Explain what compliance means for an Internet based business

Explain what compliance means for an Internet based business and how it is related to Information Security. (Note: Think of the different types of compliance and laws aplpicable to online businesses and the policies that are developed.

Solution

Compliance related to an Internet based business-

Complying with the Payment Card Industry’s Data Security Standards (PCI DSS) requires your organization to take all the necessary steps to protect your customers sensitive data while they shop online. These requirements include standards for your infrastructure and server setup to ensure your customers’ private data stays safe.

Requires a fully managed, robust back up system that provides continuous data protection and off-site disaster recovery for Linux and Windows Managed Dedicated Servers. For an e-commerce operation this is especially critical, since losing your website database means losing records of important sales and customer information.

Firewalls are a proactive defense for your infrastructure from the constant threat of new and advanced malware, viruses, and malicious Internet traffic. Firewalls allow for constant scans on your server’s activity and are designed to adapt to new threats via signature-based intrusion prevention without slowing down your traffic. Your e-commerce customers can enjoy a fast and secure shopping experience, and you can enjoy peace of mind.

Online attacks happen often and affect everybody – don’t let customers become victims of hacking or phishing attacks keeping your online transactions secure with a strong encryption, SSL Certificates are a necessary and reliable way to gain your online shoppers’ trust.

Distributed Denial of Service attacks have grown in frequency and are increasingly sophisticated. In response companies can sign up to cloud-based services that “scrub” any unwanted traffic. Some of the higher end services offer managed DNS services to provide transaction capacity and make it more difficult for DDoS attacks to be successful.

Relation between Compliance and Information Security-

Compliance is basically defined as some basic guidelines which is a step towards Information Security . So ,Compliance is derived from basic terminologies used for information security which not covers complete information security but only a essential part of it .

Let us take a genral example to understand this-

The law doesn\'t require bikers to suit up with anything more than a helmet, and full-face models aren\'t even required. While it\'s possible to ride a motorcycle with just a very basic helmet, it\'s not exactly safe, and any accidents that occur will be much more severe than they would have been if the individual had been dressed in more protective garments.