Scott Hebert

General computer security is a major issue. A 2004 study conducted by USA TODAY and Avantgarde found that a personal computer running Microsoft Windows XP could be compromised within minutes of being placed on an unprotected Internet connection. The computer in question had been installed with default settings and had not been “hardened” against any attacks. The study concluded that a few simple steps were all that was necessary to reduce the risk from inevitable to unlikely (Acohido & Swartz, n.d.). This study alone should be evidence enough that any resources dedicated to computer security is money well spent. When running an online storefront, even the tightest of budgets can afford to utilize an SSL certificate to secure data transmissions and outsource site management to specialists.

The advent of wireless networks and web browsers on mobile devices has made the possibility of third party eavesdropping an ever increasing risk. When operating an online storefront, the vendor must provide protection against eavesdropping to ensure that private customer information such as credit card or social security numbers is transmitted without risk of compromise. The primary method for securing web communications is to encrypt the traffic via Secure Sockets Layer (SSL). SSL uses private key encryption to ensure that all traffic between user and server is unreadable in the event that it is intercepted (Garfinkel, 2001). SSL certificates are inexpensive and available from a known group of trusted vendors. As of October 28, 2008, SSL certificates for one year are available for as low as $249 (Thawte , 2008). This cost is a drop in the bucket compared to the potential lost revenue for any one trying to operate an online storefront without using SSL encryption.

When comes to server security, there are two paths to follow. The first path is to handle the entire Web operation internally. That means purchasing servers and hiring individuals to manage them. Depending on the complexity of the web site, this scenario may be the only feasible solution. Another option is fully hand over the operation of the web site to a company that specializes in hosting online storefronts. As an example, HostICan provides web hosting starting at $6.95 per month (HostICan, 2008). They manage the security of the servers while their customers focus on the content. This solution may not be appropriate in all situations depending on the security of the data involved. For a new online storefront, this is an easy way to break into the market without breaking the bank.

Acohido, B., & Swartz, J. (n.d.). Unprotected PCs can be hijacked in minutes. USA Today. Retrieved October 31, 2008, from MasterFILE Premier database.

Garfinkel, S. (2001). Web security, privacy & commerce (2nd. ed.). Sebastopol, CA: O’Reilly.

HostICan. (2008). HostICan - Web Hosting. Retrieved October 28, 2008.

Thawte, Inc. (2008). Buy thawte SSL certificates. Retrieved October 28, 2008.

Rayport, J. F., & Jaworski, B. J. (2004). Introduction to e-commerce (2nd ed.). New York: McGraw-Hill/Irwin.

Tags: e-commerce, management