How do I protect my site?
(and customer information)
In
a survey conducted by Ernst & Young, shoppers overwhelmingly reported the reason
they are hesitant to purchase over the Internet was their fear of giving credit
card information online. According to an Ernst & Young senior manager, this
fear is unfounded, and he furthermore says, "The technology exists to make online
commerce as secure as any traditional information exchange. The
real issues here are misperception and education. Retailers that sell or plan
to sell through the Internet have much work to do to change customers' perceptions
of the safety of shopping online if they hope to gain customers' confidence
— and business."
Still, the issue of security remains a major barrier to Internet trade. According to a study by ICSA, a leader in security assurance services for Internet-connected companies, the number of companies that have been attacked by hackers jumped 92 percent from 1997 to 1998 and the losses from security breaches averaged $256,000 and a total of more than $23 million for the 91 businesses surveyed.
Encryption is a method of scrambling data before it is sent so that it is unreadable by unauthorized individuals and it is imperative to all e-commerce transactions. Installing a digital certificate on your web server is the best way to protect you and your visitors. Digital certificates encrypt the data that visitors exchange with your site to keep it safe from interception or tampering using SSL (Secure Socket Layer) technology, the industry-standard method for protecting web communications. To obtain a server certificate for your business, visit Verisign, or for more options on security providers, visit http://backoffice.microsoft.com/securitypartners/default.asp.
Be sure to include a "site privacy statement" on your website which tells your visitors what information you are going to collect from them and what you will do with that information. Sophisticated Internet shoppers may use this statement to make decisions about whether they are willing to do business with you.
To convey your dedication to your customer's privacy, you may want to participate in a ranking program. One example of this is the Better Business Bureau's Online Privacy Program. To qualify, firms must establish, or already have in place, policies and procedures to ensure the privacy of individuals who visit or do business at the firm's website. Part of a firm's obligation is to clearly identify its firm on the website and to publish its privacy policy. To learn more about this program and how your company can obtain such accreditation, visit http://www.bbbonline.org/.
In order to take full advantage of having an e-commerce website and to alleviate any fears your customers may have, be sure to address the issue of security, develop a plan, take appropriate action, and communicate your precaution to your customers.
Related links
http://www.microsoft.com/security/security101.asp
This site contains an introduction to security issues on the Internet.
http://ecommerce.ncsu.edu/topics/security/security.html
At this site, Michael Rappa, North Carolina State University professor, explains various security threats and gives numerous links to articles regarding security on the Internet.
"Guide
to Securing Your Website for Business"
Learn how to increase your competitive edge by having a secure web site.
http://home.netscape.com/security/securesites/ecommerce.html
This site explains security risks and defines digital certificates.
"Encryption
and Digital Certificates"
This white paper summarizes the most common security options, discussing both the key concepts and the core underlying technologies of each.
Back to e-Business Resource Guide homepage
Find a word in the glossary
Contact an SBTDC counselor
Return to the SBTDC homepage