contents

Executive Summary 3

Introduction 4

Security Components 5

Main Security Features 6

Authentication 6

Authorisation 6

Encryption 7

Auditing 7

Security Concerns affect to E-Commerce 7

Computer Viruses 8

Trojan Horses 8

Network Sniffing 9

Denial of Service Attack 9

Conclusion 10

Reference List 11

Appendices 13

ExecutiveSummary

Manyfirms in thecontemporaryworldwheretechnology has dictatedthewayandmannerin which everything isdone,havefoundthemselves with nooptionbutto conductcommerceon electronicplatforms.E-commerce systemsarefirmlyintegratedwiththeservicesectorinsurancefirms, banksandbuildingsocieties.EventhoughE-commerce is offeringmanycomfortsto individualsandfirms,italsofrontsopportunitiesforsecurityinfringement.Thisreportwill discussin detailthesecurityissuesaffectingE-commerce andavailablesecuritystrategiesto overcomesecuritythreats.Themostprevalentsecurityissuesthat hackers andintruderssubterfugeto electroniccommercesystemsincludeaccessto privatedata andfinancialinformation,denialof service,useof virusesto interruptandcorruptbusinessdata andalterationof websites.

Thecoregoalof electroniccommerceactivitiesis to attracttheintereston online-surfers by effectiveadvertisingcampaignsandtransformthem into online buyers.Securityof theonline based businessdealshas beenbrandedas thekeyissuein thedevelopmentandsuccessof e-commerce. Implementation of a defencesystemthat will ensurethattheconfidentiality, integrityandaccessto informationanddata relatingto e-commerce hasimmensebenefitsto both thecustomersandbusinesses.

Introduction

Inthehighcompetitivemarket,thefirms conducttheir operationsina verychallenging environment.Firms that are moreeffectiveandefficientin communicatingwith thetargetmarketandin realigning their servicesandproductshavehigherchancesof meetingcustomerneedsandattainingproductacceptance(Smith,2004).To ensurethattheydonot losetheir competitiveedgeandmarketsharefirms must continuallyensuretheychoosethemostappropriatemarketingmix, maintainproductinnovation,adoptservicemarketingcommunicationandtarget theaptmarket.Rapidadvancementin technology has enabledindividualsandfirms to conveyandreceiveinformationfrom anypartof theglobe(Khosrow-Pour,2004).In thepastpeopleusedto exchangeinformationonly,butas technology continuedto takerootfirms startedto usetechnology in buying,sellingandmarketing,whathas cometo beknownas E-commerce. E-commerce is a formof trademodelforbothlargeandsmallenterprisethat empowersindividualsandfirms to conductcommerceusingelectronicplatformssuchas theinternet. E-commerce isnormallycategorisedinto four keyareasbased on thepartiesandtypeof businessinvolved.Itcan beconsumerto consumer,B2B, consumerto businessandBusiness to consumer (Smith,2004).

Manyfirms in thecontemporaryworldwheretechnology has dictatedthewayandmannerin which everything isdonehavefoundthemselves with nooptionbutto maintainpresenceon theinternet. Itis not bizarreto findfirms andbrandsthat donot requirebricksandmortarto claima marketshare(Khosrow-Pour,2004).E-commerce systemsare alsostronglyintegratedwiththeservicesectorinsurancefirms, banksandbuildingsocieties.EventhoughE-commerce is offeringmanycomfortsto individualsandfirms,italsofrontsopportunitiesforsecurityinfringement(Nemati,2008). Thisreportwill discussin detailthesecurityissuesaffectingE-commerce andavailablesecuritystrategiesto overcomesecuritythreats.

SecurityComponents

Foreverybusinessentitythat transactsbusinessthrough theinternet,itis importantto knowandrecognizetheeffectsecuritythreatsthat are inherentin theE-commerce andtheprobableeffectson their security.Amajorityof thesecurityrisksfacingtheE-commerce systemsare categorisedinto two maingroups,maliciousoraccidental(Khosrow-Pour,2004).Itis a wellknowfactthatmanyof thesecuritythreatin E-commerce are maliciousandoccuras a resultof actionsof fraudulentindividualssuchas hackers tryingto gainaccessto restrictedsystemswith themainobjectiveof reading,stealingandchangingprivatesensitivedata andinformation.Itcan alsohappenwhenpeoplestealservers andcomputerswith confidentialsensitiveinformationanddata on theharddisk,in situationswhereunauthorizedusers sendprivateandconfidentialinformationto unauthorizedreceiverorcreatea website that appearssimilarto thatof anotherindividualorfirm to confuseusers andcustomers (Smith,2004).By andlargesecurityis a paramountissuein E-commerce. Theannihilation of trustin online tradetendsto elicitfeelingof fearandcautionamong individualsandbusinesseswhichcausemanyto revertto oldwaysof doingbusinessandtrade.Theexistinglackof confidenceandtrustin E-commerce has beencausedby a globalsurgeof hacking on majore-commerce platforms,andthathas causedmassiveabuseof user andconsumerconfidentiality anddata.

Theconceptof E-commerce securityentailsthree essentialelementsincludingintegrity,confidentiality andavailability- as shown in the diangram 1. Theauthorisedindividualsare permittedto accesstheextremelyclassifieddata andinformationrelatedto theuser (customers)(Christopher, 2015). Leakage of confidentialinformationordata to unauthorisedindividualsisconsideredas an infringementandbreachof confidentiality. Dataintegrityis maintainedby safeguarding thepreciseinformationenclosedin it.

Diagram1: ThreeEssentialElementsofE-Commerce Security

Dataintegrityisinfringedwhenthere is additionauxiliarydemandfordisbursementwithin statementandbills.Thelastelementof securityis theavailability that guaranteesuser andcustomershavesecureaccessto resourcesandwhenever thisaccessifdeniedordelayedtheconceptof availability isnegatively influenced(Christopher,2015).

MainSecurity Features

Themainsecuritycharacteristicsof electroniccommercesystemincludeauthorization,auditing, authentication andencryption. Everyfeatureof an e-commerce systemhas its rolein an attemptto maintainsecurityof transaction.

Authentication

Thisis theprocessof verifyingandmakingsurethattheuser orcustomerwhohas accessto thesystemis theonethat theyclaimto be andin thiswayitpreventsallunfamiliarindividualsfrom enteringinto theprocesstransaction(Khosrow-Pour,2004).

Authorisation

Thisentailsan actof controlof thepersonalresourceson theinternet. Through authorisation,individualsareabletomanipulatepersonalresourcesthrough a particularmechanism.Thisprocessenablesa customerto keeptrackof their accountandinvoicesystem.

Encryption

Thissecurityprocessis designedto maintainutmostsecuritymeasuresby concealingprivateandconfidentialdata andinformation.Ithampersandpreventinfringementof privacyandsecuritybyunauthorisedindividualsto theonline financialtransactions(Smith,2004).Encryption is usedto solvethethreatsthat affectcommunicationchannels.Individualconsumersandbusinessescan useprivateorpublickeyencryption to overcomesuchchallenges.

Auditing

Thisisanothersecurityelementthat is designedbyfirmsto maintainan up to daterecordofalltransactionconductedon theinternet. Businessorganisationsusethisin informationto confirmthelegalityof transactionsparticularlyin thesituationwherecustomersclaima falsetransaction.

SecurityConcernsaffectto E-Commerce

Thecoregoalof electroniccommerceactivitiesis to attracttheintereston online-surfers by effectiveadvertisingcampaignsandtransformthem into online buyers.Securityof theonline based businessdealshas beenbrandedas thekeyissuein thedevelopmentandsuccessof e-commerce(Smith,2004).Establishinga systemthat will ensurethattheconfidentiality, integrityandaccessto informationanddata relatingto e-commerce hasimmensebenefitsto both thecustomersandbusinesses.Theseare keysecurityissuesto e-commerce:

ComputerViruses

Theseare among themostcriticalrisksto thesecurityof e-commerce. Theinherentapprehensivesystemof theusers is at perilof virusattack.Withthecurrentsophisticatedtechnological know-howin hardwareandsoftware operations,thenumberof hackers has increaseddramatically andas suchithas becomeeasierto infectwith thesecurityareaof thedigital gadgetwith virusto impairits functioning (Christopher,2015).Alldesignsof operatingsystemsusedby consumersandbusinessesare vulnerableto hackers whohavedevelopedverysophisticatedvirusesthat are difficultto detectandeliminate(Christopher,2015). Someof themostcommonvirusesin thecontemporaryworldincludeIROK, Resume andMelissa,whichcan disruptsystemfunctioning andextractprivatedata from theuser systemwhenconductingbusinessonline (Smith,2004).

TrojanHorses

Theemergenceof hacker instrumentshas influencedonline commercetremendously.Themostwidespreadhacker instrumentincludesNetbus andBO2 k7 that allowa remoteserver to direct,inspectandscreenthedata andinformationandhasthecapacitytotransmitinformationfrom thepersonalcomputertargeted to another(Smith,2004).Theprocessthrough which informationanddata can betransferredfrom one personalcomputerto anothercan be doneusingcommercialinstrumentsuchas theVNC viewer.Theideaof informationanddata transmissionwithout consenthas madeitperplexingto establishtheoriginalityof thetransmitted information.Trojan horsesprogramscan befoundin manysitesforadministratorsto controlthehugenumberof functionalstations(Christopher,2015). Nonetheless,there is a substantialperilof malicioususers to infringeandabusetheseinstrumentsforpersonalselfishgains.

NetworkSniffing

Thisisanotherformof securitythreatin thee-commerce wherebyprivateinformationis stolenby screeningtheexchangeof data andinformationbetween theserver andtheuser orconsumersystem(Christopher,2015). In principle,therequestthat comefrom a givenconsumerto theserver in brokendown into smallerbitsandthenreconstructedto transferitthrough variouschannels.Thesecuritycharacteristicsof thewirelesscentresarenormallydisabledan aspectthat makesitsuitablegroundforhackers to scantheunencrypted trafficcomingfrom thecomputerof theconsumer.

Denialof Service Attack

Commonlyreferredto as theDoS thisisa mechanismby which hackers coercetheserverto usehightech computational resources,superiorto thatof theconsumertransactingononline platformsto processtherequest(Christopher,2015). Thekeygoalof DoS is to infecta consumer’spersonalcomputerorsystemwith a virusto takechargeof its operationsat a giventimeto incapacitatethetargeted server (Smith,2004).In thisway,thehacker strivesto overwhelmthetargetserver with excessiveresourcesthat consumerequestto disintegrateits operations.

Tosolvethemanysecuritythreatsposedby hackers andotherfraudsters businessescreatetwo basiclineof attackto overcomethischallenge,protectionof businesssystemsandnetworkintegrity,andboostingsecurityin tradetransactionbetween firms andcustomers.Manyfirmsopt to usethe firewallto protecttheir software andhardwarefrom attacksby unauthorizedusers. Firewall ensurethataccessto networksis limitedonlyto individualauthorizedto accessit.Manytimeonline transactionsecurityispeggedon theabilityof an organizationto ensureconfidentiality andprivacyof users andprotectionagainst unauthorisedintruders(Christopher,2015). In manycases,thissecurityis under constantthreatfrom monitoring systemsestablishedatthe serveron theotherend.Manyorganizationsovercomethisproblemby usinga rangeof defencesystemsthat may includeencryption anddeployment of switchednetworktopologies (Smith,2004).

Encryptionsystemsensuretransactionarenot modifiedon thewayfromthe customerto theserver andhampertheactivitiesof hackers andanyunauthorisedindividualfrom gettingaccessto theprivateinformation(Smith,2004).Onlyindividualswith theparticularcodeswhichare setby theindividualsin theonline transactioncan accesstheinformation.Majorityof theencryption methodsusedby manyorganizationstodayencompassaspectssuchdigital signaturesandsecretkeysthat protectprivateinformationandensuredataintegrity.Irrespective of thesuccessattainedat theendpointencryption techniqueshas manyloopholesthat can beexploitedby hackers andunauthorisedusers to compromisetransactionsandabuseprivacy.Itis solelydependentuponthesecurityof theendpoint systemswhichare vulnerableto externalandinternalattacks.

Conclusion

E-commerceis a formof businessmodelthat enableslargeandsmallenterprises to conductcommerceon electronicplatformssuchas theinternet. Securityin relationto E-commerce entailsprotectionof informationanddata from unauthorizedindividualsandpreventingthe loss,access,useordestructionof data. Asa resultof therapidimprovementofinformationsystemsanddigital devices,manyorganizationandindividualhavefounditconvenientandaptto conductbusinesson electronicplatforms.Themostunfortunateaspectsisthatthishas comewith a hiddencostofsecuritybreach.In regardsto e-commerce,securityissueshaverevolvedaround programsandhackers that can compromisedataconfidentiality, privacy,integrityandavailability. Someof themostcommonthreatsare Trojan horse,viruses,networksniffing anddenialof serviceattack.Someof themostcommonlyuseddefencesystemsincludefirewalls, antiviruses,encryption, digital signatures,authorization,authentication andauditing. Eventhoughtheseare not totallyimpermeable to hackers andotherintruders,at leasttheyare makinge-commerce possible,andconsumersprivacyanddataintegrityisprotected.

ReferenceList

Christopher, B. 2015. SecurityStrategies.https://msdn.microsoft.com/en-us/library/cc723506.aspxaccessedon 8/4/2015

Hutchings,A 2006. Computersecurity threats faced by small businesses in Australia&lthttp://www.aic.gov.au/publications/current%20series/tandi/421-440/tandi433.html&gtaccessedon 8/4/2015

Khosrow-Pour,M 2004. E-commerce security: Advice from Experts. Hershey, PA:Cyber-Tech Publishing.

Nemati,H. R 2008. Informationsecurity and ethics: concepts, methodologies, tools and applications.Hershey PA, Information Science Reference.

Smith,G. E., 2004. Control and security of e-commerce. Hoboken, NJ: JohnWiley.

Appendices

Diagram1: ThreeEssentialElementsofE-Commerce Security

.