E Commerce

UNIT 3

Dr. Smita Ghoshal

 Difference between Intranet &
Internet
• Typically, an intranet includes connections
through one or more gateway computers to
the outside Internet.
• The internet is the one on which you can
access anything and that is what an individual
uses at home or on his/her mobile,
while Intranet is inter connected network in
a company or an organization.

Dr. Smita Ghoshal

Dr. Smita Ghoshal
Dr. Smita Ghoshal
 Internet/Intranet Security Issues and
Solutions
• Even though the intranet is a closed, private
network, it is still susceptible to external
threats from hackers or malicious software
including worms, viruses, and malware

Dr. Smita Ghoshal

 Network Security Threats
• It’s best to use a firewall to mitigate against
external threats. In simple terms, a firewall is a
protective barrier between the intranet and the
internet. It is a software program or a hardware
device that filters the information coming
through to the intranet from the internet.
• Firewalls may decide to allow or block network
traffic between devices based on the rules that
are pre-configured or set by the firewall
administrator.

Dr. Smita Ghoshal

 Security Breaches
• From time to time, the intranet may
encounter suspicious traffic such as spam,
phishing, spyware or malware.
– Spam: irrelevant or unsolicited messages sent over the
Internet, typically to a large number of users, for the
purposes of advertising, phishing, spreading malware, etc.
– Phishing: the fraudulent practice of sending emails
purporting to be from reputable companies in order to
induce individuals to reveal personal information, such as
passwords and credit card numbers.

Dr. Smita Ghoshal

– Spyware: software that of malicious types of
enables a user to obtain software, including
covert information about adware, spyware, viruses,
another's computer Trojans and more.
activities by transmitting
data covertly from their
hard drive

– Malware: Malware is a
blanket term that is used
to describe a number

Dr. Smita Ghoshal

 Virus
• Most organizations understand they need to
have anti-virus software installed. However,
the threat from viruses is constantly changing,
and so it is vital that you regularly update the
software with the latest versions.
• A computer virus is a type of malware that,
when executed, replicates itself by modifying
other computer programs and inserting its
own code.

Dr. Smita Ghoshal

Intranet Security: Internal Threats
• Weak Passwords
– Too often users have weak passwords, share them
with colleagues, never change them and sometimes
they even write them down or tape them to their PCs!
• Access Control
– Access to information can be secured on the intranet
via a series of file permissions and page permissions.
These permissions can be set by a job title, team
function, geographic location – whatever is
appropriate for that data.

Dr. Smita Ghoshal

• Encryption
– Encryption is the process of converting data to an
unrecognizable or “encrypted” form. It is
commonly used to protect sensitive information
so that only authorized parties can view it.
– Secure Socket Layer (SSL) is the standard
encryption security technology used by millions of
companies around the world, particularly for
online shopping.

Dr. Smita Ghoshal

 3 reasons why encryption matters
• Internet privacy concerns are real
Encryption helps protect privacy by turning personal information
into “for your eyes only” messages intended only for the parties
that need them — and no one else. You should make sure that your
emails are being sent over an encrypted connection, or that you are
encrypting each message.
• Hacking is big business
Hackers aren’t just bored kids in a basement anymore. They’re big
business, and in some cases, they’re multinational outfits. Large-
scale data breaches that you may have heard about in the news
demonstrate that people are out to steal personal information to fill
their pockets.
• Regulations demand it
Ecommerce providers are required to implement security features
that protect consumers’ sensitive information to be protected.

Dr. Smita Ghoshal

• Remote Access
– Increasingly intranets are being accessed outside
of the standard office environment by employees
either working on the road or working from home.
Often workers are doing so using their own
personal smartphones, devices or tablets. Special
steps are required to ensure security is maintained
with remote access.

Dr. Smita Ghoshal

 Intruder Detection
• In information security, intruder detection is
the process of detecting intruders behind
attacks as unique persons. This technique
tries to identify the person behind an attack
by analyzing their computational behaviour.
This concept is sometimes confused
with Intrusion Detection (also known as IDS)
techniques which are the art of detecting
intruder actions.
Dr. Smita Ghoshal
Dr. Smita Ghoshal
 Enterprise Networking
• Enterprise network architecture refers to the
specific setup and layout of enterprise networks.
• This type of system provides vital support for a
business, from VoIP and telecommunications
systems to data storage, data analysis, etc.
• All of these are served by a good enterprise
network architecture.
• An enterprise network is also known as a
corporate network.
Dr. Smita Ghoshal
Dr. Smita Ghoshal
 Antivirus
• Antivirus software is a program or set of
programs that are designed to prevent, search
for, detect, and remove software viruses, and
other malicious software like worms, trojans,
adware, and more.
• Some examples of anti-virus software are
McAfee, Norton, and Kapersky

Dr. Smita Ghoshal