Security mechanisms to protect sensitive data for easy shopping

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.


Integrating information systems is accompanied with several advantages, despite the advantages that e-commerce adds to business models, there are inherent security risks, which all businesses face. Typically, organizations face the risks where unauthorized individual have access into the company and customers' sensitive information and use it for illegal purpose. Although, EasyShopping attempts to integrate e-commerce in its business model, nevertheless, the company needs to provide adequate security procedures for the company software and hardware in order achieve the best in its information systems. It should be noted that security of information system is part of business liability, and an organisation must employ the highest security procedure in order to protect the company's data. Typically, security can address protection of corporate network, virus protection, disaster recovery, physical security and access authorization and verification data loss. To ensure adequate security of the company information system, the management of EasyShopping needs to update the company document regularly. In addition, the company needs to carry out the following in order to provide security on company data.


To maintain data integrity, the management of Easy Shopping needs maintain secrecy of all the company data. This will involve preventing unauthorised individuals to have access to customer information, corporate business plan, company's message, and other confidential information. Moreover, company can prevent unauthorised access to sensitive information by installing the firewall software.


The use of firewall has been identified as one of the best method to provide security mechanism for organizational network. A firewall is a security procedure that prevent outsider to have access to the private network resources of an organization. Typically, the use of firewall is to enhance security between a company network and the internet. EasyShopping can employ packet level firewall and application firewall to enhance the company security.

The packet firewall is used to deny or allow access to an identified IP addresses. The company can buy VisNet Firewal 2.2, Software as packet firewall.

In addition, the application firewall is employed to filter incoming or outgoing data in order to protect company network from unauthorised access. An example of application firewall is SonicWall Pro 2040, Hardware. It should be noted that some unidentified individual can carry out series of attack on corporate website in order to gain access to company data. Typically, an individual can launch attack using a program such as Trojan horse. The Trojan horse has been known to send private information to the corporate computer in order to alter the company information. Also , there is another of such program such as sniffer programs that can read the customers' credit cards numbers , corporate email messages and read username and passwords. To guide against these types of undesirable programs, EasyShopping needs to install firewall in order to prevent access to unauthorised programs and networks.

Use of backdoor protection software

Although firewall could be very effective to protect the company database against unauthorised access to company data. However, the use of firewall is only effective to protect the company front door. A lot of cases abound where an unauthorised individual can gain access to company database using a backdoor. Thus, to provide security on the corporate backdoor level, EasyShopping needs to provide adequate security to the company backdoor through the use of modern software and systems. There is software that can be installed in order to provide adequate security to the corporate back door. For example, software such as Advanced Office XP Password Recovery Pro 2.42, Backdoor Guard or Solo Antivirus Software 9.0 has been known to protect company back door from unauthorised access. (Walcott), Or NetIQ Security Compliance Suite. These security suites allow for the implementation and authorization of key controls to meet authorization change.

Typically, with the use of sophisticated security procedure, the EasyShopping could provide effective security for its customer's data through encryption.


The use of encryption is very critical to protect customers' information such as credit card information. Encryption can be defined as a strategy to apply cipher code in order to transform the original data to nonsense. Essentially, when data are transmitted into the company database, the data will be transformed in an unreadable text in order to protect the data transmitted. It should be noted that in the electronic commerce, the customer's data are regularly transmitted into company server. Thus, with use of encryption, the company database would be protected. (Hsueh, Olawepo).

In the case of EasyShopping, it should be noted that the customer's information could contain credit card information, bank information and other sensitive data. To protect the customers' information, the encryption technique is one of the best methods to protect company and customers' data from identity theft. (Traubitz).


One of the major strategies by which EasyShopping can enhance security procedure of its database is through cryptographic procedure. The cryptography is the key combination that will protect the company information from gaining access to unauthorised individuals. The only people who can have access to the company's information are the people having the secret key combination. To protect the company's database, the EasyShopping should use the method of cryptograph to protect the company data and only the authorised people should have access to the key. (Walcott).

Use of antivirus

One of the best methods to provide security to the company's computer hardware is to use anti-virus software to protect company hardware. It should be noted that there are several damages that virus could do to the information systems of a company. A virus can attach itself into another program and damage the computers. Moreover, virus can come with email attachments and come with word processing files, databases, spreadsheet, excel. etc. To counter virus, there is need to install antivirus in the computer in order to protect all the files in the database. Essentially, Norton anti virus 2010 is one of the best antivirus, and is effective to protect and scan all the computers files. The Norton anti virus 2010 is effective in scanning the incoming emails, and automatically detect and remove any virus found. Moreover, this anti virus is also effective against worms, and spyware. Thus, by installing anti virus, the EasyShopping can protect its computers from internet risks. Apart from installing the anti virus in the company's computers, it is also essential to update version anti-virus.

The increase in the information security updates, rules, laws and studies has been directly correspondent to the rise in saturation of various information security infringements, invasions and failures. Conner, Noonan and Holleyman (2003) in their study found that the amount of security issues or troubles had doubled annually in the 21st century. The statistics showed that security issues had a whopping increase from an annual 22,000 in 2000 to 76,000 by the end of the first six months of the year 2003. A thorough analysis of the situation depicts that this rise in the security troubles has directly resulted an increase in the yearly studies and laws on the subject

Thus, enhancing security in order to protect company's data is very essentially, however, the EasyShoping also needs to protect the computer files and database from power failure, flood, fire etc by developing comprehensive contingency for disaster recovery.

Group G: Sunmonu Olabode, Saqlain Haider, Ariyo Ogudana Page 3