Scribd
Upload
32 views4 pages

Website Security

The document discusses securing web-based infrastructure through application security, network security, physical security, and business continuity planning. It describes measures that can be implemented at each level of a website's infrastructure and the process of developing and testing business continuity plans.

Uploaded by

abu.boitech
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
32 views4 pages

Website Security

The document discusses securing web-based infrastructure through application security, network security, physical security, and business continuity planning. It describes measures that can be implemented at each level of a website's infrastructure and the process of developing and testing business continuity plans.

Uploaded by

abu.boitech
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 4

WEB BASED INFRASTRUCTURE.

Name

Professor

Course

Date
WEB BASED INFRASTRUCTURE.

A secure website is one that strife to maintain Confidentiality, integrity and availability.

Confidentiality is a practice that is adhered to ensure that any confidential information is

protected from unauthorized users. Website should bear some integrity rules that it should focus

so as to work on a given task without it being tampered with. Since most websites are build

based on the motive of service delivery, then those services should be available and nothing

should come in between to deny them to the authorized users.

Since a website is founded on three main infrastructures i.e.; the application software, connected

to a network and residing in a given physical environment, therefore also security measures

should be applied in each of these areas.

To ensure that security is achieved at application level of a website, considerations should be

made right from the time of development. Coding should generate codes that are free from

errors. Other forms of software security include use of antivirus software, and use of user

accounts in websites with username and passwords.

Another means of securing a website is achieved through network security. Network security can

be realized through the use of such measures as firewalls, encryptions, and digital signatures

amongst others. Computer servers hosting websites needs to be fully equipped with firewalls to

prevent computer systems that are in the network from opening links to unauthorized sites.

Data transmitted over the network can also be secured through the use of such means as digital

certificate and signatures.

Physical security is another form of securing a website. It relates to environmental factors that

surround the structure under which the website resides in. Threats that can be exhibited in such

environment include: theft, fire breakouts, power loss and extreme temperatures. These
WEB BASED INFRASTRUCTURE.

environmental threats can be handled by use of such measures as door locking, employing

security personnel, installing fire fighters in place, installing uninterrupted power supplies, and

cooling fans amongst others.

BUSINESS CONTINUITY PLANNING.

In as much as the website is maintained to be secure, plans need to be put in place that will

ensure normal delivery of services by the website even in times of crisis. This kind of

preparedness for the handle disasters and continue with normal operations is achieved through

Business Continuity Planning.

Business continuity planning is a process that is followed from one step to another. To start with

the critical factors that might bring down the website are identified and every operation being

carried out in these environments should be known and recorded.

After the critical factors have been identified, impact analysis is carried out to determine

possible impact that might arise and the risk that it might cause. Decision needs to be reached in

consideration whether the risk is so critical that it can paralyze all operations or the services will

still run.

Following the impact analysis is the development of resumption strategies, here a plan is carried

out on how the business will be resumed back after the critical factor has occurred. The business

should resume back to normal operation with minimal or no losses.

The last thing is testing of the business continuity planning itself where the developed business

continuity plan is put on operation to ascertain if it is effective. This will determine if the

business continuity planning is ready for implementation or if it still needs more improvements.
WEB BASED INFRASTRUCTURE.

References

DeSilva, J. Business Continuity Planning. Boston: Suffolk University.

Dougherty, M., MA, RHIA, & CHP. (2009 - 2011). 10 Security Domains (Updated). Tom Walsh, CISSP
(2009, 2011).

Meier, J., Mackman, A., Dunner, M., Vasireddy, S., & Murukan, R. E. (2003). Improving Web Application
Security. Microsoft Corporation.

Pearson Education; . (2015). Network Security Concepts and Policies. Indianapolis: Cisco Press.

You might also like