Security issues and threats in E-commerce and how to overcome them
Project Proposal
- Introduction
This Proposal will focus on major security issues and threats associated in e-commerce companies and will explore the assurance to overcome them.
Security is the largest essential for any e-commerce business, if the security is breached amongst a company, the consumer’s trust will be broken, and this will be fundamental in any company as many customers who have the feeling the website may not be secure, will not hesitate to find another site. (Miller, 2019). Throughout the project, different ways of protecting e-commerce businesses from threats will be explained, alongside ways to contribute information to prevent security faults, this will benefit e-commerce companies by strengthening security to make it cyber secure and prevent any critical attacks.
The rest of this proposal will be structured as follows
- Background review
- Methodology
- Project management
- Background Review
E-commerce companies has become increasingly popular over recent years and security for these sites are critical to prevent from different attacks which can include:
- Phishing: Phishing is a popular threat amongst scammers, as it features emails being sent out to customers allegedly pretending to be the company asking for user data such as passwords or payment information, a popular example for this is receiving an email from Netflix that says “Your account has been suspended” urging you to fill your details in to reactivate account (Jules, 2019)
- DDoS: ‘Distributed Denial of Service’ is a highly common attack of the actual business themselves. Consist of hackers overwhelming data traffic from an untraceable IP address, which prevents customers from using the site. A popular example of an e-commerce company which was targeted by DDoS is Amazon Web Services (AWS), creating the largest DDoS attack ever recorded. The attack was carried out using hijacked CLDAP web servers and caused three days of ‘elevated threat’ for AWS staff (Felter, 2020).
- Malware: Malware is a popular security threat, when hackers gain access to the site and its background, giving options to release dangerous code which can target personal user information and sensitive data. A popular type of malware is ‘Trojan horse’ which is code that disguises itself as desirable code
- XSS (Cross Site Scripting): XSS (very similar to malware) is a security threat which can allows hackers to exploit vulnerable users by injecting the websites with malicious scripts of code. The unsuspecting user can perform tasks on the site without knowing the script has been changed (KirstenS)
- Methodology
Approach | The software development software being used will be an agile model, this will improve project predictability and also reduce the risks through a set of practices. Plan – Do – Feedback – Improve.
Requirement gathering methods being used will derive from analysing existing documents and sources, no interview or user participation will be needed. |
Technology | The technology needed is software, this will feature web hosting as 2 e-commerce marketplace platform websites will be created, showing one with security faults and errors in the system which can be prone to an attack, along with an improved version of the e-commerce site which has improved security and will be resistant to threats and issues.
The websites will be made on Hypertext Markup Language (HTML), as HTML websites allow structure of the website which other languages will be difficult too |
Version Management plan |
|
Post a Comment