Security On The Information Superhighway

Security on the Internet is a big issue but, at least for a small business, perhaps not as big an issue as it may seem.

Large companies, which have their own computers to electronically coordinate information with offices around the world, have plenty to worry about with so many users in so many places. Because they have to make their machines easily accessible to their own personnel, unauthorized users have ample opportunity to try to break in.

Smaller firms, in contrast, have far less exposure and thus far less risk from hackers. These unauthorized users frequently hitch a ride on a service provider’s network, meaning that most of the outside world can’t reach into the computers in your office.

This does not mean that the Internet is risk-free. Using it can be equated to operating a retail store: Even if you locate the store in a nice neighborhood, install good locks on the doors, post security guards and set up hidden cameras, you can still be robbed. It’s a matter of understanding the risks and establishing adequate security measures to keep yourself comfortable since absolute safety is impossible.

Home Pages

Many small businesses that set up home pages on the Internet worry that hackers will be able to break into their system to steal information or wreak havoc. It’s possible, but unlikely due to server security and the nature of publishing on the World Wide Web.

Your Web page works a lot like a letter. When people visit your page, they are actually asking your host computer for a copy of the information you have set out there. Your host, in effect, instantly mails out a copy of your Web page. However, while the host is glad to respond to requests and send your information to anyone who asks, it never actually allows access to the original documents.

Good Internet service agencies have security experts to protect their users from this type of interference. In addition, most service providers will make back-up copies of your home page nightly. As a result, if something deliberate or accidental were to harm your home page, you could get quickly back on-line with the original information.

If your Web page is on a service provider’s system, it is impossible for a hacker to reach into your office computers through the page. Even if you have your own server for your Web page, you can protect the other computers in your office by segregating them from this machine.

A Breakthrough in Electronic Commerce

Many small firms have jumped on the Internet for the opportunity to advertise inexpensively to millions of potential customers. Using a Web page, the company can open a virtual store that solicits commerce on a worldwide basis. To complete a transaction, however, businesses need credit card numbers, which electronic eavesdroppers can conceivably intercept.

There is no such thing as a completely safe Internet transmission because every message travels through several machines between sender and receiver. Encoding transaction messages, however, usually is adequate to protect their contents.

A business group led by credit-card rivals Visa and Mastercard (the world’s two largest credit card associations with 442 and 300 million cardholders, respectively) took this a major step further when announcing in February 1996 that they had agreed on technology to assure the security of electronic payments over computer networks like the Internet.

The standard, expected to go into commercial use by the end of 1996, will give merchants of goods and services the convenience of a single, universally employed means for protecting the privacy of on-line credit card transactions. And the new technology promises customers a much higher level of security for electronic purchases than was previously available.

Called Secure Electronic Transactions, or SEC, the software standard will permit users to send a credit card account number to a merchant in a scrambled form. The scrambled number is supposed to be unintelligible to electronic eavesdroppers and thieves — and even to the merchant receiving the payment. But a special code will enable the merchant to check electronically and automatically with the bank that issued the credit card to ensure it is a valid card number and that the customer is the authorized user of the card.

Forrester Research Inc., a market research firm, estimates that this new service should increase Internet commerce, which is expected to reach $22 billion in on-line sales by the year 2000.

Secure Sockets

Netscape, the leading Web software company, also offers software to help keep hackers from listening in on transmissions. Its Secure Socket Layer is designed to keep anyone between the sender and receiver out of a message’s way. It is effective in preventing eavesdropping.

Digital Cash

Another way to keep your customer’s money safe during a transaction is to keep it off the Internet entirely. Although no one company has emerged as the dominant provider, several are competing to become the payment managers of the information superhighway. First Virtual, Cyber Cash, CARI and Digicash all offer some type of system where customers can set up an account with your company and then make purchases with their own “cyber-dollars.” In most cases, the sensitive data is kept securely off line and can be retrieved in traditional ways after the transaction.

Remember, large firms have different and more urgent security concerns than smaller enterprises. Knowing the risks and the facts about Internet commerce can be your answer to making the information superhighway a valuable and safe new business tool.

Internet Culture: On-Line Life Is Lonely If You Violate The Rules

The Internet is, fundamentally, a commercial enterprise. Private companies run computers that run the system, and users pay fees to get aboard.

That fact, however, does not make cyberspace wide-open territory for capitalism. While the World Wide Web looks more like a shopping mall every day, newsgroups and listservs — which are devoted to the exchange of ideas — are forbidden territory for advertising and marketing. Violating this unwritten rule can get you ostracized, and your messages returned unread.

“The response to blatant advertising keeps getting stronger and more negative,” notes Dave Taylor, author of Creating Cool Web Pages with HTML and co-author of The Internet Business Guide. Taylor says that anytime he receives a commercial message through a newsgroup, he returns an angry message to the sender and electronically blocks out any future mail from the offender.

The tricky part about the restriction is that standards vary from newsgroup to newsgroup. Some business-oriented sites may allow more leeway in terms of discussing products and services. And even the strictest groups are eager to hear about new developments, which can include press releases or product announcements. “In different forms, the same thing can be viewed as appropriate or otherwise,” Taylor comments.

For example, a pet shop owner who gets involved with a pets newsgroup probably would be well within the boundaries of good taste if, in answering a question, he mentioned specific products. It might even be acceptable to announce new products that have come on the market. But it would be wrong to post unsolicited notices advertising goods for sale.

The best rule of thumb is to be a part of the community. Get a sense of a group before you begin posting messages, and always try to keep your communications informational, not commercial.

When in Rome: On-Line Do’s and Don’ts

  • Advertising: Confine it to the Web. If you try blatant advertising in other sections, you most likely will make enemies and get a reputation as a clod.
  • Capitalization: DON’T TYPE MESSAGES IN ALL CAPS. People don’t like that.
  • Language: You never know who will be reading what you write, especially because the recipient of your message might forward it to someone else. Therefore, keep your language clean and professional.
  • Copyrights: Copyrights also apply to electronic publishing. If you read an article in a magazine and want someone else to see it, you would be violating the law by typing or scanning in the text and sending it on-line.
Posted by on February 21, 1999