Web Publishing Tools, Techniques and Methods
Organizations should always consider web security when designing, building and publishing a website. Unless there is a specific need to do so, website visitors should not be permitted to "write" files of any sort to your web server.
If there is a need to store data that is captured in electronic form, the "write access" permissions must be set-up correctly. Organizations that plan to implement e-Business applications should take additional security precautions to properly authenticate users and protect credit card numbers and other personal data.
Organizations have a moral and legal responsibility to protected the privacy of both their customers and suppliers.
Whenever private data is accepted via a web application, it is important that that transactions be encrypted. When a web page is encrypted, a small lock icon will appears in the web browser.
Data that is not encrypted is no more secure on the internet than information written on a post card that travels through the mail service. Anyone who touches it can read it.
In addition to enforcing security from a technical perspective, it is equally important to ensure that data is protected once it arrives at your business location.
Adequate controls should be implemented to restrict data access to appropriate individuals in your organization.