Internet Security

One of the aspects focussed on by the Higgs & Sons Commercial team at their recent internet seminar - Online 09 - relates to the security of your website.

One of the major advantages of the internet as a method of communication is its accessibility. This, however, also leads to risks since despite technological advances in software, the internet is by no means secure.

Security risks can be categorised as external and internal. External risks include hacking - an unconnected third party breaking into your computer's software from outside your system perhaps via the internet. Viruses are self replicating pieces of damaging software which are deliberately attached to innocent software and which, once imported onto your computer may cause the system to crash or destroy hard disk data. They can also can be used to insert other damaging programs such as a "key-logger" which detects keyboard strokes and looks for patterns which may correspond to password or other security information.

Websites can be the victims of fraud, for example when a third party falsely assumes an identity for fraudulent purposes and the interception of email communications or transactions conducted via the internet can also cause confidentiality breaches.

There are a number of ways to protect against such external risks. A firewall is a programme designed to reject unauthorised access to all or part of a computer system, whilst allowing authorised communications. Firewalls are basically a set of rules, for example excluding access or communications from specific sources or containing specific words. They have their limitations as rules can, of course, be circumvented.

Sometimes, a demilitarised zone occurs between private and public areas of a computer network, allowing external users access to public areas only and not to private protected areas.

Information can be encrypted by transforming it into another format to make it unreadable to anyone who does not have the key (or cipher text) to decrypt it. Closed e-commerce may bypass the public telecommunications network altogether. This can be useful when the size or volume of mutual transactions makes it commercially viable to have such a link. The most common example occurs between the banks and their customers who establish a debt factoring relationship - debts are immediately notified to the bank securely via a closed e-commerce link.

There is only one internal risk: your employees!

At the very least you need an internet use policy containing such restrictions as

no downloading of software from the internet. This could contain viruses.
password protection for computer access and restricted and/or password protected access to sensitive data e.g. customer database.
restricted internet access which can be during certain times, or to certain sites only.

You must be able to police your policy to know if it is being followed, or if your system is being abused. In doing so you must pay careful attention to the legislation governing employee monitoring. Tread carefully, and even better, ask us to show you the way!

If you can establish a breach of your policies by your employees, you must act both quickly and firmly. If you are seen not to enforce policy breaches, why should your employees comply with your policies?

For more information about Higgs & Sons' Commercial department please contact Jane Rudge on 01384 342100.

Printer friendly

What Our Clients SayBeyond the ordinary, above expectations

Career OpportunitiesProud of our experience, passionate about your future

Meet the TeamThe difference is our experience, experience our difference