Essay Available:
Pages:
10 pages/≈2750 words
Sources:
31
Style:
Harvard
Subject:
Technology
Type:
Essay
Language:
English (U.K.)
Document:
MS Word
Date:
Total cost:
$ 60.75
Topic:
Major Security Issues in E-commerce
Essay Instructions:
Dear Sir/Madam Please follow these instruction when you making the the assay. The dead line for on the first of May 2016 Best Regards What to submit Research question and Methodology. -Hand in maximum of three A4 pages Management report -Hand in maximum of 2500 word report (in the case of a practical realisation, such as a system design, the expectation word count will be significantly less than this) Detailed specification of work 1.An original question about e-business that would be worth further research -This section is concerned only with defining the problem/.question. -Include a short paragraph that explains why it is interesting and a page of plan / research method that shows how your question could be answered. -Your idea can be interesting for its own sake – pure research. Or it might be useful to a specified organisation – applied research. 2.A report to a senior manager of a real organisation on one of the following (80% of total). Or propose a topic of your own – but get my approval for it before you start work. Clearly identify which option you are answering. Research Method. Lab or Field Studies, Case Studies, Surveys, Grounded Research. Outline Marking Scheme To help you pick a topic suitable for the coursework, first, choose a scenario type from the options below: a. Analysis and critical evaluation of current e-business strategy and activities. (There must already be some significant e-business activity.) - You decide how to carry out the appraisal, using your own selection or those techniques taught on the module. b. Proposal and justification for a systems architecture to support e-business. (The organisation must have little or no significant e-business activity now). - Summarise the applications that are needed. - Outline their interfaces with each other, and any necessary standards. - Explain how the applications differ from current systems. - Identify the benefits and how they will be measured. c. Migration plan to develop e-business capability from scratch. (The organisation must have little or no significant e-business activity now.) - Identify impacts on the organisation and changes to infrastructure. - Identify major benefits, with suggestions for how to measure them. - Identify major risks, with strategies to avoid or minimise them. d. High level design for a completely new e-business application. (Must be relevant to the needs of the organisation and not closely based on any existing system.) - Explain the need and justify the design decisions in a brief report. - Design to include systems architecture, functional requirements, technical interface requirements, data storage requirements and sample user interfaces. - May consist mainly of diagrams and models. e. Proposal and justification for an e-business strategy. (The organisation must have little or no significant e-business activity now.) - Outline the strategy and summarise the main changes expected in the organisation. - Implementation plan should show how the changes will be achieved. - Identify the benefits and explain how they can be measured. Once you have made your choice of topic type, progress to the report, which will contain the following two sections, addressing the specified components in the marking scheme. 1. Research questions will be marked mainly for:- - Originality and interest of the question. - Feasibility of the outline plan / research methodology. 2. The management report will be marked for its:- - Factual basis. - Overall coherence. - Analytical depth, logical argument, critical questioning of others (including published sources). - Originality of thought, synthesis, new ideas and insights
Edit Order
Submit
Choose Files
Additional files
DateFile name
Preferred writer for your order
Essay Sample Content Preview:
Major Security Issues in E-Commerce
Name
Course
Instructor
Date
Explanation and method and research plan
There is concern that the e-commerce platforms are susceptible to fraud and abuse in various ways. Organization increasingly relies on the e-commerce option to improve sales, but fraud increases the risk of financial loss, while the vendor’s perceived honesty and trustworthiness affects relations with customers (Connolly & Bannister, 2007, p. 109). At other times, theft of private and confidential, information has the potential to destroy organizations. This may include the organization’s trade secrets, marketing information and worryingly customer information. Disclosing the confidential information to third parties places the organization at a disadvantage, and in many cases, it is not possible to undo all the damages after a breach of e-commerce security system.
Major retailers have adapted to changes in the market by leveraging the use of e-commerce platforms to improve sales as online shopping is convenient and there is timely delivery (Canadean Company Reports, 2014, p. 23). Tesco has adapted to the public needs, focusing on the bank, super market, manufacturers and entertainment segments besides the retailer section. Despite being successful with e-commerce where shoppers have the option to purchase 24/7, there are security concerns on using e-commerce. For people who do not have the time to walk through the stores, the e-commerce platform provides an opportunity to shop and compare prices. The ability of sellers to connect with the shoppers is vital to creating awareness and reaching out to the potential buyers. Tesco relies on low prices compared to other retailers, with the multi-channel approach being vital to success in the past, but there is increased competition from other retailers (Lwason, 2014). Leveraging e-commerce has the potential to improve the retailer’s outcomes, but online sales are increasingly cannibalising store sales (Askew, 2014).
Even as people increasingly use the internet to shop fewer of the potential buyers prefer to purchase online. There is realization that cyber security threats are greater more than ever before, and require coordinated response from governments and the private sector (Sproule, 2016, p. 73). One of the major reasons for this is that there are security concerns, while even the internet users do not necessarily trust the website information (Zhao, Truell, Alexander, & Woosley, 2011, p. 43). In many cases, stealing information and breach of privacy is undetectable. In any case, electronic eavesdropping increases poses a risk to internet users and organizations using e-commerce as they are not sure about the identity of users.
Management report
Privacy protection
Privacy protection is the primary concern for organizations as they seek to meet customer needs and securing their identity. The risk of identity theft affects the company’s ability to build mutual trust with customers (Chen, & Chang, 2013, p. 356). Security breaches have negatively affected the customers’ perceptions about the retailer, and while legislations have been vital to prosecuting and improving security, it is up to the IT staff to address the concerns (Berendt, Günther, & Spiekermann, 2011, p. 103). Even when Tesco has outsourced data security services, it is the internal staff that is tasked with ensuring the security measures are implemented. Improving privacy not only ensures that there is trustworthiness, but also ensures customer loyalty, since the customers’ belief that their account details are secure influences their decisions to purchase online (Sharma& Lijuan,, 2014, p. 436).
Since the e-commerce strategies increasingly seek to improve privacy protection to improve consumer spending, and trustworthiness. The response of the organization to having the customer information being compromised also influences the purchase decisions to continue using online shopping platforms (Yen, 2011, p. 2920). Consumer privacy is major concern as consumers are likely to be wary because of the belief that the risk of other data breaches is high (Samanta, 2011, p. 222). This also implies that the online users are less open to participate in programs where they provide their personal account details and unlikely to try new offers.
Encryption technology
Even though, encrypting information can help deter potential hacks and data breach, regulations on crypto technology have not identified how the encryption technology can help organizations (Bradbury, 2005, p. 45). The government also desires to have some form of control on encryption technology businesses prefer to have control over customer information even when there are restrictions on owning and utilising such technology. The regulations do not necessarily serve the intended purpose as they also discriminate against businesses that seek to protect customer information using encryption technology. Since Tesco operates beyond the UK the encryption technology regulations in different jurisdictions affects the way the retailer conducts business when using e-commerce platforms. Confidentiality facilitates trust in business dealings since the buyers are satisfied that there is low or no risk to data breach (Kuo-Lun et al, 2011, p. 938).
Security awareness
There is concern that lack of security awareness has been a challenge to expanding use of e-commerce among interested buyers. Even as people know that there are risks and threats to information privacy, they are not well informed when making decisions (Tsohou et al, 2005, p. 40). There is a need for sensitization to avoid the misperceptions that often cloud judgment. At the same time, the risks associated with using the internet for shopping has often been underestimated. The result is that some of the e-commerce users are not careful when accessing the internet and failure to take adequate measures has meant that confidentiality and availability of the data is left unprotected (Zhao, & Zhao, 2012, p. 138). Security is an integral component to the implementation and launch of secure sites, and the IT staff will be concerned with integrating the design of the e-commerce platforms, by taking into account security concerns.
Client software
Even though, the company’s software has been updated and there has been improved security, there is still risk of data breach. The security of the e-commerce platform also depends on the operating system. Attempts to breach are likely to occur when there are no strict physical controls. At other times, the payment and delivery systems are inadequate making it difficult to build trust about online services (Voss et al., 2013). The company has focused on the security of the software, and there is a need to ensure that the operating systems are secure at all times as they host the e-commerce servers. The rationale for this is that the servers accumulate customer information over time, and data breach is unlikely to be detected early on when the configurations are not secure (Hagel, 2014, p. 23). Additionally, the size of the company means that millions of transactions are handled annually, and the risk of hackers compromising server means that data breach are likely to affect many customers where Tesco stores their credit card information.
Server software
Another concern is server software attacks that have increased especially during high shopping seasons. In past attempts to infiltrate the company’s online systems, the company has taken adequate measures to thwart further attacks. However, there is no guarantee that the shoppers are cautious shopping online. Of particular concern is that some of the shoppers sue the same password combinations for different platforms and have not changed their passwords to ensure better security (Buderi, 2005, p. 59). For instance there have been attempts to use diagonal brute forcing where, hackers use past username and password combinations from previous attacks to determine whether these combinations still function (The Met, 2012). The system administrators are also well placed to improve security by understanding how the latest released patches improve security.
Network protocols
There is also need to secure network protocols since they may lack confidentiality capabilities, potentially placing the information system at risk of hacking.
For instance, the POODLE – Padding Oracle on Downgraded Legacy Encryption, which allow hackers to intercept SSL communications between users and the retailer’s website (Chloe, 2015). Since the TLS protocols are still vulnerable, securing the information system needs to be revamped to improve the e-commerce platform. There is concern that Poodle attacks can be launched to access information of past sessions, and this is a gateway to accessing customer information and transaction details (Chloe, 2015).
Network transport security
The network security is closely related to network protocols, and while there are efforts to rely on services of a single vendor rather than multiple vendors there are still security concerns. Partnerships have been vital to improving security from multiple threats, given the retailers ability to standardise the security practices. The departure from past practices where various vendors provided solutions reflects the changing nature of the computer security market. This option needs to be supported more if Tesco is to achieve higher returns on investments. The case for integrating the security solution is that it will be easier to work with higher level protocols for all servers (Brusco, 2011, p. 278). E-commerce transactions are secure when the payment system and network protocols achieve the indeed purpose through secure payment platforms (Abu-Ein, et al, 2012, p. 1869). To ensure that the e-commerce transactions are more secure there will be a review of the security measures in place to determine whether the authentication is strong enough.
Payment protocols and authentication
The payment system is independent of the network protocols, but is equally important to securing data and information. The choice of the payment protocols determines whether the payment scheme is secur...
Get the Whole Paper!
Not exactly what you need?
Do you need a custom essay? Order right now: