Security Issues for the Internet and the World Wide Web - Softcover

Are Your Corporate Resources at Risk?

Security concerns, including hacker incidents, computer viruses, online theft, and the breaking of encryption schemes, represent the single most important factor information systems (IS) managers cite for delaying Internet adoption. CTR's report, Security Issues for the Internet and the World Wide Web, helps IS managers evaluate what security measures are needed to ensure cost-effective, optimum protection for the corporate network.

The growing trend towards connecting World Wide Web (the Web) servers with corporate databases raises critical security concerns. As corporations move towards electronic commerce, strong transaction security must be in place. In addition to discussing the technological solutions to security problems, the report also explores how corporate policies and procedures must be arranged to ensure users and developers are implementing the needed security practices.

The Importance of Internet and Web Security Concerns

In the past, organizations concerned about Internet security chose to delay connecting to the network, but for many, an Internet connection has become such a high priority that they cannot afford to delay. For numerous organizations, the Internet is a lifeline and a medium for gaining new business. Similar to retaining telephone service, these businesses must have an Internet connection to provide cost-effective global connectivity with business partners and clients. They are also using the Web to reach new clients and to better serve existing customers. In this increasingly common scenario, security concerns must be addressed to enable the Internet connection to work smoothly and without risk to the corporate network.

From firewalls to digital signatures to viruses to encryption, Internet security is a complex area. Further, there is no single product that addresses all the issues. Forethought and planning are needed to decide what level of security is appropriate for an organization and how to effectively implement this security.

Critical Internet and Web Security Technologies Explained

Verifying the identity of users and computer resources is becoming increasingly critical. Companies must know with whom they are dealing, particularly if money is going to change hands. Authentication is the means for verifying individual, computer or even network transmission identities. CTR's report explains how encryption and digital signatures play important roles in authenticating users and messages.

Firewalls are the most well-known Internet security technology. CTR's report examines what types of firewalls exist, evaluates their capabilities and will help information systems (IS) managers determine which type of firewall best suits their organization's requirements.

The report also reviews tools such as security scanners that probe systems for weaknesses, enabling IS managers to strengthen corporate security. Antivirus software is another necessity in a networked environment. Such software must be capable of addressing the most recent threats, including protection against viruses that travel in Microsoft Word documents. These and other important security approaches are described in detail.

When doing business over the Internet, transaction security is paramount. Industry announcements regarding secure protocols for doing business on the Web and payment processing methods are made nearly every week. What technologies and standards exist, and which are likely to be adopted most quickly? From Internet-based Electronic Data Interchange (EDI) to digital cash to credit card processing to electronic checks, CTR's report informs IS managers about the participants in the transaction security market and emerging technologies.

The major platform for doing business on the Internet is the Web. While much discussion takes place about the business potential of this new medium, information on how to secure Web servers is less common. CTR's report explains how to implement proper security and attention to configuration details to ensure that Web servers do not serve confidential corporate information and provide access to the corporate network.