The Threat of Online Security: How Safe is Our Data?

Online security means the prevention of unauthorized access and/or damage to the computer system through online access. So, our online systems should be protected by the online security. Nowadays, there has been improvement in the online securities because of the growth of the technology. However, there are still a lot of threats of online security.

The few examples of the online security threat are:
1) Viruses
Virus is a common cause of computer problems. Most of the virus spread through the online activities such as opening the unknown e-mail or sending through the online system. Some viruses rewrite coding to make software programs unusable, while others scramble or destroy our data. Many viruses spread quickly so they may not be noticed until the damage has already been done. So, our data will be damage or destroy.

2) Hackers
There are two main methods hackers can cause problems to computer systems and our data. They either find a way to enter the system and then change or steal information from the inside, or they attempt to over-whelm the system with information from the outside so that it shuts down. The hackers may enter to our network though an open port, or an Internet connection that remains open. Besides that, they also attempt to appropriate passwords that belong to the users. A lot of hackers are skilled at guessing common password and run programs that locate or capture password information.

3) Phishing
Phishing is one of the most damaging online security threats in recent times. Basically it involves an attempt by a fraudster, to extract confidential information from the innocent victim. Usually, the fraudster will create a clone site that look similar to the web page that the user will enter. For example, the web page of Public Bank e-banking. The fraudster will create a similar web page. Then, the users will access to their account. Once this happen, the fraudster will get the information and can access to the users account. So, the fraudster will illegally transfer the user's fund.

How to safeguard our personal and financial data?

Online activities such as blogging, online banking, E-commerce trading and others have become popular nowadays, therefore, online users increasing form year to year. This leads to identity theft increasing sharply in recent years. Identity theft occurs when someone co-ops your name, social security number, credit card number, or some other piece of your personal information for their own use, either to commit fraud or theft, without your knowledge. There are many ways that criminals can obtain our information. Hence, our privacy may be seriously invaded. Therefore, how to safeguard our personal and financial data?

There are several ways to cope with or reduce the risk of identity theft.

1)Install a firewall

A firewall is a software program designed to allow good people in and keep bad people out. Most new computers come with firewalls integrated into their operating systems. Those who have a DSL or cable modem have an added layer of protection because these modems come with yet another firewall built in. If, however, you hae an older computer or use dial up, you may need to buy a firewall separately and install it yourself.

2)Install spyware protection software

It helps you to completely clean your computer of invasive threats. As a results, your computer will be clean and its performance will be better. Simply put, it will run a lot faster. Additionally, you will have protected your privacy- personal information, financial data,and your financial security will be protected.In the information age, where just one piece of your personal information can ruin your life, protecting your personal privacy while online is of the utmost importance.

3)Avoid accessing financial information in public

Resist logging on to check your bank balance when working from a coffee shop that offers wireless access. These systems are convenient, but also unknown. Casual users have no way of assessing how sturdy their firewalls are.

4)Update your browser
The most popular browsers that being used are Mozilla Firefox and Internet Explorer. Make sure your operating system and web browser are set up properly and updating them on a regular basis which can help to plug up security holes, so make it a habit.



5)Look for "locks"

Those web address start with "https" instead of "http" will provide security before you log on. Besides, a small lock icon in the lower-right corner of the browser window is also a sign of security.

6)Do not open mystery attachments

Never open an attachment, download files or click on a link sent to you by an unknown party. Attachments can contain viruses and links can lead unsuspecting users to dummy sites where they are asked to input financial information.

7)Encrypted e-mail

Encrypted e-mail is scrambled by the sender's program, which renders it unreadable until it is descrambled or "decrypted" by the recipient.Unencrypted e-mail is similar to a postcard - the message can be viewed by anyone who picks it up. Encrypted e-mail is similar to a sealed letter- the content cannot be viewed until the envelope is opened- except in this case the envelope has a lock on it to which only the recipient has a key!

8)Install online financial software

If you use online financial software, you need a password to access your data, so password protection is essentially already built in. Be sure that your online personal finance software provider offers the highest level of security, especially if you must enter actual account numbers. ClearCheckbook is one online personal finance software that does not require account numbers at all.

9)Select strong password

Avoid using words or numbers that other people can easily guess. Using your birthdate or last four digits of your social security number are too obvious to use as passwords or PINs. Strong password should include alphanumeric and minimum 8 digits. For example, use AMUB4075 as your password will be more safer.

Online activities are part of our daily life, however, most casual PC users are unaware of how dangerous the Internet can be. Without the proper knowledge and protection, you could be just a few simple keystrokes and clicks away from having your identity stolen. Therefore, we need make sure that our data are protected besides enjoying the benefits bring by the internet to us. Above are some tips for preventing online identity theft, make use of it will benefit to us.

The application of third party certification programme in Malaysia

Nowadays, E-commerce become popular and many consumer will use the technology to buy and sell things on the internet. But still some of the consumer not dare to use the technology this is because of the security problem that worried for it. For example is that the consumer scared that their personal data will be stolen by third party and use their identity to perform other trnsaction without their acknowledgment.

Verisign Inc. is the trusted provider of Internet infrastructure services for the digital world. Verisign is the leading Secure Sockets Layer in short SSL Certificate Authority enabling secure e-commerce, communications and interactions of Websites, intranets and extranets.

If a web page without security, any mail that send can be access by 3rd party to see the date. But the SSL Certificate will build a private communication channel enabling encrytion of the data during transmission. It will create privacy when the mail is send out. This will enable the customer will trust the website to perform transaction. The pictures below is a prove to the customer that the site is in a secured so that the customer will have more trust to perform transaction in that site.



Each SSL Certificate consists of a public key and a private key. The public key is used to encrypt information and the private key is used to decipher it. When a Web browser points to a secured domain, a Secure Sockets Layer handshake authenticates the server (Web site) and the client (Web browser). An encryption method is established with a unique session key and secure transmission can begin. True 128-bit SSl Certificates enable every site visitor to experience the strongest SSL encryption available to them.

With the application of the security services provided, it will built more trust between the customer and the seller to ensure that the data of both site will not be use or stole by 3rd party to commit fraud and crime. By this it will also encourage more people to trade without use of paper.

Phishing: Examples and its prevention methods

Phishing is an attempt to acquire sensitive information criminally and fraudulently, such as usernames, passwords and credit card details, in an electronic communication. PayPal, eBay and online banks are common targets. Phishing is typically carried out by e-mail or instant messaging and often directs users to enter details at a website.

Chart: Increase in phishing reports from October 2004 to June 2005.

EXAMPLE:

(1) phishing e-mail targeted at eBay users.

Taken from: http://www.comfsm.fm/~dleeling/training/phishing2.html

(2) phishing e-mail, disguised as an official e-mail from a bank.

Taken from: http://en.wikipedia.org/wiki/Image:PhishingTrustedBank.png


(3) phishing e-mail targeted at Paypal users.


Taken from: http://en.wikipedia.org/wiki/Image:Paypal_Phishing.png


(4) phishing e-mail from Citibank.

Taken from: http://www.bankrate.com/brm/news/advice/Phishing-email.asp



PREVENTION METHODS:

It is easy to uncover a crude phishing by the way of when you get an email from a bank that you have never opened an account at, then do not follow the link and enter your personal information. However, if you have an account at the particular bank, it is easier for you to check whether the bank had sent the email for you by calling the particular bank.

Besides that, you must read the message carefully whether there are any errors on it. It is because the errors found can determine whether the message is sent by the particular institution or the phisher.

In addition, you should examine the link that provided in the email. For example, the email could gives you instruction to access to http://banking.about.com/od/securityandsafety/index.htm but if you click the link you will found that you have been directed to a different site. The best way to prevent this is to copy and paste the link to your address bar. However, you can still get tricked by URL’s that look legitimate but have one or two letters switched.

The best way to avoid phishing is to use your best judgment. No financial institution with any sense will email you and ask you to input all of your sensitive information through online. In fact, most institutions will inform their customers that “We will never ask you for your personal information via phone or email”.

How Ecommerce reduce cycle of time, improve employment powerment and facilitate better customer service

With the blooming of technology and requirement from customer for an organization to meet, E-commerce to be introduce. E-commerce was defined as a process of buying, selling, transferring or exchanging products, service and or information via computer networks including the Internet.

Cycle time is the amount of time it takes to complete a process. In business perspective, it refers to length of time between customer place order and time that take place to delivery to customer. With help of E-commerce, it can help organization reduce cycle time with their customers and suppliers. For example, if the company stock level is low, the company can just send an email to the supplier and the supplier can deliver the goods to the company in time.

Employee empowerment is a strategy and philosophy that enables employees to make decision in their job. By the use of E-commerce, it can assign lesser employee to handle the task. By that, employee has more power to made decision in their work and will be more motivate for their work. It will also helps employees own their work and take responsibility for their results.

With the common use of computer and internet, most of the household will have personal computer and most of the consumer know how to use internet. By this the company will design their own website to facilitate their customer rather than visit to their store. This is because nowadays most of the consumer busy for their job and do not have the time to visit their store. So by E-commerce will facilitate the customer a lot by buy things online.

E-commerce will benefit the company not only reduce cycle of time, improve employee empowerment and facilitate customer support. It finally will benefit the company by increasing the sales and reduce cost for the company.

An example of E-commerce failure and its causes

Dell Computer Corporation is one of the largest firms consisting of approximately 30,000 employees. There are located throughout the United States, containing high top quality supplies and security services. In order for a large company like Dell to grow with all the competitors in the industry, the organization must be willing to take chances, to expand the corporation. However, the risk a company chooses to take can either be detrimental or beneficial. Dell's success over the years has caused concern for the future of the young company. Dell's business-to-business( B2B) exchange failed for a number of reasons.

1) Lack of insight in the research and development area
A lack of knowledge in this area proved to be detrimental because the company was unprepared for the lack of cooperation that other business showed in this new idea. Dell;s strong name and recognition may have worked against it, causing the company to be viewed as purely a computer manufacturer rather than a site also for alternative business products.

2) Recklessly jumped into B2B market
Dell set up a B2B marketplace hoping to allow online consumer sales to flourish. However, the computer industry is extremely competitive with several B2B exchanges taking place on the Web, only the strongest will survive. The computer maker closed the B2B exchange because of a lack of demand and unwillingness of customers to participate.

3) Dell gave up too early in the game
Beginning the business in October 2000 and ending in January 2001 gave them only a short time frame to produce a profit. If the business allowed more time to prove itself, it might have been able to salvage some of its profits as they should have focused on showing consumers that they are not just a PC firm.

4) Dell's choice of suppliers
Dell's suppliers include 3M, Motorola, and Pitney Bowes. They are second-rate firms compared to companiessuch as Compaq, Hewlett-Packard and Gateway. These three firms joined forces and formed an Internet-based exchange and had advantage over Dell.

5) Difficult in choosing best fit match in business world
Maybe if Dell incorporated smaller companies, they would have had more support and the potential for a larger growth. On the other hand, if they were to select a well-known firm, closely related to the computer industry, it could have provided consumers with a high degree of reassurance.

6) Dell was "caught up in hype"
There is no such thing as "easy money" and with all the competition within the computer industry. Dell should have thoroughly researched the positive and negative effects the corporation could receive. However, Dell recklessly jumped into this market and as a result failed after four months.

Luckily Dell is a strong company and was able to survive after the loss. With the future of the B2B commerce looking very bright, it would be a good idea for Dell to continue on this project with an optimistic outlook.