Electronic Commerce, Information Technology and Ethics
Online presence is a new way that a business can take advantage of in order to grow and increase profitability. E-commerce promises to drive business strategy by offering a strategic platform that allows a business to increase its market share by selling goods across the world. Consumers can purchase their products online from any country by using internet and computer or mobile applications. Therefore, a business in need of online presence must invest in creating a website that is easily accessible from computer or mobile phone. Mobile commerce has grown rapidly, as many consumers are using their smartphones for business transactions.
Steps for Creating Online Presence
The first step a business must take to achieve online presence is developing a website, which will allow consumers to conduct business normally, either through any electronic or mobile platform. Thies step primarily identifies the project’s business goal and system requirements and functionalities. Equally, planning is done at the first step to align business strategy to the e-commerce system. Restructuring of business processes is critical during planning as it ensures that an organization redesigns its informational needs to meet the expected e-commerce goals. Therefore, the first step defines whether an organization needs an e-commerce and mobile platform or not. The second step entails strategic planning for the creation of the e-commerce architecture, which determines the application modules that will be used to manage information and data. Similarly, security and reliability of the system is determined with reference to specific hardware and software application modules. Moreover, the human resource procedures of implementing the e-commerce architecture are set in place to approve the plan and determine the scalability of the entire project.
The third step is the development and acquisition of appropriate technology for the e-commerce system. This step includes business partners whom an organization works with to build, buy, or lease appropriate information technology and build an online presence. At this stage happens the selection of a business name and registering of the domain that best represents the brand and products or services on sale through a vendor or independent self-hosting. Therefore, vendor and project management takes place in the third step to harmonize the building process. The fourth step encompasses testing, installation, and integration of the e-commerce and mobile commerce systems to achieve the expected business strategy. Installation of the system requires the use of vendors or in-house technicians. At this point, content and catalog that fit the determined typography, look, colors, and business features are created. The last step is managing the operations, maintenance, and updating of the e-commerce system. The fifth step starts with programming, testing, and integrating the site with business strategy during construction. Each module of the e-commerce system is tested independently, before combining to test whether all modules act together when integrated for easier usability or not. The last step is advertising, which aims to alert and attract consumers.
A business can choose from a variety of options to achieve online presence. For example, an organization could consider building an interactive website that contains all product and service information and offers a way to exchange information with the consumer. On the other hand, an organization can opt to build a transactional website that sells products and services by using a shopping cart, customer-personalized account, and a shipping calculator, including payment options that accept cards and online money transfer services providers. Furthermore, several software companies offer services that enhance the development, operations, and maintenance of e-commerce system. Modern e-commerce and mobile commerce has moved to the Web 2.0 services, which integrates customer engagement platforms, such as social networks, viral videos, mashups, and other applications that make online experience more interactive with instant feedback system. Integrating Web 2.0 services will create user-control features that ensure customer support, marketing and advertising, and user feedback statistics, such as reviews, rankings, and comments.
An organization must select a mobile commerce environment that is either a site or an application environment. A mobile site is a replication of the e-commerce site, but it appears inside of an internet-enabled mobile device. Thus, the mobile commerce application would automatically detect a consumer’s device and load content accordingly. On the other hand, a site could be customized to appear as a mobile application that requires the consumer to download it from a marketplace, such as the Apple App Store or Android market. After selecting the environment, an organization must choose the operation system, such as Android-based phones, iOS, Symbian, or Windows Mobile OS-based devices. The choice of an operating system is based on the known number of customers who use it. For example, most Americans use iPhones or iPads, which means that a mobile commerce system targeting this market will use the iOS. However, an organization should rather choose to use both Android and iOS operating systems, since both have high numbers of users across the world.
Required Skills and Tools
Implementation of the e-commerce and mobile commerce sites require a workforce conversant with modern applications of information technology. Even if vendors are hired to build and maintain the systems, an organization should have IT skilled employees to manage it. The staff should be able to create multimedia web documents, manage internet facilities, and conduct commerce over the internet. Moreover, the management should be able to control computer systems and intranet facilities. The tools necessary for online presence include a database management system, system analysis and design applications, and networks as well as telecommunication tools. Therefore, managers and workers must be able to operate software tools. Equally, the IT staff should be conversant with processing transactions through the e-commerce system or a mobile commerce based on either Android or iOS operating system.
The Opportunities and Challenges of Electronic and Mobile Commerce
The organization ought to adopt an ethical policy to enhance the security of the e-commerce (EC) and mobile commerce systems. Responsible management of the EC requires the adoption of written guidelines, procedures, and organizational rules to be implemented to avoid litigation.
Ethical computer use policy: The guideline directs user behavior based on organizational principles.
Acceptable use policy: This policy requires all users to agree to follow a set of access rules when using the internet to ensure that all online actions are recorded and authorized per user.
Internet use policy: A drafted guide directs users on how to use the internet securely.
Anti-spam policy: This policy prohibits users from sending unsolicited emails that may endanger the security of the e-commerce system.
Protection Policies and Procedures for Organizations
In order to protect e-commerce and mobile commerce systems, an organization must establish security and e-policies. E-policies are guidelines that address the ethical concerns and provide details to users about how to use computer systems and internet securely. Online business presence that entails purchasing requires compliance with financial services security policies to protect data of customers of MasterCard, Visa, PayPal, or any other money transfer service providers. An e-policy is a security tool that guides all users of the platform and concerning how to conduct business with security, confidentiality, integrity, while maintaining accessibility. Therefore, the security policy is intended to protect business’s assets, data integrity, and ensure confidentiality of transactions while protecting public networks from threats.
Three Recommended Security Policies
The first security policy aims at protecting corporate assets while ensuring smooth running of an e-commerce and mobile commerce system. Organizational records of financial data, client information, and employee information constitute the first and the most crucial database that ought to be covered by a security policy. Organizations use security policies to protect information from unauthorized access and intentional or accidental misuse within or outside the business. Administrators’ policy that establishes how to implement security tools that protect the entire operating system by sealing loopholes can protect corporate assets. Therefore, the policy will guide the administrators in implementing foolproof access controls to corporate directories and databases that contain confidential information about customers and employees. Such practice would require the administrator to control the passwords to ensure that outdated authentications are discontinued from the systems. The administrators must keep a log of all passwords and user IDs by using technological tools such as the Info Keep. Info Keep encrypts and keeps records of user passwords without recording them in order to protect the system from unauthorized access. Besides, an organization should protect its information databases by restricting the usage of portable storage devices and external downloads to disks that create security loopholes. Company information is sensitive to damage over the network and should be backed up regularly after each update for easier and faster recovery. Unauthorized access to the information should be prevented by installing anti-virus programs on servers, desktops, and laptops in order to restrict the sharing of information with external entities.
The second crucial security policy should protect the organizational technology that includes authentication and authorization, prevention and resistance, detection and response. The best way to protect technology is through the application of monitoring technologies that track users’ activities by measuring keystrokes, error rates, and transactions processed per individual. Therefore, an organization could use common monitoring technologies to effectively secure its technology. The best monitoring technology is the key logger or key trapper software that records all keystrokes and mouse clicks per user. Besides, a hardware key logger is critical for capturing the movement of keystrokes from the keyboard to the motherboard. Similarly, an organization can monitor its technological information by installing a spyware that tracks all online transactions and activities without alerting the user. Such spyware is hidden from a user and is a potential monitoring tool. Online activity is best controlled by using a Web log, which contains information about every visitor of a web site and remains stored on the business’s Web server. The distribution of the monitoring technologies should be strictly controlled to avoid possible misuse and tampering to ensure the security of corporate technology. Moreover, a company must choose a method for confirming users’ identities before allowing them to access corporate technology. Therefore, authentication would require every user to be assigned an ID or username and a password. Besides, physical identification would require the use of a smart card authentication, which is encrypted with the user’s information allowing access to the e-commerce system. Furthermore, securing technology requires additional authentication features, like using a fingerprint or voice signature.
Accordingly, authorization to prevent external threats could use content filters, encryption, and firewalls from threats that would stop the e-commerce systems from operating normally and optimally. A firewall is sufficient to counter external threats, since it monitors information exchange between the intranet and the internet in order to protect the hardware and software components of a company. Firewalls protect a business’ technological systems from being hacked, which would result in the breach of confidentiality. Activation of the firewall shields the server and database from possible external threats. Equally, external threats could be minimized by using encryption, which ensures that a user must have a password to decrypt information in order to read it. A corporation would employ content filtering software to filter emails to prevent unsolicited emails (spam) and sharing of confidential information over the internet. Lastly, a company should purchase a premium anti-virus to detect and delete malicious programs and viruses that may be used by hackers to gain access to an organizational e-commerce and mobile commerce system.
Every organization should have a comprehensive computer user policy and hold consistent user training programs to help employees understand how to use e-commerce resources in a sustainable and secure manner. Therefore, computer user policy and user training constitute the third security policy that is primarily meant to help employees run an e-commerce and mobile commerce system in a knowledgeable way that ensures security. Security is built through consistent training programs that are meant to inform workers about which actions are prohibited and which of them are allowed, while one is online on the internet or intranet. Prohibited employee guidelines must be written and issued to each user to direct their online activities in a proper way that results in profitability. Since an organization is liable for every employee action, such as spam, revealing of confidential information, or misuse of corporate resources, it is advisable to design a computer policy that will list allowed and prohibited activities to ensure security of the e-commerce platform.
How Security Policies Should be Implemented in Organizations
All in all, the implementation of security policies should start with a plan, which identifies the core assets and databases that must be protected and defines potential threats. Administrators’ policy is the critical guideline that finds and prohibits external threats, including viruses, spam, and hacking vis-à-vis internal threats, such abuse of passwords, spam, physical theft, and unauthorized hardware or software installations. The best implementation procedure includes the creation of e-policies and security policies. Since the monitoring process is a continuous operation, an organization must get the latest security updates to ensure smooth operations of the e-commerce system. Therefore, security policies should target employees, management of customer information, databases, and all online assets of the corporation. Furthermore, protection should be implemented at the hardware, software, and personnel levels. Implementation of security at the hardware level would require security tools that protect the servers, workstations, computers, communication lines, and removable media from unauthorized entry. Software level security identifies potential risks caused by users sharing applications, outdated software, and entertainment software. Besides, the software level would encompass installing monitoring technology to keep the system secure. Lastly, the personnel who has access to the e-commerce system knows the most sensitive data and may modify it without permission or unintentionally, which can be avoided by using monitoring technology that records user activity.