Download presentation
Presentation is loading. Please wait.
Published byTamsin Clarke Modified over 9 years ago
2
Internet Security for Small & Medium Business Week 6 http://www.noie.gov.au/publications/NOIE/trust/Foreword/index.htm
3
Internet technologies –valuable tool in improving the efficiency and profitability of their businesses. The aim of Trusting the Internet –helping Australian small and medium businesses understand the key issues of Internet security –browsing a website, sending emails, conducting, e- commerce transactions, dealing with government agencies online and conducting e-business activities. –the first component for accelerate the uptake of e- commerce
4
Why do I need e-security? www.noie.gov.au/publications/NOIE/trust/Chap1/index.htm The potential of the Internet –Email and World Wide Web –500 million people being connected to the Internet –The benefit of doing business over the Internet Increased potential costumer base, Reduced paperwork and administration, Reduced time to receive orders, supply goods and make and receive payments, and Access to great range of supplies
5
–You may consider E-banking E-shopping E-tailing Sending and receiving orders to and from partners Loading your tax return or business activity statements or conducting other transactions with government agencies.
6
Why security is an issue on the Internet? –The Internet carrying risk –By FBI last year, more than 1 million credit card numbers stolen via the Internet –Information transmitted over Internet can be intercepted at any point Overview of security needed –Businesses need to consider The basic applications such as email How to go about buying and selling online How to protect computer system and The legal issues surrounding e-business.
7
E-security technologies Four basic security principles –Authenticity –Security –Non-repudiation –Privacy or confidentiality
8
Authentication technologies –Authentication technoligies rely on Something you know Something you possess Something you are a unique physical quality –Password systems for authenticating identities and communications: Secure sockets layer (SSL) technologies Public key infrastructure (PKI) Virtual private network (VPN) Secure managed services
9
Secure access Secure connection Secure interconnection PKI in action Secure personal connection (PGP) Secure networking (VPNs) Secure managed services E-security and the real world Choosing the right option
10
The pyramid of Authentication Technologies. PKI Plus Biometrics Digital Signature Certificate - PKI Digital Signature Certificate - PGP Passwords + SSL Password / Tokens High level of security offered. For highly valued information Lower level of security offered. For less valuable information
11
How to send email securely? Email network Web-based Email server Intranet Email server Mail Server Mail Server Mail Server Email Users
12
Secure Web email –Web-based email service is a sensible choice Dedicated email encryption –Use public key and PGP Secure email gateways Secure email versus postal mail –Secure envelope –Inside being signed and authenticated
13
How to conduct secure transaction online? SSL and e-commerce SSL limitation –Data transmitted using SSL –SSL offering strong authentication –A secure envelope –A guarantee to your destination –Signature on envelope
14
How to deal with other e-security threats? Viruses Hacking Denials of services Dumping Port scanning and sniffing Method of protection - firewall
15
Securing your own PC –file sharing –browser security The importance of the real world security –ensure your workplace IT equipment is stored in a secure and lockable location –Keeping up-to-data logs of all equipment.
16
Privacy - important issue for e-security The privacy act and e-security Website privacy policies Cookies and Web bugs Monitoring stuff online
17
Laws applying to e-business Electronic Transaction Act 1999 (ETA) –giving information in writing –providing a signature –producing a document in material form and –recording or retaining information
18
Privacy Amendment (Private Sector) Act 2000 –Choose to `opt-in’ valuntarily –Trade in personal information –Provide a heath service and hold health information or –provide contractual services to the Commonwealth Cybercrime Act 2001
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.