| Conducting business on the Internet requires the | | | | interface on which to place public facing servers |
| consideration of various security issues. Security policy | | | | instead of on the private internal network. The firewall |
| development, security awareness training, or the | | | | should also be resilient enough to be able to defend |
| various other components of the CIA (Confidentiality, | | | | against denial of service (DOS) and other Internet |
| Integrity, and Availability) information security mantra will | | | | based attacks. Internet traffic on the DMZ should be |
| not be discussed, instead this article will focus on the | | | | monitored via intrusion detection and/or prevention |
| basic types of security that businesses on the Internet | | | | systems tied into an incident response plan in the |
| need to address to secure their website from others | | | | event malicious activity is identified. |
| with mal-intent. | | | | The business should also contact their domain name |
| An organization must initially assess its systems or | | | | registrar and pay the additional fee so as to lock the |
| functions and rate the operational criticality of each. | | | | domain name to prevent hackers from highjacking the |
| The reason for this is that security implementations | | | | web address by submitting a spoofed or forged |
| can be quite expensive and being able to determine | | | | domain name change request. Hardening the public or |
| the must have versus the nice to have through a risk | | | | outside domain name server is also critical so that |
| based approach is vital to ensure that funds are | | | | hackers do not gain access to it and change its entries |
| directed towards the assets that are most at risk. | | | | to redirect your web traffic to an alternate |
| In general terms, a business with a presence on the | | | | unauthorized website (also a form of domain name |
| Internet has to protect its website/server, associated | | | | highjacking). Once a domain name change is made |
| infrastructure, bandwidth, and its domain name. Internet | | | | and propagated throughout the Internet it could take |
| service obtained through a service provider must be | | | | several days to re-propagate a correction. |
| sufficient in bandwidth for expected traffic, have the | | | | This article is not all inclusive and has not addressed |
| ability to scale based on demand requirements, and, if | | | | other related subjects such as web server hardening |
| possible, provide some level attack filtering before | | | | or transactional security and non-repudiation for |
| reaching the organization's network border. The next | | | | ecommerce, but its purpose is to convey an indication |
| consideration would be to obtain a firewall system that | | | | of the scope of required considerations in securing an |
| provides for a semi-secure demilitarized zone (DMZ) | | | | organization's online presence. |