Once scoffed at during the dot.com year, the formerly staid, old, “brick and mortar” companies have now fully recognized and implemented the value of the Internet. Their new online infrastructure allows them to reach customers in new ways, open new markets, and reap new rewards. “Brick and mortar” is now “brick and click,” with e-tailing and e-commerce standard operating procedures for global business. But for all its new benefits, e-commerce also unleashes a host of new risks and issues on the business world. While hackers, data theft, espionage, and cyberterrorism threaten a company’s e-business infrastructure from without, online payment and information systems present auditing challenges from within.

Control and Security of E-Commerce provides expert guidance on how to protect and monitor electronic commerce. Using nontechnical, user-friendly language, this book lays out the components and risks of an e-commerce system. It also details security solutions and auditing techniques for an e-commerce environment. Topics covered include:

• Legal issues related to e-commerce
• Information security
• Symmetric and asymmetric cryptosystems
• Digital signatures and other authentication techniques
• Protection against viruses, Denial of Service attacks, back doors, and Trojan programs
• Securing UNIX and Windows server environments
• Auditing an e-commerce application

As business reliance on e-commerce increases, so does the intricacy of the problems confronting e-business professionals. Internal and external auditors, information security professionals, network administrators, controllers, and CFOs will all appreciate the practical, results-oriented approach of Control and Security of E-Commerce, as both they and their companies benefit from this timely, useful resource.

About the Author

Gordon E. Smith is the President of Canaudit, Inc., an auditing seminar development and presentation firm. He has twenty-eight years of audit experience. His areas of expertise include networks, information security, operating systems, and client/server environments. Smith is a regular speaker at conferences and seminars worldwide, and received the 2002 Wasserman Award for outstanding achievement in information audit and security.