E-Commerce: Privacy and Security

Posted on in IT Management

Company X is a fictional manufacturer of gourmet snacks and treats.

Studies have shown that a large number of Internet users are concerned about privacy and security. According to one study, 87 percent of Americans fear their credit card information will be stolen or misused. Additionally, 89 percent fear that their health records may be misused by health related web sites (Rayport & Jaworski, 2004). When making the decision to implement an e-commerce platform, a business must decide between choosing an insecure, open environment on one hand, and an overly secure environment on the other. The choice is not simple and each option has its advantages and disadvantages.


It is hard to imagine many businesses today considering an insecure e-commerce platform. When businesses first go down this road, they must be considering the immediate advantage it presents their customers: easy of use. Web sites with no security features do not include password protection, encryption, or firewalls. Although this might be easier for customers to use, it is truly only possible on a web site that allows completely anonymous access. An example of this would be the Academy Sports + Outdoors website which features an online catalog, but no customer interaction or purchase facilitation (Academy Sports + Outdoors, 2008). As soon as a user must begin entering any personal information, the lack of security becomes a major problem. With so many Americans concerned about privacy, it would be impossible to operate a legitimate e-commerce site without security. As Chris Van Sant (1999) points out, once "trust is compromised, the company quickly loses its reputation" (para. 5).

In many ways, the advantages and disadvantages of operating a secure e-commerce environment are the reverse of an insecure environment. Since a large percentage of Americans are concerned with privacy, addressing those concerns is paramount in today's online environment. The secure site offers secure communication with its users via encryption, and protects their data via firewalls. The disadvantages with this environment relate to the complexity of the site. Although users want increased security and privacy, many feel that password strength requirements and frequent password changes is taking the issue too far (Shein, 2006). Additionally, the complexity of extremely secure infrastructures means increased personnel costs in the form of server and network engineers.

When moving forward on their new e-commerce project, Company X must maintain a certain level of security. Since it can be assumed that the company will select to offer their treats via an online storefront rather than a simple product catalog, the site must include the necessary security to protect their customers privacy. This means encrypted data transfers and firewall protected storage. In fact, many advanced database servers like Microsoft SQL Server provide data level encryption for added security (Hsueh, 2008). If the security is tempered with the customer's ease of use in mind, the trust built by these measures will ensure Company X's reputation in the future.


Academy Sports + Outdoors. (2008). Home page. Retrieved October 24, 2008.

Hsueh, S. (2008). Database encryption in SQL Server 2008 Enterprise Edition. Retrieved October 24, 2008.

Rayport, J. F., & Jaworski, B. J. (2004). Introduction to e-commerce (2nd ed.). New York: McGraw-Hill/Irwin.

Shein, E. (2006). The password is: "annoying". CFO. Retrieved October 24, 2008.

Van Sant, C. (1999). E-commerce security: How much is enough? Retrieved October 24, 2008.

Slaptijack's Koding Kraken