Possible consequences of not testing:
· Viruses
· Lose customers
· Bad reputation
· Lose data
· Hack into system
· Time and money to put right.
Student loans not tested properly.
-Describe the problem.
Student loans are not being received in time for the new term due to ‘slow processing and crashes’ on the company’s computers.
- What were the consequences to the company and the customers due to this problem?
“But with 100,000 late applications expected to follow next week's A-level results, this could leave many students starting university without money.
Course fees, rent, travel, books, food and other necessities will have to be paid for.”
Students have to begin University courses without the money needed for basic things such as travel, books, food and accommodation. It also means that the courses they are taking may not be paid for. This may lead to problems not only for the students, but for the Universities too.
This can easily lead to the company getting a poor reputation.
- How could testing have prevented this?
If the computers had been checked more thoroughly then the problem could have been detected in test conditions and could have been resolved without affecting the company or society.
Monday 18 February 2008
-What is testing?
Testing is checking that all parts of a system or product work to ensure that as many problems as possible are avoided.
-Why is it important?
It is important to avoid viruses, hackers, losing data, losing customers, losing time and money and getting a poor reputation.
-Give 2 possible consequences to a company of not testing.
Possible consequences of a company not testing are slow processing and computer crashes.
-Give 2 reasons why it is important to have a test plan.
It is important to have test plan incase someone testing leaves the company. Therefore their work has not gone to waste, and the new employee can pick up where they left off. It is also proof that it has been tested.
Wednesday 30 January 2008
Applied ICT Data Security Report plan:
What is E-Commerce?
E-Commerce is the process through which goods or services are purchased from a transactional website (the online provider of the goods or services).
The website takes the personal details and payment details of the customer and uses them to provide a pre-paid product or service from the company to the customer. They are also used for security, financial and advertising purposes.
When shopping online, you are more susceptible to threats than you are when you are shopping in person; this is because you have to give your personal details via the internet. If you are purchasing something in a shop using a credit/ debit card you do not need to give any details, you simply enter your pin/ sign. However, when using e-commerce you have to give your name, address, email address, phone number and payment details. This is not a problem when using a reliable website and computer; however it is not always easy to tell which websites are reliable due to the increasing number of people who use the internet for fraud. Also, a website may be reliable but your computer may not be as there are many threats to data security for e-customers:
· Computer virus’ are a piece of a code that is secretly put into a system, usually in hidden programs or documents and when opened corrupts or destroys data.
· Hackers are people who are highly skilled in computing and use these skills to gain unauthorized access to systems with poor intentions.
· Spy ware is software which secretly gathers information from your computer whilst they use the internet. It is often installed without the user’s knowledge or permission through a free download. It performs actions such as creating pop-ups, hi-jacks web pages and redirects browsing results.
Why is E- Commerce more susceptible to threats than normal commerce?
Having to give more details than you would normally give in a shop-
If buying a top in a clothes shop you would not need to give personal details, however when shopping online you have to- increasing risk of credit card fraud as may not be a reliable website.
What information has the customer given to the website?
Name.
Address.
Email address.
Phones number- mobile and home.
Payment details.
What are the threats to Data Security for E-Commerce?
1. Computer virus’ are a piece of a code that is secretly put into a system, usually in hidden programs or documents and when opened corrupts or destroys data. To help prevent virus’ you can purchase antivirus software. It can stop you accessing infected files, cleans infected files or systems and informing the user than an infected program was detected
2. Hackers are people who are highly skilled in computing and use these skills to gain unauthorized access to systems with poor intentions. If a hacker accesses a company’s files, depending on how skilled they are, and which software they have, they can steal and misuse personal details. The best way to avoid hackers is to use reliable websites and software and create sensible passwords.
3. Spy ware is software which secretly gathers information from your computer whilst they use the internet. It is often installed without the user’s knowledge or permission through a free download. It performs actions such as creating pop-ups, hi-jacks web pages and redirects browsing results.
4. Hardware failure can lead to many problems. If a computer breaks, then there must be a great amount of trust between a company and the repairers, as skilled employees of the repair company could read all the information on the hard drive. When bringing employees in to an establishment to work with computers they could store files on a memory device without you knowing, possibly even customer’s credit card details, therefore it is very important to use reliable companies. Also, if a firewall breaks down then trafficking can flow through and cause hackers to access your computers.
5. Human error
6. Dishonest employees are a large threat to companies. If an employee is skilled enough they may be able to access important files within the company and use them with malicious intentions. With the extensive range of storage devices available, it makes it possible for employees to store whole databases on a USB pen for instance.
7. Natural disasters can cause huge amounts of data to be lost, for example if a company building burns to the ground then all of the information stored on the computers would be lost.
8. Theft is an easy way for data to fall into the wrong hands. If the data is not secure the stolen computers can be used to gain personal details. This is worrying for companies as someone who lacks enough morals to steal a computer is likely to not see the harm in using the stolen information.
9. Terrorism is “the calculated use of violence (or threat of violence) against civilians in order to attain goals that are political or religious or ideological in nature; this is done through intimidation or coercion or instilling fear”- www.thefreedictionary.com
Terrorism poses a threat for data security when data falls into the wrong hands. For example, if a terrorist got hold of the credit card details stored by a company of all their customers then they could threaten to release them as a form of blackmail.
What are the preventative methods for these threats?
1. Risk analysis
2. Passwords
3. Access levels
4. Backup
5. Anti virus measures
6. Training
7. Firewalls
firewallA security solution which segregates one portion of a network from another portion, allowing only authorized network traffic to pass through according to traffic filtering rules.
http://www.microsoft.com/security/glossary.mspx
8. Secure Electronic Transactions (SET)
9. Encryption
10. Physical security
Describe the legislation that the business should be aware of:
How effective are these pieces of legislation?
Overall conclusions:
Is data secure on this website – yes:
Is data insecure on this website – no:
Overall conclusion:
Macintosh HD:Users:mhighmore:Documents:Report plan y12.docx Created on 21/01/2008 13:33
What is E-Commerce?
E-Commerce is the process through which goods or services are purchased from a transactional website (the online provider of the goods or services).
The website takes the personal details and payment details of the customer and uses them to provide a pre-paid product or service from the company to the customer. They are also used for security, financial and advertising purposes.
When shopping online, you are more susceptible to threats than you are when you are shopping in person; this is because you have to give your personal details via the internet. If you are purchasing something in a shop using a credit/ debit card you do not need to give any details, you simply enter your pin/ sign. However, when using e-commerce you have to give your name, address, email address, phone number and payment details. This is not a problem when using a reliable website and computer; however it is not always easy to tell which websites are reliable due to the increasing number of people who use the internet for fraud. Also, a website may be reliable but your computer may not be as there are many threats to data security for e-customers:
· Computer virus’ are a piece of a code that is secretly put into a system, usually in hidden programs or documents and when opened corrupts or destroys data.
· Hackers are people who are highly skilled in computing and use these skills to gain unauthorized access to systems with poor intentions.
· Spy ware is software which secretly gathers information from your computer whilst they use the internet. It is often installed without the user’s knowledge or permission through a free download. It performs actions such as creating pop-ups, hi-jacks web pages and redirects browsing results.
Why is E- Commerce more susceptible to threats than normal commerce?
Having to give more details than you would normally give in a shop-
If buying a top in a clothes shop you would not need to give personal details, however when shopping online you have to- increasing risk of credit card fraud as may not be a reliable website.
What information has the customer given to the website?
Name.
Address.
Email address.
Phones number- mobile and home.
Payment details.
What are the threats to Data Security for E-Commerce?
1. Computer virus’ are a piece of a code that is secretly put into a system, usually in hidden programs or documents and when opened corrupts or destroys data. To help prevent virus’ you can purchase antivirus software. It can stop you accessing infected files, cleans infected files or systems and informing the user than an infected program was detected
2. Hackers are people who are highly skilled in computing and use these skills to gain unauthorized access to systems with poor intentions. If a hacker accesses a company’s files, depending on how skilled they are, and which software they have, they can steal and misuse personal details. The best way to avoid hackers is to use reliable websites and software and create sensible passwords.
3. Spy ware is software which secretly gathers information from your computer whilst they use the internet. It is often installed without the user’s knowledge or permission through a free download. It performs actions such as creating pop-ups, hi-jacks web pages and redirects browsing results.
4. Hardware failure can lead to many problems. If a computer breaks, then there must be a great amount of trust between a company and the repairers, as skilled employees of the repair company could read all the information on the hard drive. When bringing employees in to an establishment to work with computers they could store files on a memory device without you knowing, possibly even customer’s credit card details, therefore it is very important to use reliable companies. Also, if a firewall breaks down then trafficking can flow through and cause hackers to access your computers.
5. Human error
6. Dishonest employees are a large threat to companies. If an employee is skilled enough they may be able to access important files within the company and use them with malicious intentions. With the extensive range of storage devices available, it makes it possible for employees to store whole databases on a USB pen for instance.
7. Natural disasters can cause huge amounts of data to be lost, for example if a company building burns to the ground then all of the information stored on the computers would be lost.
8. Theft is an easy way for data to fall into the wrong hands. If the data is not secure the stolen computers can be used to gain personal details. This is worrying for companies as someone who lacks enough morals to steal a computer is likely to not see the harm in using the stolen information.
9. Terrorism is “the calculated use of violence (or threat of violence) against civilians in order to attain goals that are political or religious or ideological in nature; this is done through intimidation or coercion or instilling fear”- www.thefreedictionary.com
Terrorism poses a threat for data security when data falls into the wrong hands. For example, if a terrorist got hold of the credit card details stored by a company of all their customers then they could threaten to release them as a form of blackmail.
What are the preventative methods for these threats?
1. Risk analysis
2. Passwords
3. Access levels
4. Backup
5. Anti virus measures
6. Training
7. Firewalls
firewallA security solution which segregates one portion of a network from another portion, allowing only authorized network traffic to pass through according to traffic filtering rules.
http://www.microsoft.com/security/glossary.mspx
8. Secure Electronic Transactions (SET)
9. Encryption
10. Physical security
Describe the legislation that the business should be aware of:
How effective are these pieces of legislation?
Overall conclusions:
Is data secure on this website – yes:
Is data insecure on this website – no:
Overall conclusion:
Macintosh HD:Users:mhighmore:Documents:Report plan y12.docx Created on 21/01/2008 13:33
Tuesday 29 January 2008
E-Commerce is the process through which goods or services are purchased from a transactional website (the online provider of the goods or services).
The website takes the personal details and payment details of the customer and uses them to provide a pre-paid product or service from the company to the customer. They are also used for security, financial and advertising purposes.
When shopping online, you are more susceptible to threats than you are when you are shopping in person; this is because you have to give your personal details via the internet. If you are purchasing something in a shop using a credit/ debit card you do not need to give any details, you simply enter your pin/ sign. However, when using e-commerce you have to give your name, address, email address, phone number and payment details. This is not a problem when using a reliable website and computer; however it is not always easy to tell which websites are reliable due to the increasing number of people who use the internet for fraud. Also, a website may be reliable but your computer may not be as there are many threats to data security for e-customers:
· Computer virus’ are a piece of a code that is secretly put into a system, usually in hidden programs or documents and when opened corrupts or destroys data.
· Hackers are people who are highly skilled in computing and use these skills to gain unauthorized access to systems with poor intentions.
· Spy ware is software which secretly gathers information from your computer whilst they use the internet. It is often installed without the user’s knowledge or permission through a free download. It performs actions such as creating pop-ups, hi-jacks web pages and redirects browsing results.
Hardware failure can lead to many problems. If a computer breaks, then there must be a great amount of trust between a company and the repairers, as skilled employees of the repair company could read all the information on the hard drive. When bringing employees in to an establishment to work with computers they could store files on a memory device without you knowing, possibly even customer’s credit card details, therefore it is very important to use reliable companies. Also, if a firewall breaks down then trafficking can flow through and cause hackers to access your computers.
Dishonest employees are a large threat to companies. If an employee is skilled enough they may be able to access important files within the company and use them with malicious intentions.
The website takes the personal details and payment details of the customer and uses them to provide a pre-paid product or service from the company to the customer. They are also used for security, financial and advertising purposes.
When shopping online, you are more susceptible to threats than you are when you are shopping in person; this is because you have to give your personal details via the internet. If you are purchasing something in a shop using a credit/ debit card you do not need to give any details, you simply enter your pin/ sign. However, when using e-commerce you have to give your name, address, email address, phone number and payment details. This is not a problem when using a reliable website and computer; however it is not always easy to tell which websites are reliable due to the increasing number of people who use the internet for fraud. Also, a website may be reliable but your computer may not be as there are many threats to data security for e-customers:
· Computer virus’ are a piece of a code that is secretly put into a system, usually in hidden programs or documents and when opened corrupts or destroys data.
· Hackers are people who are highly skilled in computing and use these skills to gain unauthorized access to systems with poor intentions.
· Spy ware is software which secretly gathers information from your computer whilst they use the internet. It is often installed without the user’s knowledge or permission through a free download. It performs actions such as creating pop-ups, hi-jacks web pages and redirects browsing results.
Hardware failure can lead to many problems. If a computer breaks, then there must be a great amount of trust between a company and the repairers, as skilled employees of the repair company could read all the information on the hard drive. When bringing employees in to an establishment to work with computers they could store files on a memory device without you knowing, possibly even customer’s credit card details, therefore it is very important to use reliable companies. Also, if a firewall breaks down then trafficking can flow through and cause hackers to access your computers.
Dishonest employees are a large threat to companies. If an employee is skilled enough they may be able to access important files within the company and use them with malicious intentions.
Tuesday 8 January 2008
Explain what Back Office Processes are and why your organisation needs them
Accounting, record keeping of clients orders, stock control and the management of the public facing web site.
Needed to ensure the smooth ordering, payment and reporting of transactions on the website.
What processes are involved in Stock Control? What is at the centre of this type of system?
A database is at the centre to ensure there is always the stock in store that the website says.
Explain what ASPs, and how it can update a database.
Active Server Pages- the code contained in the webpage to allow the database to be read and updated.
It changes the amount in stock as they are purchased.
How do organisations maintain the virtual shopping basket for a customer, what processes are involved?
Items are added
Prices are totalled
Stock is reserved so not sold twice
Items can be removed
Delivery costs may be added.
Draw an example flowchart for your organisation to illustrate these processes.
P143, Explain briefly the difference between, HTTP authentication, and cookie identification.
HTTP authentication produces the familiar login/password browser sequence.
Cookies identification can be placed on the customer’s computer but are typically set using an HTML form and Common Gateway Interface (CGI) script. Many users, due to privacy concerns, often view cookies with suspicion and they may reject them.
What advantage do cookies have over HTTP authentication?
What is a cookie? Why does a transactional website need them? See page 153 for more info + wikipedia has some good starting points here.
Cookies are small text files that are stored on the user’s hard disk by the web serve. They contain information about the user, normally in the form of an identification number. When the user visits the website again, the cookie is read. The website can then access a database of cookie information to look up the user’s identity. Other info might also be recorded such as the number of visits to the website or the items looked at. Transactional websites need them because the record users preferences or activities when visiting their site. It can contain data such as which pages are visited and how often visits are made. It is useful for marketing purposes as well as for changing the user’s experience of the website according to previous activity.
P144, why is it useful to get a customer to log in the website? Do the activity.
If a customer logs in they may be tracked anonymously by using a random number sent in a cookie. Other tables in the database will track the customer’s actions. The best way of tracking customers of course is to make the customer log in. Once a customer is monitored in, the session can be monitored in much more detail. Actions can trigger data being written to the database. This information can be used in a variety of ways. Loyal customers can be rewarded by special offers.
Activity:
The tables which I think would e involved in tracking customers’ actions.
Wishlist
Visits
Rentals
Paryments
Orders
Customers
Creditcards
At what point is HTTPS encryption used? Why?
When using a credit card to pay. It secures your details when entering for the first time, or if an unauthorised person accesses the database.
Why is this method safe even if some one intercepts the data travelling the the website?
It is safe because the information is encrypted.
P145, Explain why a stolen card is unlikely to be used for online shopping.
Because organisations also have links to the card issuers using the internet. They will have a merchant number and an account with the credit card firm. The transactional website will be able to connect to the card provider and check the details on the credit card. To cut down on the possibility of goods being ordered with a stolen card, the address details will normally be checked and first time orders must always be delivered to the address held by the card company.
What is stock control? How are stock reorders managed by computer?
Sotck control is all the processes involved in ordering, storing and selling goods.
A websites stock control system runs on a computer system. The objective is to make sure that there is always enough stock to meet demand, but too much stock will tie up money that could be used for other purposes in the business.
P146, List the processes involved in Despatch and Delivery of goods.
The customer logs on, selects good(s), check that are in stock, order confirmed, customer logs out, the details and credit card is checked, amend stock database, print despatch note and pick goods, arrange dispatch of goods.
Draw your own version of the diagrams on pages 146-7 for your own organisation.
Accounting, record keeping of clients orders, stock control and the management of the public facing web site.
Needed to ensure the smooth ordering, payment and reporting of transactions on the website.
What processes are involved in Stock Control? What is at the centre of this type of system?
A database is at the centre to ensure there is always the stock in store that the website says.
Explain what ASPs, and how it can update a database.
Active Server Pages- the code contained in the webpage to allow the database to be read and updated.
It changes the amount in stock as they are purchased.
How do organisations maintain the virtual shopping basket for a customer, what processes are involved?
Items are added
Prices are totalled
Stock is reserved so not sold twice
Items can be removed
Delivery costs may be added.
Draw an example flowchart for your organisation to illustrate these processes.
P143, Explain briefly the difference between, HTTP authentication, and cookie identification.
HTTP authentication produces the familiar login/password browser sequence.
Cookies identification can be placed on the customer’s computer but are typically set using an HTML form and Common Gateway Interface (CGI) script. Many users, due to privacy concerns, often view cookies with suspicion and they may reject them.
What advantage do cookies have over HTTP authentication?
What is a cookie? Why does a transactional website need them? See page 153 for more info + wikipedia has some good starting points here.
Cookies are small text files that are stored on the user’s hard disk by the web serve. They contain information about the user, normally in the form of an identification number. When the user visits the website again, the cookie is read. The website can then access a database of cookie information to look up the user’s identity. Other info might also be recorded such as the number of visits to the website or the items looked at. Transactional websites need them because the record users preferences or activities when visiting their site. It can contain data such as which pages are visited and how often visits are made. It is useful for marketing purposes as well as for changing the user’s experience of the website according to previous activity.
P144, why is it useful to get a customer to log in the website? Do the activity.
If a customer logs in they may be tracked anonymously by using a random number sent in a cookie. Other tables in the database will track the customer’s actions. The best way of tracking customers of course is to make the customer log in. Once a customer is monitored in, the session can be monitored in much more detail. Actions can trigger data being written to the database. This information can be used in a variety of ways. Loyal customers can be rewarded by special offers.
Activity:
The tables which I think would e involved in tracking customers’ actions.
Wishlist
Visits
Rentals
Paryments
Orders
Customers
Creditcards
At what point is HTTPS encryption used? Why?
When using a credit card to pay. It secures your details when entering for the first time, or if an unauthorised person accesses the database.
Why is this method safe even if some one intercepts the data travelling the the website?
It is safe because the information is encrypted.
P145, Explain why a stolen card is unlikely to be used for online shopping.
Because organisations also have links to the card issuers using the internet. They will have a merchant number and an account with the credit card firm. The transactional website will be able to connect to the card provider and check the details on the credit card. To cut down on the possibility of goods being ordered with a stolen card, the address details will normally be checked and first time orders must always be delivered to the address held by the card company.
What is stock control? How are stock reorders managed by computer?
Sotck control is all the processes involved in ordering, storing and selling goods.
A websites stock control system runs on a computer system. The objective is to make sure that there is always enough stock to meet demand, but too much stock will tie up money that could be used for other purposes in the business.
P146, List the processes involved in Despatch and Delivery of goods.
The customer logs on, selects good(s), check that are in stock, order confirmed, customer logs out, the details and credit card is checked, amend stock database, print despatch note and pick goods, arrange dispatch of goods.
Draw your own version of the diagrams on pages 146-7 for your own organisation.
Monday 7 January 2008
- Explain what Back Office Processes are and why your organisation needs them
Accounting, record keeping of clients orders, stock control and the management of the public facing web site.
Needed to ensure the smooth ordering, payment and reporting of transactions on the website.
- What processes are involved in Stock Control? What is at the centre of this type of system?
A database is at the centre to ensure there is always the stock in store that the website says.
- Explain what ASPs, and how it can update a database.
Active Server Pages- the code contained in the webpage to allow the database to be read and updated.
It changes the amount in stock as they are purchased.
- How do organisations maintain the virtual shopping basket for a customer, what processes are involved?
Items are added
Prices are totalled
Stock is reserved so not sold twice
Items can be removed
Delivery costs may be added.
- Draw an example flowchart for your organisation to illustrate these processes.
- P143, Explain briefly the difference between, HTTP authentication, and cookie identification.
HTTP authentication produces the familiar login/password browser sequence.
Cookies identification can be placed on the customer’s computer but are typically set using an HTML form and Common Gateway Interface (CGI) script. Many users, due to privacy concerns, often view cookies with suspicion and they may reject them.
Monday 17 December 2007
Subscribe to:
Posts (Atom)