Six organisations have set up a group in order to promote common security standards for companies that will be using the Internet to carry out business transactions reports Jalkumar Vijayan from Computerworld.
This group consist of NASA, AT&T, Visa International and the SANS Institute are calling itself The Center for Internet Security will develop what they feel to be the minimum security procedures and technologies that companies must consider when dealing with others over the Internet.
At present there appears to be no constraints or even guidelines for Internet usage and they will be starting with guidelines that Visa have stipulated for their customers online and for protecting cardholders information.
Here are some of Visa's requirements:
- Install a firewall
- Keep security patches up-to-date
- Encrypt stored and transmitted data
- Use and regularly update anti-virus software
- Restrict employee access to sensitive data
- Regularly test security systems
- Other requirements cover the use of IDs and passwords.
In a similar notion, another such group has been set up consisting of Microsoft, Oracle, Exodus Communications and Boeing covering the same issues. This group are expected to report back to the National Security Council in Washington within the next month.
The need for setting of standards has arisen through the growth of threats to businesses performing on-line transactions from malicious hackers and political interest groups.