E-commerce security is an important managerial and technical issue. E-commerce security is concerned with unauthorized access to important data resources. Some e-commerce threats are controllable, some are partially controllable and some are completely uncontrollable. Some are intentional, while others are made unintentionally.
A comprehensive e-commerce security system protects hardware, software, procedures, customers, personnel and e-commerce resources to keep intruders and hackers at bay.
Moreover, an e-commerce security plan protects data resources, the second most important resource in an organization. The data resources can be an e-mail message, an invoice transferred using electronic data interchange (EDI), the blueprint for a new product design, the outline of new product design, the outline of a new advertising strategy, or financial statements.
Thus, e-commerce security is the protection of e-commerce assets from unauthorized access, use, alteration.
Important Aspects of e-commerce security:-
E-commerce security is broken into three important aspects. These are:
A secret system must not allow information to be disclosed to anyone who is not authorized to access it. In highly secure government agencies (the Department of Defense, Central Intelligence Agency etc.), security ensures that only authorized users are granted access.
In business organizations, confidentiality ensures the protection of private information (payroll, personnel, and corporate data). In the e-commerce world, confidentiality ensures that customers’ data are protected and will be used only for the intended purpose.
Accuracy ensures the integrity of data resources within the organization. This means the security must not allow the data to be corrupted or allow any unauthorized changes to the corporate database. Database administrators and webmasters must establish comprehensive security systems for corporate databases.
Authorized users must be identified and they must be given proper access privileges. In e-commerce transactions, accuracy is probably the most important aspect of a security system.
Availability ensures the efficient and effective operation of an e-commerce site and a computer system. In the e-commerce environment, availability ensures that the virtual storefront is always accessible to authorized users. It should also ensure quick recovery of the system to its normal operation after a disaster.
In many cases, availability is the baseline security need for all authorized users; otherwise, the secrecy and accuracy objectives of the system cannot be properly assessed.