With the development of Internet is still on the fast track even after the .COM bubble burst, more and more enterprises especially small/medium size companies came to realize the opportunity that electronic commerce can brought to them. Therefore, they are trying to catch up with those forthgoer in this area. In the meantime, quite a lot of companies that are in the leading position of e-commerce implementation are caring more on how to strategically avoid and manage the potential risks behind the fancy e-commerce stage. Under such a circumstance, to avoid the increasing threat from the Internet only by technical method from a traditional point of view became not enough. It seems that we need to have another means to handle the risks, and then the tradition instrument to transfer risks ЁC Insurance came to our eye sight.
This digest will start by browsing the different risk scenario and its corresponding classification, followed by how these risks are managed by technical methods and the imperfectness after taking these measures. And then come into how insurance can help to transfer the risk from the user to the insurer and what kind of service insurer can provide. After that we will go through some of the difficulties and problems in current e-commerce business. Lastly, I collected some comments from one of my friends who work for an international insurance company with some I. T. background to see what he thinks the e-commerce Risks insurability in China.
Scenarios and classification of internet risky
Because of its openness and convenience Internet has become the biggest and most important market for people to do business and transactions. But under the prosperity it harbors a high potential of risks that aimed at not only individuals but also enterprises. These security issue are basically consists of various vicious attacks, these attacks, from a technical view can be sort into the following 4 categories.
Loss of confidentiality
This kind of risk is related to those behaviors that gaining unauthorized information without getting permition. The information can be either sensitive individual privacy, e.g. address, mobile numbers, credit card number and password etc. or confidential enterprise data, e.g. confidential research documents customer information database etc. such scenarios can be business rivals use system back doors in the operation system to hack into your management information system to theft sensitive customer data to arose unlawfully competition.
Loss of integrity
This is referred to the risk of unauthorized modification of your data and information during storage, transfer and demonstration etc. example of this kind of attack can be modifying company Web page causing company image loss, more severely hackers and get root or system administrator authority to modify confidential data stored on file server or perform database operations to alter information contents resulting greater loss. Another kind of scenario in this case is the man-in-the-middle attack, the attacker pretends to be the respective partner during the communication of two parties, the attacker intercept and capture the original information package from the sender disassemble and modified or rewrite some critical information on it and re-assemble the package and forward to the recipient. Such behavior will cause serious trust problem.
Loss of availability
I.e. the pause or total loss of the e-commerce service of the company. The reason resulting the loss of availability can be divided into two kinds.
- Hardware or software fails, like physical damage to I.T. infrastructure or software design bugs.
- Man-made destruction to the system to cause degradation of performance or loss of service to web site, such as virus infection and denial-of-service attack.
Either of the two reasons will lead to loss of company revenue as well as customer value loss. The infamous distributed-denial-of-service-attack on Yahoo, E-bay and E-trade in the beginning of 2000, for instance cause $250 million direct turnover loss and 2.5 billion of their stock value loss as consequence.
Loss of accountability
As we know in credit sales the seller must hold a proof that signed customer to secure the payment and avoid repudiation. But how can this be realized in the Internet practice. If someone intend to simulate a specific identity to do fake transaction, this will lead to serious harm to both the customer and the enterprise. An example of attacking the accountability is the masquerade-attacks; the attacker generates data packets with a computer camouflaged with a false IP address and pretending to be an authorized computer or user.
A real-life example
Here we listed the major threats from the E-commerce nowadays, maybe some people will think that these risks are quite far a way from out daily life but they are not that far, I have my own example. My company is an medium sized animal feed manufacturer, that was in March this year, at that time we have just finished the ERP implementation. One of the computer user in the company reported that he can not open any of the Microsoft Office documents including Word, Excel and PPT. When I came down to diagnose the problem, I realized that it might be a virus attack. So I got back to find out which virus is infected by that computer, when I finally find out the virus is Klez G@mm the virus has already spread to more than 30 computers through the shared network folders. The final result is we have to shutdown the central switch and scan for virus individually on our computers through out company, which cause about 1 day downtime of the ERP (MIS) system. About 40 customers with their trucks parking in our site waiting for loading feed. That was a real nightmare. Right after that accident I setup a cooperation edition of antivirus software to prevent the case from re-occurring.
Free research papers, free research paper samples and free example research projects on E-Commerce topics are plagiarized. EffectivePapers.com is professional research paper writing service which is committed to write top-quality custom research papers, term papers, essays, thesis papers and dissertations. All custom research papers are written by qualified Master’s and PhD writers. Just order a custom written research paper on E-Commerce Risks at our website and we will write your research paper at affordable prices. We are available 24/7 to help students with writing research papers for high school, college and university.