B2B PARTNERSHIPS SECURITY - How to Practice Safe B2B

By Eric Berkman

Sat, June 15, 2002CIO YOU MAY NOT KNOW IT, but you’re leaving millions on the table when it comes to business-to-business e-commerce.

In this special two-part report, we show you how to hurdle the two main obstacles that stand between you and all that money: the security of your external connections and a lack of online trading partners.

In How to Practice Safe B2B, IT and security leaders spell out their security requirements for their online partners and explain how they make sure their partners comply.

In How to Grow Your B2B Network (Page 60), companies reveal the techniques they’re using to attract new partners, thereby maximizing their B2B savings and revenue.

The money is there. Go for it.

In summer 2000, Visa unveiled its "Digital Dozen," a list of security requirements calling for firewalls, encryption, testing and access policies that its service providers and merchants must have as a condition of doing business with Visa. That’s right?if a bank or merchant can’t play by these rules, they don’t play with Visa.

Visa’s merchants and service providers must annually demonstrate compliance, through an online self-assessment for Mom-and-Pop shops and extensive third-party audits for merchants or service providers handling large volumes of cardholder information. And if a merchant refuses to comply, Visa can fine the bank that processes that store’s transactions. Then it’s up to the bank to punish the merchants. "Eventually, if we don’t have proof from an independent third party that you qualify with our requirements, we really don’t want you to take the card," says John Shaughnessy, Visa USA’s senior vice president of risk management in Tampa, Fla.

Not everybody is as deadly serious about B2B e-commerce partner security as is Visa. In the stampede to e-commerce, most companies have disregarded the security of their partners and their role in exerting pressure to make sure they’re safe. "My sense is that B2B security is not a consideration for many organizations," says James Wade, chief security officer for the Federal Reserve System and president of Framingham, Mass.-based ISC2, a training and professional certification organization for IT security professionals. Many B2B relationships spawn from manufacturing, marketing or some other group within an organization without involving IT security.

That may or may not be the case in your company, but regardless, it’s your responsibility to see to the security credentials of your B2B partners. "The security of your B2B partner is as important as their creditworthiness," says Paul Gaffney, CIO of Staples, the office-products retailer based in Framingham, Mass.
Loading...
Applications MarketSpace
Exchange 2007 Risks and Mitigation Strategies
This whitepaper will review the strengths of Exchange 2007 and areas where CIOs should consider third party solutions. Learn more »
Solving On-premise Email Challenges
This white paper presents ten on-premise challenges and their on-demand services solutions. Learn more »
An Open Framework for Business Intelligence
Architecting Business Intelligence Applications for Change Learn more »
Adobe for Business Process Automation
Companies must be able to react to customer demands, competitive threats, and compliance requirements. Learn more »
Increase Customer Satisfaction and Lower TCO
With Adobe® LiveCycle® Enterprise Suite (ES2) software, organizations can easily deploy intuitive user experiences. Learn more »
Practical Approaches for Securing Web Applications
Enterprises understand the importance of securing web applications to protect critical corporate and customer data. What many don't understand, is how to implement a robust process for integrating security and risk management throughout the web application software development lifecycle. Learn more »
Smart techniques for application security: whitebox + blackbox security testing.
An Executive's Guide to Web Application Security
Since so many Web sites contain vulnerabilities, hackers can leverage a relatively simple exploit to gain access to a wealth of sensitive information, such as credit card data, social security numbers and health records. It's more important than ever to examine your Web application security, assess your vulnerability and take action to protect your business. Learn more »
 
SPONSORED LINKS
 

CRM Built for IT: The Executive Guide to Selecting CRM that Meets IT Needs

ROI of Application Delivery Controllers

White Paper: 4 Customer Service Myths

White Paper: Improve Agility with Operational Responsiveness

Removing the Barriers to IT Governance: How On-Demand Software Changes the Game

Cloud Computing--Latest Buzzword or a Glimpse of the Future?

A Balanced Approach to an Application Development Platform

Adobe® LiveCycle®solutions for intuitive user experience

10 Ways Excel Drives More Value from Your SAP Investment

What's New in SOA Suite 11g?

Unleash the Power of Java with Oracle JRockit Real Time

SOA Best Practices and Design Patterns

Application Grid: Ideal Platform for IT Consolidation

Ready to virtualize tier one applications? Check your virtualization maturity.

Learn how to provide complete Business Service Management.

Increase ROI of Your Application Portfolio

Return on Information: Google Enterprise Search pays you back. Get the facts.

VMware. The source for Business Infrastructure Virtualization.

ShoreTel tells businesses to untangle from competitors' complexity and turn to its brilliantly simple UC solution

See how AT&T can help protect your network.

Streamline IT Costs. Boost Performance with WAN Optimization.

Build your 1st app FREE with Force.com

TDWI checklist helps define data readiness for analytics. Download report.

eZine: A Roadmap to Reducing IT Complexity

Reduce risk, gain agility. See how Progress can help your business.

What's Next for Enterprise Resource Planning?

Gartner Magic Quadrant, Application Delivery Controllers 2009

White Paper: Managed Security for a Not-So-Secure World

SharePoint - Unchecked growth of content is unsustainable.

Focus Under Pressure: Why IT Governance Becomes Mission-Critical in a Down Economy

Should Your Email Live In The Cloud? A Comparative Cost Analysis

Adobe® LiveCycle® solutions for business process automation

Architecting Business Intelligence Applications for Change: The Open Solution

Increase UPS efficiency without sacrificing protection.

Unlocking the Mainframe: Modernizing Legacy System to SOA

State of the Data Integration Market

Enhance Customer Loyalty through Higher Responsiveness

Achieving Business Agility with Application Grid

Seven Ways ITIL Can Help You in an Economic Downturn

Four steps to populate your CMDB.

"Enterprise-Proven" is the Prerequisite for Enterprise SaaS Portal Solutions

AT&T Synaptic Storage as a Service. Expand on demand

Trend Micro ranked #1 against real-world malware. Read more.

Webinar: Jump-start your in-house e-discovery with Ringtail QuickCull from FTI Technology

Top Five CIO Challenges

Read the RSA report: Security for Business Innovation

64-page prescriptive guide to security, compliance, and IT operations.

A Clear View Toward Virtualization

Virtualization Technology as a Business Solution

The rules of infrastructure management just changed.

 
 
RESOURCE CENTER
 
buy a link »
Ads by TechWords