Applied ICT Data Security Report plan:
What is E-Commerce?
E-Commerce is the process through which goods or services are purchased from a transactional website (the online provider of the goods or services).
The website takes the personal details and payment details of the customer and uses them to provide a pre-paid product or service from the company to the customer. They are also used for security, financial and advertising purposes.
When shopping online, you are more susceptible to threats than you are when you are shopping in person; this is because you have to give your personal details via the internet. If you are purchasing something in a shop using a credit/ debit card you do not need to give any details, you simply enter your pin/ sign. However, when using e-commerce you have to give your name, address, email address, phone number and payment details. This is not a problem when using a reliable website and computer; however it is not always easy to tell which websites are reliable due to the increasing number of people who use the internet for fraud. Also, a website may be reliable but your computer may not be as there are many threats to data security for e-customers:
· Computer virus’ are a piece of a code that is secretly put into a system, usually in hidden programs or documents and when opened corrupts or destroys data.
· Hackers are people who are highly skilled in computing and use these skills to gain unauthorized access to systems with poor intentions.
· Spy ware is software which secretly gathers information from your computer whilst they use the internet. It is often installed without the user’s knowledge or permission through a free download. It performs actions such as creating pop-ups, hi-jacks web pages and redirects browsing results.

Why is E- Commerce more susceptible to threats than normal commerce?
Having to give more details than you would normally give in a shop-
If buying a top in a clothes shop you would not need to give personal details, however when shopping online you have to- increasing risk of credit card fraud as may not be a reliable website.
What information has the customer given to the website?
Name.
Address.
Email address.
Phones number- mobile and home.
Payment details.
What are the threats to Data Security for E-Commerce?
1. Computer virus’ are a piece of a code that is secretly put into a system, usually in hidden programs or documents and when opened corrupts or destroys data. To help prevent virus’ you can purchase antivirus software. It can stop you accessing infected files, cleans infected files or systems and informing the user than an infected program was detected
2. Hackers are people who are highly skilled in computing and use these skills to gain unauthorized access to systems with poor intentions. If a hacker accesses a company’s files, depending on how skilled they are, and which software they have, they can steal and misuse personal details. The best way to avoid hackers is to use reliable websites and software and create sensible passwords.

3. Spy ware is software which secretly gathers information from your computer whilst they use the internet. It is often installed without the user’s knowledge or permission through a free download. It performs actions such as creating pop-ups, hi-jacks web pages and redirects browsing results.
4. Hardware failure can lead to many problems. If a computer breaks, then there must be a great amount of trust between a company and the repairers, as skilled employees of the repair company could read all the information on the hard drive. When bringing employees in to an establishment to work with computers they could store files on a memory device without you knowing, possibly even customer’s credit card details, therefore it is very important to use reliable companies. Also, if a firewall breaks down then trafficking can flow through and cause hackers to access your computers.
5. Human error
6. Dishonest employees are a large threat to companies. If an employee is skilled enough they may be able to access important files within the company and use them with malicious intentions. With the extensive range of storage devices available, it makes it possible for employees to store whole databases on a USB pen for instance.
7. Natural disasters can cause huge amounts of data to be lost, for example if a company building burns to the ground then all of the information stored on the computers would be lost.
8. Theft is an easy way for data to fall into the wrong hands. If the data is not secure the stolen computers can be used to gain personal details. This is worrying for companies as someone who lacks enough morals to steal a computer is likely to not see the harm in using the stolen information.
9. Terrorism is “the calculated use of violence (or threat of violence) against civilians in order to attain goals that are political or religious or ideological in nature; this is done through intimidation or coercion or instilling fear”- www.thefreedictionary.com
Terrorism poses a threat for data security when data falls into the wrong hands. For example, if a terrorist got hold of the credit card details stored by a company of all their customers then they could threaten to release them as a form of blackmail.
What are the preventative methods for these threats?
1. Risk analysis
2. Passwords
3. Access levels
4. Backup
5. Anti virus measures
6. Training
7. Firewalls
firewallA security solution which segregates one portion of a network from another portion, allowing only authorized network traffic to pass through according to traffic filtering rules.
http://www.microsoft.com/security/glossary.mspx
8. Secure Electronic Transactions (SET)
9. Encryption
10. Physical security

Describe the legislation that the business should be aware of:

How effective are these pieces of legislation?

Overall conclusions:
Is data secure on this website – yes:

Is data insecure on this website – no:
Overall conclusion:

Macintosh HD:Users:mhighmore:Documents:Report plan y12.docx Created on 21/01/2008 13:33