B2B PARTNERSHIPS SECURITY - How to Practice Safe B2B

By Eric Berkman
Sat, June 15, 2002

CIO — YOU MAY NOT KNOW IT, but you’re leaving millions on the table when it comes to business-to-business e-commerce.

In this special two-part report, we show you how to hurdle the two main obstacles that stand between you and all that money: the security of your external connections and a lack of online trading partners.

In How to Practice Safe B2B, IT and security leaders spell out their security requirements for their online partners and explain how they make sure their partners comply.

In How to Grow Your B2B Network (Page 60), companies reveal the techniques they’re using to attract new partners, thereby maximizing their B2B savings and revenue.

The money is there. Go for it.

In summer 2000, Visa unveiled its "Digital Dozen," a list of security requirements calling for firewalls, encryption, testing and access policies that its service providers and merchants must have as a condition of doing business with Visa. That’s right?if a bank or merchant can’t play by these rules, they don’t play with Visa.

Visa’s merchants and service providers must annually demonstrate compliance, through an online self-assessment for Mom-and-Pop shops and extensive third-party audits for merchants or service providers handling large volumes of cardholder information. And if a merchant refuses to comply, Visa can fine the bank that processes that store’s transactions. Then it’s up to the bank to punish the merchants. "Eventually, if we don’t have proof from an independent third party that you qualify with our requirements, we really don’t want you to take the card," says John Shaughnessy, Visa USA’s senior vice president of risk management in Tampa, Fla.

Not everybody is as deadly serious about B2B e-commerce partner security as is Visa. In the stampede to e-commerce, most companies have disregarded the security of their partners and their role in exerting pressure to make sure they’re safe. "My sense is that B2B security is not a consideration for many organizations," says James Wade, chief security officer for the Federal Reserve System and president of Framingham, Mass.-based ISC2, a training and professional certification organization for IT security professionals. Many B2B relationships spawn from manufacturing, marketing or some other group within an organization without involving IT security.

That may or may not be the case in your company, but regardless, it’s your responsibility to see to the security credentials of your B2B partners. "The security of your B2B partner is as important as their creditworthiness," says Paul Gaffney, CIO of Staples, the office-products retailer based in Framingham, Mass.

Continue Reading

White Papers »
Overcome Top 7 Admin Challenges of Active Directory
As Active Directory's role in the enterprise has drastically increased, so has the need to secure the data. Gain insight on creating repeatable, enforceable processes that reduces administrative overhead and enables robust, customizable reporting and auditing capabilities. Brought to you by NetIQ.
X-Ray of the PCI Process-4 Proactive Steps
This white paper from Forrester Research Inc., helps break PCI into understandable components. Security and risk professionals will gain knowledge and insight into creating a compliant and secure IT environment. Follow these four proactive steps now before your next audit. Brought to you by NetIQ.
Smarter Commerce is redefining value chain visibility
Smarter Commerce is redefining the value chain in the age of the customer. It starts with putting the customer at the center of your operations - which of itself is not a new idea - however, truly operationalizing this strategy is not easy.
5 Things Your Software Development Teams Should be Doing Now
In this ever-changing world of software development, it's critical to keep up with technologies, methodologies and trends. Discover five tested and proven software development practices your team should be utilizing to accelerate software delivery.
All Legacy Systems Go
A typical corporation spends between 60-80% of its IT budget maintaining existing systems. No wonder that many organizations are now considering modernizing legacy systems. In this whitepaper, three case studies illustrate how organizations have leveraged Make Technologies to modernize their legacy systems safely, efficiently, and inexpensively.
How to Eat an Elephant
Aging application portfolios are putting many companies at risk. Typically, these organizations need a roadmap to modernize their application portfolios. This whitepaper discusses a step-by-step approach for legacy modernization, including portfolio assessment and developing a roadmap. It also considers necessary considerations for a scalable modernization project.
Webcasts »
5 Things Your Software Development Teams Should be Doing Now
This webinar will cover five tested and proven software development practices that your team should be utilizing right now to accelerate software delivery.
Apps QuickStart Series Part 2: Designing and Deploying SQL Server on VMware vSphere
Download this webcast to learn about the design considerations for virtualizing SQL workloads, performance and scalability information and high-availability options, as well as support considerations
Apps QuickStart Series Part 1: Designing and Deploying Exchange 2010 on VMware vSphere
Download this webcast to learn the virtual hardware design considerations for Exchange 2010, deployment using the building block approach, options for high-availability and disaster recovery and support considerations.
Virtualize Business-Critical Applications with Confidence
Virtualizing business-critical applications has become a key focus for organizations as they move along their virtualization journey. With the launch of VMware vSphere® 5, VMware is helping customers accelerate the deployment of business-critical applications, including Exchange, SQL, SAP and Oracle.
Discover the Benefits of Virtualization for Federal Applications
Want to say goodbye to missed SLAs? VMware can help you virtualize mission-critical applications such as Oracle, MS Exchange and SharePoint to achieve dramatic improvements in uptime, performance and responsiveness. In this webcast, we'll discuss the key benefits of virtualizing your agency's most critical applications and Oracle databases as a necessary first step in fulfilling OMB's mandate to move IT services to the cloud. With VMware, you'll be on the way to quick, effective and full compliance.
When Java EE Is Overkill: Lightweight Application Server Benefits
The complexity, cost and technological bloat of traditional Java EE application servers are often barriers to running a lean and efficient IT organization. Increased need for scalability and rapid application delivery are driving businesses to reconsider the platform they use for application deployment. By combining the portability and agility of the Spring framework with a lightweight application server, your organization can meet business demands while staying within budget constraints. VMware vFabric™ tc Server is a modern, lightweight Java application server based on Apache Tomcat. It improves developer productivity, control and manageability-and is the most flexible platform for virtualizing Java applications and workloads for the cloud. View this webcast to learn about real-world examples of companies that have adopted VMware vFabric tc Server and how to plan for future cloud deployments.
Newsletter Sign-Up »

Receive the latest news test, reviews and trends on your favorite technology topics

Choose a newsletter
  11. View all Newsletters | Privacy Policy
White Papers » All White Papers

Overcome Top 7 Admin Challenges of Active Directory

X-Ray of the PCI Process-4 Proactive Steps

Smarter Commerce is redefining value chain visibility

5 Things Your Software Development Teams Should be Doing Now

All Legacy Systems Go

How to Eat an Elephant

Transforming IT Processes and Culture to Assure Service Quality and Improve IT Operational Efficiency

Accelerate time to application value

Top 10 Myths About Virtualizing Business-Critical Applications

The Hidden Truth About Virtualizing Business-Critical Applications

Enterprise Java Applications on VMware: Unix to Linux Migration Guide

Virtualizing Tier 1 Applications: A Critical Step on the Journey Toward the Private Cloud  

Best Practices Guide: Microsoft Exchange 2010 on VMware

Google: Security for Google Apps Messaging & Collaboration

Forrester: Economic Impact of Switching to Google Apps

ESG Analyst White Paper - VMware's vSphere Storage Appliance: High Availability for Small IT Operations

Lightweight Application Development Systems Ride the Cloud: IDG Report

Modernizing Application Platforms for Cost-Effective Cloud Readiness

VMware View Optimization Guide for Windows 7

VMware View Optimization Guide for Windows 7
Sponsored Links

Push the limits of virtualization with HP. Get the tech dossiers and learn how you can put an end to runaway virtual sprawl.

Splunk translates machine data into "aha" moments for IT and the business.

Evolving Your Data Center for the Cloud

Get Ethernet speeds from 1 Mbps to 10 Gbps - Comcast Business Class

Gain cutting-edge insights at MIT in 2-5 day executive programs.

Converge your infrastructure with HP. Access a valuable case study in the CI Resource Center now.

Redefine Software support with HP

Click to see how Accenture has delivered high performance to clients

Learn how Accenture helps clients become high-performing businesses.

Join the Conversation. Follow Oracle EPM & BI on Twitter Today.

Check Point Trusted by the Global 100

Customized information views & Twitter events at New Fulcrum Point

ShoreTel UC cuts costs like no other. Mobilize your business today.

E-book: Discover Business-Ready Storage Systems For Oracle Environments

Managed Hosting Buyer's Guide - Benefits to key considerations

Discover how integration of operations mgmt and service mgmt enhances productivity.

Converge your infrastructure with HP. Access white papers, case studies, videos and more.

High performance. Delivered. Click to see Accenture's client successes

See how Accenture helps clients perform at the highest levels

Compare risk and TCO in single and multivendor networks on Feb 23.

Connect with global CIOs now at Enterprise CIO Forum

Upcoming Webinar: Managing Cost in the Cloud

Resource Center
buy a link »
Ads by TechWords