W5 Homework Comments

Web Site Security: A web site resides servers either in the company's data center or at a separate hosting company. Most small to medium sized businesses will use a hosting company. It helps to think about the hosting company case. Once you are convinced that the hosting company has the appropriate firewalls, router configuration, intrustion detection etc., you can focus on your web site design. What part of your site will require authorization? What levels of access will your authorization system support (public, logged in user, administrator)? How will you secure your database? What fields will you encrypt? From whom will you license your Secure Sockets Layer certificate? What validation standards will you require of your site devopers to protect against SQL Injection attacks?

The point I intended to make above is that web site security is a function of web site development and is more than "adding on" measures after the site has been built.

Security: Computer security is a business issue and at least as important as other business security. You mentioned laws that require protection of information such as HIPAAA and FERPA. As a Dominican faculty member, I was trained by Dominican in my duties to protect student information under FERPA. Computer security failures can lead to business failure. Therefore computer security is a business issue.

Supply Chain: Many of you took good advantage of the material in the text book.