Sometimes you’ll find that it’s easier and more economical to have the experts do something for you rather than to try to do it yourself. When you decide to outsource e-commerce to a co-location Web hosting service, the agreement is the most important item to get straight. The agreement should answer all of your questions and tell you what guarantees are made by the Co-Lo. Money is almost a secondary consideration because you want things done well first of all.
To help you with your decision, here are the main questions you should be asking. If you don’t receive answers that make you comfortable, please try another Co-Lo. It’s a very competitive business and especially in metropolitan areas, there are numerous companies offering the same service. Your reputation as a business is at stake here, so make sure you choose a company that will be a good business partner and not just someone who will take your money without regard for good service.
As you read these questions, you’ll probably think of others you should be asking. This is not meant to be a comprehensive list of questions; just the top level questions to get you started.
Is commercial use allowed with their service? (If they don’t allow e-commerce, why bother with them?)
1.
Will they handle the procurement of a domain name and SSL certificates for you?
2.
Do they have shopping cart software that you can use to help you build your site?
3.
Will you have your own servers or will you be sharing a server with other companies? (This is called “virtual hosting” when you share a server with others.)
4.
What security mechanisms do they have in place to protect your site? (Firewalls, intrusion detection systems, anti-virus programs, checksums of your files and applications?) 5.
Do they have staff on duty 24/7?
6.
What guarantees do they make about security and availability?
7.
If your site is hacked, who is responsible for what?
8.
Are there extra charges for data transfer from your company’s network to your servers? (You may want to build your Web site at your company and then transfer all the files at once to your servers at the Co-Lo.)
12.
If your site grows, how much does it cost to add extra servers?
13.
Do they handle all the software patches or is that your responsibility?
14.
What kind of access reports do you get and how often will you get them?
15.
Will you have to pay excess bandwidth charges? (If you suddenly have an increase in traffic to your site and they need to upgrade the speed of your connection, is there a charge?)
16.
How often do they make full backups of your site?
17.
Can you see their security policies and procedures manuals?
18.
Will they arrange for a credit card merchant account for you?
19.
This document was created by an unregistered ChmMagic, please go to http://www.bisenter.com to register it. Thanks.
What is their average uptime on servers? (In other words, do their servers go down very often?) 20.
Some other things you may want to consider are whether or not you provide the equipment for databases or not. Can the database be located at your company office for convenience? And, of course there are the “key” questions — how and where are their encryption keys stored and how do they handle recovery of the keys if they are lost?
Whichever service or company you decide to give your business to, you should think about the future — will they be able to give you more servers and additional bandwidth as your e-commerce site grows? You don’t want to get boxed into a corner where you won’t be able to serve your customers because your Co-Lo lacks the space and/or the equipment.
When you make your decision, be sure to have your legal counsel go over the agreements and contracts. The type and strength of encryption should be spelled out in detail and you should have the option of changing encryption schemes if the one you are using is found to have serious security problems with it.
Now, with all of this ammunition, you should be able to find a service to help you or go it alone. Have fun with it and be creative but remember the first order of business is to handle all transactions securely. That will help build a good reputation which will surely result in increased sales and good potential for growth. Have fun!
Chapter 12: Virtual Private Network (VPN) Encryption
In This Chapter
Setting up your VPN
Going over different VPN encryption schemes Deciding which is best
Running tests
Sometimes I feel it would be nice to go back to the good ol’ days before personal computers could be networked together. Back then, the only threat to your machine was of a physical nature — it could be stolen. My only security measures back then were to cable-lock my machine to the wall, set a BIOS password, and to remove the keyboard and lock it away when I wasn’t using the machine. Easy-peasy!
Of course non-networked PCs weren’t at all friendly when it came to sharing information and files with other PCs.
Remember sneaker nets? That’s when everyone kept a large stack of floppies on their desks with which to copy files onto. When you needed to share a file with a co-worker, then you copied your files onto a floppy, put your sneakers on, and walked with the floppies over to your co-worker’s desk. Of course that was a good way to exchanged virus-infected files, too.
With computers being connected online all the time — even home computers — the probability that a connection could be hijacked, spoofed, or have all the data captured to a file has become almost inevitable. If it hasn’t happened to you, that just means it hasn’t happened to you yet.
One method of hiding connections is to utilize a Virtual Private Network (VPN). Even five years ago VPNs were practically unheard of and now they are as commonplace as mouse pads and flat screens. No longer do you need to have a degree in computer science to be able to figure out how to set up a VPN; the setups and configurations are quite user friendly now. The problems of competing standards and interoperability sometimes rear their ugly heads but, for the most part, VPNs are a relatively easy solution to hiding your data and your connections.
This document was created by an unregistered ChmMagic, please go to http://www.bisenter.com to register it. Thanks.