Eight ways to bug-proof your e-commerce system

[February 6th 2001]

E-business brings new opportunities, as well as new perils. By implementing sound loss-control measures, you can manage the risks and protect your e-business.

So what exactly can you do to minimize the risk of security breaches in your company? Start by strengthening software firewalls and boosting anti-virus software to thwart hackers and help prevent system infiltration. But keep in mind that neither firewalls nor anti-virus software packages are foolproof.

The Bureau of Business Practice, publishers of CPA Technology & Internet Advisor, recommends that you implement a loss-control approach to avoid security breaches in your e-business. Here are eight risk management tips to follow:

1. Don't depend solely on firewalls. Firewalls help thwart external threats, but the integrity of your e-commerce system can also be jeopardized from inside your organization -- by a disgruntled employee, for example.

2. Design security into your e-commerce strategy. Security as an afterthought maximizes the odds of key system gaps.

3. Install systems capable of handling volume spikes. Boosting your traffic capacity makes your site less vulnerable to hackers attempting to flood it and shut it down.

4. Constantly probe for system weaknesses. Consider hiring friendly hackers to see how easy or difficult it is to infiltrate your computer system.

5. Create centralized responsibility for assessing and addressing system vulnerabilities. Choose one person, such as your chief information officer or IT manager, who will be accountable for assessing and fixing system vulnerabilities.

6. Emphasize early detection and loss mitigation systems. Put software and personnel in place to detect problems early and to marshal resources that limit any damage to your e-business.

7. Take legal action against attackers. Some companies are reluctant to take legal action because they fear that the publicity will hurt their bottom line. But legal action is the best way to deter future mischief.

8. Monitor continually and update your system. You can't just cross off e- commerce loss control from your to-do list. You must make a continual and ongoing commitment to monitor and upgrade your e-commerce system.