INTERNET SECURITY ISSUES
Internet security issues loom large in any web business, and you can scare yourself witless by reading the horror stories. But all that's needed to cover most internet security issues is a little forethought, some inexpensive software, mandatory routines and a plan to meet eventualities.
Suppose a spyware program steals your passwords, the office burns down, or you hosting company suddenly goes out of business? However rarely, all these things do happen. Draw up a contingency plan, make sure it really works and that colleagues know what to do.
Office Security
The following are obvious but can be overlooked:
use hard-to-guess passwords, restrict access to them, and don't leave them in desks or on PCs.
ensure backups are made regularly, in sequence, and are intelligently labeled.
check backups regularly, i.e. ensure that restores from backups are sound.
keep paper copies, and in a safe place.
store copies of all essential information, preferable encrypted and off-site in:
zips disks, CDs, removable hard-disks, etc.
online storage facilities.
Internet Security Issues: Viruses
Do the following:
consider using alternative browser(s).
get the appropriate anti virus protection software, and keep it up to date.
install a decent firewall.
Internet Security Issues: Protection from Spyware
Many computers are infected by spyware of some sort. Most are 'harmless', but an increasing number pass into viruses that will steal and transmit confidential information, even memorizing the keystrokes of passwords. You need to:
avoid keeping confidential information on any machine connected to the Internet.
run spyware removal software.
encrypt confidential information.
Internet Security Issues: Hackers
Hackers break into computer systems, sometimes to prove themselves, sometimes with malicious intent. You need to:
install a firewall.
ensure sensitive information is encrypted.
Internet Security Issues: Webservers
Webserver security is highly technical, but obvious things to check or ask about:
the financial standing of the hosting company, and how long they have been in business.
guaranteed uptime
security protocols to cope with denial-of-service and hacker attacks.
regularity of backups: does it include user logs, product databases, order tracking logs, server-side scripts, etc.?
whois database (www.whois.net) to ensure that you and not the hosting company remain the administrative and technical contact for your domain and — most critically — the registrant of the domain.
backup: ring them at 3 a.m. Sunday morning if they claim 24/7 telephone support.
other sites being hosted with them (ask for webmasters to contact). Also check: association with spam or porn sites won't help your business.
visit forums to see what webmasters really think about hosting companies.
And:
host alternative company domains with another company: you can then switch painlessly if the first goes out of business or suffers a prolonged denial of service.
Internet Security Issues: Webpage Content
You are responsible for the content of your webpages, which means ensuring:
nothing is libelous or could be construed so.
material does not infringe copyright.
links don't damage the interests of sites linked to (deep-linking may).
pages don't fall foul of search engine and directory requirements.
Internet Security Issues: Customer Data
You are always responsible for customer information: an onerous task if it includes credit card and/or bank details. Use secure webforms that automatically transfer and store customer information safely on a third-party secure site. Encrypt it. Keep it off Internet-connected machines. Make several copies and store safely off-site.
Legal Matters
You are bound by the laws and regulations of the state or country in which you legally exist. Be especially careful of material that could offend the authorities or religious groups abroad, be considered inflammatory, or supportive of outlawed or terrorist groups — i.e. keep your social and political aspirations for another site and another name.
Tax
You'll have to pay tax somewhere on earnings, and matters have become further complicated by the global nature of ecommerce. VAT is a nightmare, particularly in Europe. An accountant can advise, but always keep proper records.
Products and Services
Firewalls
Protect your Internet-connected machine from virus and hacker attacks: the software for the smaller company is now very affordable.
Armor2net. Personal firewall software for Windows: includes spyware and pop-up stopper: $29.
BlackIce. Firewall protection for the standalone PC: $40.
eTrust. Market various security products. Firewall is $40.
Firewall Guide. Free firewall and security software, plus advice.
Firewall Test. Check that your firewall is working properly with this free online test.
iOpus. Review (and downloads) of 4 free firewalls for Windows.
Spirit. Compares 60 leading firewall products.
Zone Alarm. Well-rated firewall software: personal PC version is free.
Protection from Spyware
There may be some 80,000 spyware, adware and malware programs out on the Internet. The following spyware detection and removal programs often allow a free trial to detect (but not remove) spyware.
Adaware. Award-winning software: free for personal use, otherwise $27.
Anti Spyware Guide. Articles, reviews, vendors and resources to fight spyware.
Pest Patrol. CA product, home business version is $30: annual support and updates $20.
Spybot Search and Destroy. Free but donation requested.
Spyware Guide. Articles, advice and programs on protection from spyware.
Spyware Warrior. Excellent comparison of 12 antispyware programs, and much else besides.
Free Virus Detection Services
Anti virus protection programs are not expensive, but you may wish to use one of these free online scan or program download services.
Bit Defender Online. Free. Also newsletter and commercial software at $45: annual renewal is $22.
eTrust Antivirus Web Scanner. Free: part of the Computer Associates suite of programs.
McAfee. Lists any infected files, with information on virus concerned, and suggests how to clean your system.
Malicious Software Removal Tool. Microsoft's program to detect and help remove any infected files.
Panda Active Scan. Free detection: commercial program is $15/year.
RAV Active Scan Online. Free: range of commercial solutions.
Browsing Safely
Many viruses and spyware programs are written to take advantage of the Netscape and Microsoft browsers. You can make browsing safer by:
setting the browser security and privacy controls to higher levels.
visiting the Netscape and Microsoft sites regularly, and installing program updates and patches.
blacklisting sites that cause trouble: IE-SPYAD will help.
using other browsers: firefox or opera: the first is free.
Protection from Viruses
To ensure compatibility, it's usually safer to employ a suite of programs — spam-killers, anti-virus programs, anti-spyware programs and firewalls — from the same software house.
Anti virus protection programs place a strain on the operating system, and some webmasters dispense with them, relying exclusively on firewalls. They are always careful about opening emails, however. Consider:
Anti-Virus Software Review. Reviews 10 products and outlines what to look for.
BitDefender Professional. Various programs: Standard Version 8 is $30, Professional 8 is $45 plus $22 for annual renewal.
Freedom. Integrated security software at attractive prices.
Frisk's F-Prot. From $20 for Windows home use version.
Kaspersky. Sell a variety of security software: anti-virus, firewalls and file encryption.
McAfee. Information on McAfee products and latest viruses.
Nod32. Various programs: Windows version is $39 and includes a year's updates.
Norman's Virus Control. Business edition with Norman Sandbox is $32 for a one year license.
Norton AV. Several packages: home and small business anti-virus program is $50.
Panda. Good range of virus protection programs and services.
PC-cillin 2002. One of the better-rated anti-virus programs: $40.
Stiller Research. Helpful introductions to viruses and virus protection.
Symantec. Information on viruses and Symantec products.
Virus Bulletin. Articles, monthly magazine and software comparisons.
Online Storage
You may wish to store highly confidential information (passwords, bank accounts, etc.) on password-protected directories in your website, but do ensure you encrypt the files first.
A better solution is to employ professional online storage facilities, which offer various levels of security. They are not expensive, and some ISPs offer limited storage free to customers.
Cryptoheaven. Includes 256-bit encryption, secure webforms, and secure emails: from $2.42/month for 40Mb storage.
Filegenie. FTP access, SSL encryption, PC or Mac, 15 day free trial: from $3/month for 50Mb storage.
Filing Room. Personal and business accounts: from $55/year for 10 users and 1 Gb storage.
iStorage. Iomega's online service. From $45/year for 250Mb.
Novell iFolder. Secure downloadable folder. Free 10Mb demo, otherwise as per price list on site.
Secure Web Forms. Helpful article on creating secure webforms with PGP.
SOSDS. Encrypted storage from $39/year for 2.5 Mb.
Storage Search. Articles and news on the data storage business (including CD and H/D approaches): also 30+ listing of companies providing online data storage.
SwiftDesk. Email and document storage. 30 Mb free, otherwise apply.
Xdrive. Passwords and 128-bit encryption: free trial: from $10/month for 5Gb.
Internet Security Issues: Encryption
Remember to encrypt files containing sensitive information, and set up a proper system of access to the encrypted files. Software at the cheaper end: