With our International Offshore Bank, you can safely and privately diversify your assets, open multi-currency deposit accounts, trade privately stocks, bonds, mutual funds, CDs, commodities and currencies on markets everywhere, and buy offshore funds and other investment products.

Manage your accounts with our Internet Banking platform, keep your assets safe, take advantage of our Swiss tradition of banking privacy, protect your capital and use all the international banking services of a leading offshore bank.

Learn more about Offshore Banks, Tax Havens, Asset Protection, Private Banks, Financial privacy, Investment diversification, International banking, Safety and security, Tax free banking and Banking Havens in this site.

"Bancoii Offshore bank - not only for millionaires. "

IT risk in e-commerce

Introduction

Barriers to entering e-commerce are comparatively low, but new opportunities can be accompanied by new risks.

Risk assessment means listing all of the risks a business might face and assigning varying degrees of importance to them. Risk management means prioritising these risks and formulating policies and practices that can balance and mitigate them.

Every business can benefit from conducting a risk assessment of their e-commerce systems, although smaller businesses may not need to implement some of the more sophisticated techniques described in this guide.

This guide explains the risks that you need to be aware of or ask your e-commerce developer about. It also explains how risk assessment and management can help in recognising and quantifying the risks and how to balance them against the potential gains.

Reduction of threats and vulnerabilities

You can not completely eliminate the risks to your business so you need to plan how you will reduce the various threats and vulnerabilities.

Reduction of threats

You can reduce the threats to your e-commerce system and services by:

making your business less of a target - consider what needs to be on public or shared systems and, where possible, remove sensitive business information
increasing the perception of your business as secure - ensure that all aspects of security appear to be installed and well managed
ensuring that warning signs on your web site are clearly displayed to any user who attempts to access secure parts of it
not providing any publicly available information regarding the security systems or operating systems in use

Reduction of vulnerability

Reduced vulnerability measures are designed to reduce or remove known weaknesses in the e-commerce environment. Typical measures include:

Installing firewalls to filter out illegitimate access attempts. Such systems should be configured correctly and the rules on which they are based should reflect the needs of the business.
Installing strong authentication processes. These guarantee the identity of users and are more secure than simple password systems. There are increasing numbers of biometric and smart-card solutions available, but you should at least consider a two-stage approach based upon something you have, eg a card known to the system, as well as something you know, eg a private personal identification number.
Using digital certificates to provide trust between individuals, systems and trading partners. These provide secure communications by authenticating individuals, systems or organisations and protect individual transactions through the creation of digital signatures.
Deploying virtual private networks (VPNs) to provide a private channel over the Internet that trading partners can use to exchange business information securely.
Applying all available operating system and security product patches to ensure that hackers are not able to exploit known vulnerabilities.

Risk avoidance and transfer

If you have identified risks to your business information systems that can't be countered by any technical controls that you can put in place, then there are other options.

Risk avoidance

Risk avoidance is the most effective way of managing risk. It means making a decision not to enter into a new way of working because of the inherent risks this would introduce.

While this may be a valid decision, it can be hard to take as the business drivers for changing working practices can be extremely strong, especially if there is pressure from your competitors.

Risk avoidance may not always be a practical option for your business, but it can form an important part of your over all consideration of risk. Even if you decide against using it, at least you will be making the decision based on informed judgement.

Risk transfer

Risk can be transferred in two ways. The first is through insurance.This can be problematic in e-commerce as it is often difficult to quantify the business loss following a security incident. It is even more difficult if the impact was due to a security violation within a trading partner's business.

The second option is to contract aspects of your e-commerce function out to a third party. This could involve another business hosting your systems or running them on your behalf. The attraction is that many third-party hosting services operate in a more secure technical environment. However, while contractual arrangements can describe the service agreements and any penalties that may be inflicted, the primary impact of any incident will always be on your business. It could also potentially cost you more money.

<< back | top

Costamed Creativos © 2007Website SecurityConfidencialityAbout UsLegal NoticeFAQ'sSitemap
Icono de conformidad con el Nivel A, de las Directrices de Accesibilidad para el Contenido Web 1.0 del W3C-WAI SWIFT: BINICVCP