02.25.04

The Nuts And Bolts Of Information Security Part 3 : Design Considerations

By Mel Davey

PROTECT YOURSELF

In part 2 of this 4 part article on information security, the CISP policy (Cardholder Information Security Policy) being mandated by financial acquiring networks was covered. These mandates were mainly about protecting the credit cardholder and the acquiring merchant bank from having vital information fall into the wrong hands.

It is essential to protect yourself from malicious and inadvertent attacks that can corrupt data, provide misinformation, and even bring down a server. This third installment covers steps you can take to minimize these risks through good design practices with forms and site operation.
USING FORMS

Forms are one of the great features introduced to the HTML document standard. Without them, it would not be nearly so easy for clients and customers to communicate through sites on the Internet. However, forms were introduced to the HTML markup language very early in the development of HTML standards when the Internet was a benign and friendly place and not much concerned with e-commerce. For this reason, little or no attention was paid to maintaining the integrity of form information.

In today's environment, where on-line storefronts are collecting vital customer information through form fields, one must reconsider how to handle form information. Forms are a big target of opportunity for even the least sophisticated of hackers and malicious mischief makers as well as being vulnerable to innocent mistakes made by legitimate customers during data entry.

Live conference coverage from New York, New York.

FORM VULNERABILITY

Forms are vulnerable in several ways:

1) Forms are subject to the simple human error of entering bad information and the malicious intent of entering bogus information.

2) Forms are easily redirected to an unintended receiving server.

3) Form information can be easily altered.

4) Forms are subject to repeated submits.

5) Forms can be used to introduce malicious code into a server.

Read the Full Article

About the Author:
Mel Davey is the creator of ImagineNation (http://imaginenation.com/), a full service E-Commerce Application Service Provider, offering Storefronts, Order Management Utilities, and 3rd party credit card processing.

Writing Powerful SEO Copy

Garrett Frenchby Garrett French

At yesterday's DMA/AIM net.marketing conference, session director Heather Lloyd Martin, president of SuccessWorks, offered some powerful words of wisdom regarding SEO copywriting.

 During her speech at the New York City-based conference, she advised you should consider rewriting your site copy if:
  • Your pages aren't converting or customers aren't clicking where you want them to. (And if you're rewriting with the search engines in mind, be sure to completely overhaul your copy so that you can maintain your marketing message.)
    Heather Lloyd
  • You have a page full of links. Links are not necessarily targetted for a search phrase, and they diffuse the impact a given page may have, especially if it's your landing page. We actually looked at this guy's furniture site during the session. The site's homepage had four sections targeting four different types of office furniture buyers, and each section had multiple links to various types of furniture on four separate domains. Bad idea! One domain with all the content is better than four separate domains. Putting everything on one domain allows you to keep all your PageRank concentrated on one site, too.
  • You have a page with no text. You don't of course, right? I didn't think so. This point was intended for the folks out there who are so image-focused, both in their marketing goals and front page content, that they forget to spell out what they do.
Read the Full Article

About the Author:
Garrett French is the editor of iEntry's eBusiness channel. You can talk to him directly at WebProWorld, the eBusiness Community Forum.
Free Newsletters
Part of the iEntry Network
over 4 million subscribers
eCommNewz
SEOArticles
SmallSiteNews


Send me relevant info on products and services.


 

 

From the Forum:
A Little HELP

Where can one find a Quality E-Business hoster that has references??? I have found many firms claiming to “Have references” or making claims of “Being in business for X years”. That will not do, and the logic behind this statement goes without saying. ...

Go Here

 

-- eCommNewz is an iEntry, Inc. publication --
iEntry, Inc. 880 Corporate Drive, Lexington, KY 40503
2004 iEntry, Inc.  All Rights Reserved  Privacy Policy  Legal

archives | advertising info | news headlines | free newsletters | comments/feedback | submit article

eCommNewz Home PageAbout iEntryArticle ArchiveNewsWebProWorld ForumsJaydeiEntryContactAdvertiseDownloadsiEntry