Upload
andi-muhamad
View
145
Download
0
Embed Size (px)
Citation preview
idEA E Commerce Short Course Sutedjo Tjahjadi
Managing Director, Datacomm Cloud Business
cloud.datacomm.co.id
e-Commerce Sales Growth
Source: Internet Retailer Top 500 | eMarketer | SHOP.org State of Retail Online Report 2014
Technical Elements of e-Commerce Strategy
Source: Rackspace, Building Your e-Commerce Strategyhttp://www.rackspace.com/knowledge_center/whitepaper/building-your-ecommerce-strategy
1Pemilihan Platform, termasuk strategi re-platforming
2Security dan compliance, sesuai standar industri
etc....... ....... ....... ....... ....... .............. ....... ....... ....... ....... .............. ....... ....... ....... ....... .......
Why e-Commerce Need Security?
Customer sangat memperhatikan keamanan data, privacy, dan keamanan pembayaran
50% 80% 17%
50% customer menyatakan bahwa
keamanan data adalah faktor utama ketika
mereka memilih tempat belanja online
80% customer memilih untuk belanja dari online shop yang mereka rasa
dapat memberikan keamanan terhadap informasi personal
mereka
customer membatalkan belanja mereka karena
khawatir terhadap keamanan
pembayaran.
Sumber:1.Deloitte University Press: http://dupress.com/articles/consumer-data-privacy-strategies/2.Statista: http://www.statista.com/statistics/232285/reasons-for-online-shopping-cart-abandonment/
e-Commerce Security Breaches
The malicious software, or malware, was placed on Home Depot point-of-sale terminals, or cash registers, from April to September, the company said in a news release. The malware was found in Home Depot stores
in the USA and Canada.
e-Commerce Security Breaches
In the Target breach, hackers were able to steal information on up to 110 million customers during the holiday shopping season, including the financial information of up to some 40 million people.
e-Commerce Security Perspective
Customer Perspective
•Data and information security
•Privacy
Platform Perspective
•Code and Database Security
•Web Security•Payment Security•Fraud Prevention
System Perspective
•System Hardening•Patch and Update Management
Network Perspective
•Detection and Prevention System
•Perimeter Security•Access Control
What Can You Do?
Ada banyak pendekatan dalam keamanan e-commerce. Dengan adanya sertifikasi standar keamanan dalam industri, hal tersebut dapat dijadikan tolak ukur.
Menyatakan bahwa Anda memiliki sistem dan
metodologi yang dapat menjamin keamanan
informasi perusahaan.
Menyatakan bahwa sistem Anda terlindungi dalam hal keamanan, ketersediaan,
kerahasiaan data, dan privasi
Standar yang dibuat untuk meyakinkan pelanggan mengenai keamanan informasi kartu kredit
mereka.Sebagai penyedia jasa e-commerce, memiliki semua sertifikasi di atas merupakan hal kunci, namun sertifikasi PCI DSS adalah hal yang harus
Anda fokuskan.
PCI DSS Requirements
Firewall Management
Vendor Default Controls
Data Protection
Data Transmission Encryption
Anti-virus Controls
System and Application
Security
Data Access Controls
Personal Access
Controls
Physical Access
Controls
Data and Network Access
Controls
Security Testing
Organization Policy
PeoplePolicy
ProcessPolicy
Technology Policy
Build and Maintain Secure
Network
Protect Cardholder
Data
Vulnerability Management Program
Strong Access Control
Measures
Monitor and Test
Network
Information Security Policy
What We Can Help
Link Encryption, Token Based,
Access Control, Intrusion Detection
Firewalls, Content and Malware
Protection, System Authentication
User Authentication,
Smart Cards and Token, Content,
Assurance, Privacy
Secure Application Portals,
Permissions Management,
Single Sign-On
Open Domain PKI, CA, Transaction Signing, Trust
Schemes, Messaging
Trusted Business Applications, Payments, Brokerage, Exchanges, Tendering
Consulting, Design, System Integration, Vulnerability Management, Monitoring
PKI, Smart Card, Digital Signature, Certificate Processing, Mobile
Trust Application Development