MSC Trustgate.com Sdn Bhd is an organization that involved in the application of third party certification programme in Malaysia. It is an accredited Certification Authority (CA) running within the Multimedia Super Corridor. It is authorized by the Digital Signature Act 1997 (DSA). Their primary business is to offer digital certification services such as digital certificates, cryptographic products and software development. Trustgate obligated to provide the finest Public Key Infrastructure (PKI) to help all types of companies and institutions carrying their business over the Internet. Security is the primary concern of entering into the new Internet economy. Due to this reason, the vision of Trustgate is to allow organizations to operate their business securely over the Internet, as much as what they have been enjoying in the physical world. It provides a number of products and services to organizations in Malaysia, including SSL Certificate, Managed PKL, Personal ID, MyTRUST, MyKAD ID and so on.

Nowadays, there are increased phishing and spoofing attacks on the Internet, all organizations want to ensure that they are dealing with trusted parties when they manage business online and ensure that their information transferred over the Internet get to the expected recipients and is safe from intruders. SSL Certificate for Internet, Intranet and Server Security offer two type of SSL Certificates for server security such as Global Server ID and Secure Server ID. Global Server ID implements today's strongest encryption commercially accessible for secure communications via Server Gated Cryptography (SGC) technology. GSID verifies company’s web sites and allows 128- or 256-bit encryption to secure communications and transactions between the site and its visitors. Every purchase of GSID comes with a VeriSign Secured Seal that can show on company’s web site. The seal is an instant proof that the web site is genuine because it has been authorized by the World Leader of SSL Provider, and customers can conduct business with the company free of worry. Secure Site SSL Certificates safeguard the transfers of sensitive data on Web sites, intranets, and extranets using a minimum of 40-bit and up to 256-bit encryption. It includes VeriSign Secured Seal.

Managed Public Key Infrastructure (MPKI) service is a fully integrated enterprise platform created to secure intranet, extranet, and Internet applications by combining maximum flexibility, performance, and scalability with high availability and security. The service enable enterprise to quickly and cost-effectively set up a robust PKI and Certification Authority (CA) system with absolute control over security policies, PKI hierarchies, authentication models, and certificate lifecycle management. Trustgate’s robust is a high-availability certificate processing services. It allows enterprise to easily organize a PKI while relieving itself from the high expense of designing, provisioning, staffing, and maintaining its own PKI backbone. Managed PKI helps enterprise to issue 250 or more digital certificates to customers, suppliers, partners, or employees. This solution assists to defend on-line transactions, digitally sign them and regulate the access to intranets and extranets.

Digital ID is used for Secure Transaction, CryptoSuite and Secured E-mail. It makes sure user’s confidential information remains private in transit, user need to use Digital ID to sign & encrypt its transactions. Digital ID uses private key and public key to aid the several operations such as Authentication, Privacy, Authorization, Integrity and Non-repudiation.

MyKad with PKI capability enables its holder to run online transaction with government agencies and private sectors. MyKey, is the MyKad PKI solution that works with physically MyKad, allowing holder to validate himself online and to digitally sign documents or transactions and is recognized by the Malaysian government. Trustgate is the PKI developer and integrator for MyKad. It provides severalc MyKad PKI modules such as MyKey Application Programming Interface (API), Signing module, Verification module and MyKad Client Kit for developer who wishes to improve MyKad applications.
Security is significant for distributed, heterogeneous and mission critical applications. Trustgate provides a lot of managed security services, including Vulnerability scanning, Security assessment, Security architecture design, Intrusion prevention, Software integrity / application control, Security audit and Security consultancy. By employing these services, users can save their time and money from having to constantly react to security problems.

Besides that, Trustgate also offers many other services to public such as MyTRUST for Mobile Signature, SSL VPN for Remote Access Services, Verisign Certified Training and Application Development and System Integration. Trustgate is an essential party in Malaysia that participated in certification programme to provide security and protect confidentiality of users's data and information.
.


Related useful link:

Safeguarding your personal and financial data

Undeniably, nowadays we rely increasingly and heavily on computers and internet for help. We use them to manage our personal finances, store sensitive personal data,or perform work-related activities away from office. Yes, the digital world is helpful. But that does not mean it is risk-free. In fact, the personal or financial data that we store in computer or post on the internet is prone to theft without us knowing. The risk is even more if you share your computer with others. Thus, it is extremely crucial to take security precautions to safeguard your electronic assets. Following are some tips to keep your electronic personal and financial data away from risk.

A) Choose your password wisely. A strong password will surely provide you a certain level of security. Try to go for a long and more complicated one, a combination of uppercase and lowercase letters, numbers, and symbols is a good choice. It is not encouraged to have your birth date, or cellphone's numbers as your password.Cyber thieves are more clever than you could imagine.

B) Get a biometric authentication if possible. This is a very secured way
to prevent unauthorized access to your valuable data. Using advance technology of unique biological characteristic identification on computer might be the best password available. There's no way for other people to access your private data unless they get a part of your body.

C) Install an appropriate antivirus software. After your hardware is set, it's time for software to show up. You will need a reliable anti virus software to protect your computer against viruses or trojan horses that may steal or manipulate your data. Certainly, you ought to keep your virus definition up to date as there are many new viruses born each day.

D) Have a spyware or adware detector too. Spyware and adware may not as deadly as the threats mentioned earlier.But they will slow down the performance of your computer and give chances to hackers to access to your data. Make it a habit to scan your computer regularly to remove these threats.


E) Firewall is essential when your computer is connected to the internet. It filters incoming and outgoing IP addresses to discard any unwanted and dangerous connection from internet.

F) Encrypt your confidential data.
Encryption is used to protect the data sent or stored from hackers who are trying to spy or manipulate the data.Whenever possible, encrypt your data , whether it is being sent or stored. Ensure that only the receiver and sender should have the key to encrypt or decrypt the data.


G) Always backup the important data. It's better to have a copy of your precious data at a secured place. Backup prevent your data from unsuspected hardware failures and natural disaster. Several ways to back up your data is by external hardisk, CD/DVD data storage, or rent an trusted online server.

H) Dispose the unwanted sensitive data properly. Deleting the files by pressing the delete button on your keyboard does not completely erase them from your computer. Clever hackers or attackers will be able to retrieve them in few seconds effortlessly.To prevent this from happening, be sure to discard the files in a proper and safe way.



There is no guarantee of total risk-free for your personal and financial data if you practices these all, but yeah, they will help ensure your electronic assets are safer. For further reading on this topic, please kindly go to the links listed below.



Passwords give painful headaches to many people, especially when the person has multiple passwords for multiple programs they have subscribed to. It annoys me sometimes because the main problem with passwords is that I tend to forget them.

Thus, in the effort to not forgetting them, users will opt to simple tings which could be remembered easily forever. For example, their dog’s name, first child’s name, birth dates, special occasions date and many more – anything that will give them clue to remember what their passwords is. This is the main factors of human habit that hackers used to gain access to people’s computer system. Without resorting to any specialized tools, a hacker can discover the basic personal information needed to hack into the person’s system by trying out all the potential passwords from it.

A good password is one that cannot be easily guessed. In the blog read, it stated “For better protection, it is safer to choose a password that is longer than 8 characters with one capital letter and one symbol.” I agree to that very much. Longer password means lesser possibility for hackers to crack the password used. It is generally recommended that passwords be between 6 and 9 characters. Greater length is acceptable as long as the system or application allows it. Most important of all, passwords longer than 9 characters are encouraged if the user can remember it. In a nut shell, longer is better.

Besides that, the user can also use a password with mixed-case letters, for example AppLEpiE. This will add the security to your passwords from being hacked easily too. Good passwords can also be added punctuations, alphanumerical characters because they are hard to predict. Random selections of letters and numbers are as
well very useful seeing that hackers could not foresee the possibility of that phrase would be used as a password. Moreover, passwords must also be able to be type in quickly. This is for the reason that it makes it harder for someone to steal your passwords by looking at your keyboard.

A common theme for passwords used should be easy for users to remember them. Avoid passwords that need to be written down in order to be remembered and never use short easy passwords for convenience purposes. It is a thousand NO to use real word for your passwords.



Related useful link:
> About.com - Creating Secure Passwords


om

As technology is getting more advances, everyone can easily access to the internet by just clicking one button. When a person connects its personal computer to a network and start communicating with others, the person is facing security threat such as computer viruses, Trojan horses and spyware. Most business that has made the move towards an online presence have experienced security threat to their business since the internet is a public system which each and every transaction can be tracked, logged, monitored and stored by hackers.

Security has three main concepts: confidentiality, integrity, and availability. Confidentiality allows only authorized parties to read protected information. Integrity ensures data remains as is from the sender to the receiver. Availability ensures you have access and are authorized to resources.

Computer viruses, Trojan horses and spyware are normally hidden in the useful programs with malicious intent. Computer viruses are a piece of software code which are able to insert itself into a host and designed to threaten or modify the actions or data of the host device or system without consent. On the other hand, Trojan horses appear to be useful but actually are the mask destructive program by stealing information, altering it or cause other problems to the computer. Spyware attacks are something that we are probably all familiar with, as they are the most common online security threat faced by Internet users. This is a simple program that is designed to steal information from your computer without your knowledge.

In today e-business world, online fraud is getting more popular due to the advancement of technology. Online fraud involves Internet transaction where user uses fake identity, qualification, recommendation letter etc. Identity theft is one major form of online fraud or misrepresentation. Thieves can steal users’ information such as name, credit card numbers and back account details to commit crimes and frauds with other people identity. This is one of the reasons for which it is critical for consumers and organisations to equip themselves with appropriate computer security tools which serve to prevent such interceptions. Alternatively, data theft is a term used to describe not only the theft of information but also unauthorised glance and manipulation of private data.

Well, there are many ways to terminate our data from being distorted without our consent and authorization. There are simple and effective ways to reduce the risk to an acceptable level without spending large amount of money.

i. Spam- Is a program or software which helps us to ‘cleans’ our emails of spam and removes viruses at the same time ensuring what we receive in our mail inbox is safe and relevant.

ii. Firewalls- Is a network designed to block unauthorized access while permitting authorized communications. This is a set of device that configured permit, deny, encrypt, decrypt or proxy all (in and out) computer traffic between different security domains based upon a set of rules.

iii. Anti-Virus software- Anti virus software are used to prevent, detect and remove malware including computer viruses, worms and Trojan horses. In addition, it may also prevent and remove adware, spyware and other forms of malware. Having a superior anti virus software is very important as it can help user to prevent their information from being stolen by hacker. There are many types of anti virus software such as McAfee VirusScan and Norton Antivirus.


In a nutshell, every individual plays an important roles in maintaining own data from being abuse and embezzle in order to enhance the internet security.

Related useful link:
- Georgia Tech
- Wikipedia
- TechFAQ
- IT Online

by, melsiew


Phishing: Examples and Prevention Methods

Phishing, in the field of computer security, is the criminal fraudulent process of attempting to acquire sensitive information such as user names, passwords and credit card details by camouflaging as a trustworthy entity in an electronic communication. It is a term which described hackers who imitate legitimate companies in emails to entice people to reveal their private and confidential information or data.

Phishing through fraudulent e-mails, will usually tells the targeted victim to verify their personal information or account details through a link provided in the e-mail sent. These e-mails will usually appear to be from a legitimate Internet address with a valid request.

Examples of Phishing
One example would be if you received an e-mail that is from your bank, requesting you to click on a hyperlink in the e-mail and verify your online banking information. There will also be a consequences stated in the e-mail for not following the link. The goal of the sender is clear and easy, which for you to disclose your personal and confidential information for their next misconduct performance. This type of e-mail scam is called PHISHING.

Another example: (adopted from chase.com)
T
o: Recipient
Subject: Add 50$ to your account in 2 minutes!

Dear Customer,
You are invited to take part in our nation-wide 5 question survey. Your time is very important to us so $50 will be credited to your account upon the completion of this survey.

Please note that no sensitive information will be required, collected or stored. The information will be used to further improve our services.

To take part please click here.

© 2008 JPMorgan Chase & Co.


More examples could be found from the Chase website.

There are also examples of phishing from the famous online website – eBay. One of the example was the member of eBay was told to respond to the message sent to confirm that the transaction was really void by mutual agreement. Once the respond button is clicked, the link will direct the user to an exact cloned eBay and personal information of that person will be stolen. For more examples, you may proceed to this link. It will lead you to more examples on phishing scams which occurred in eBay.

Besides phishing e-mails, there are also phishing websites. These websites will often have poor resolution, poor quality. This is because they are created with urgency manner and have a short span of life. Moreover, even if the website contains a link has a name which is familiar to you, it does not mean that it links to the real organization. Explanation from PhishTank said that you should read the URL carefully. The “https” shows a big deal. The “s” in the “https” stand for secure, which means the website is secured. If there is no “https”, you should be alarmed and alert, because the website is not secured and likely phishes. Of course, with the combination of the two factors mentioned just now. extract of the website is as follow:


Methods of Prevention
Tips on how to avoid the Internet scam known as phishing:

  • If you feel uncertain that it might be a legitimate e-mail, type the URL yourself to the Web Browser yourself. DO NOT click through the link from the E-mail received. This will provide you with accurate information about your account and allow you to completely avoid the possibility of landing on a spoof Web site and giving your information to someone you shouldn't.
  • Before submitting financial information through a Web site, look for the "lock" icon on the browser's status bar. It means your information is secure during transmission.
  • The golden rule to avoid being phished is to never ever click the links within the text of the e-mail. Always delete the e-mail immediately. Once you have deleted the e-mail then empty the trash box in your e-mail client as well. This will prevent "accidental" clicks from happening as well.
  • If you are uncertain about the information, contact the company through an address or telephone number you know to be genuine.

More on how to the details of phishing and how to prevent it, these are some very useful websites which you can learn more about Phishing:


> Watch Out for "Phishing" Emails

> Anti-Phishing Working Group (APWG)

> All About Phishing



om

Amazon.com - The Success and Reasons

Starting a business is easy, as long as there are enough modals and resources. But, maintaining a business and making it into a success is the hardest part in the business life cycle. This concept is even harder to fulfill in the electronic business world – E-commerce.

“Some business models may appear logical on paper, but it may not work online,” quoted Blooming.com.my’s managing director, Martin Cheah.

An example of a successful E-commerce website I would like to discuss is Amazon.com. Amazon.com, inc. a Fortune 500 e-commerce company is based in Seattle, WA. The company was founded by Jeff Bezos in 1994. Since it first kick start online in the year 1995, Jeff Bezos and his handful of employees spent late summer nights packing books in a tiny warehouse, scrambling to ship a growing gush of orders. They started out as an online bookstore and then diversified by adding other items, such as VHS tapes, DVDs, Music CDs, Software, video games, electronics, MP3s, clothing, furniture, toys and even food items.

Amazon has nearly 49 million active customers. With $6.92 billion in sales in 2004, Amazon ranked at the top of Internet Retailer's annual top 400 list, well ahead of computer maker Dell Inc., which posted $3.25 billion in online business-to-consumer sales. Office Depot Inc., which has a partnership with Amazon, was not far behind with $3.1 billion. The company remains profitable with $8.5 billion in 2005 and $10.7 billion in 2006. On January 15, 2009, a survey published by Verdict Research found that Amazon was the UK's favorite music and video retailer, and came third in overall retail rankings.

Reasons of Success
The main reason for Amazon.com success is because of its focus on customer’s experience. This factor is infused in all levels throughout the company. Amazon’s emphasis on customer’s experience as a team’s responsible, not a person’s responsible. Customer’s experience is a combination of listening really hard to the customers and innovating on their behalf. They will make adjustments to their services to make their customers more confident and comfortable with buying online. Amazon.com has a Web metrics group that is responsible to measure sales metrics and monitor them in various increments of time – by the minute, by the day, or longer. The interview with
Maryam Mohit from Amazon.com tells us more.

Besides that, motivation is also a very important factor that gave a minority contribution to the success of Amazon.com today. When Amazon was struggling to make profits for the first time, only its founder Jeff Bezos believed that the business goal could be achieved in a year's time. Everybody was astounded when Jeff Bezos
achieved his goal after one year.

Amazon changed the way it operates its business throughout the years. First, it was an online book seller. Then, it expanded into selling other items which its customers are demanding for. Amazon has constantly evolving its product lines, which makes its competitors having a hard time catching up. When the Internet's stock market bubble burst, Amazon re-structured.

More on the reasons of its success, Jeff Bezos took the opportunity to embrace the technology. When the company went public in 1997, skeptics wondered if an Internet-based start-up bookseller could maintain its position once traditional retail heavyweights like Barnes and Noble or Borders entered the Internet picture. The skeptics see Amazon’s rapid growth move as a doom factor, but a few analysts sees it as “one of the smartest strategies in business history”.


For more details, these are some useful links which will explain further on the survival of Amazon.com, Inc. throughout the years:

>>
How Amazon.com survived, thrived and turned a profit

>> Amazon: E-Commerce Success Story

>> Inside the Mind of Jeff Bezos




om

Flop of Pets.com


You may have heard of plenty of E commerce success such as Google, Amazon, Ebay. But did you know that there are many E commerce flops as well? Here, you'll see Pets.com as an example.

Pets.com was an short-lived online enterprise which used to sell pet accessories and supplies directly to customers. Short enough that the company lasted for merely 2 years, from it launch till its liquidation. The company had plenty good things going that could make it as famous as Google. It had major investors included Amazon. It had a well-design website that attracted customers. It even went public only a few months after its initial launch. Sadly, Pets.com lost the gamble. It decided to close its doors in November, 2000 just two years after its launch. Why had the company failed? Following are several reasons.

Overestimation of potential market
The company may have overestimated the number of online customers it could gain in the pet market. Pets.com spent millions on warehouse space and trying to obtain the online pet supplies market through various marketing techniques. It assumed that the market and its revenue would grow quickly enough to allow for a profit. Unfortunately, the market was not large enough and did not grow fast enough before funding money was exhausted.

Excessive spending on marketing and advertising
Marketing and advertising are nice. But excessive marketing and advertising might lead you to downfall. During its lifetime, Pets.com could barely bear its expenditure on marketing and advertising. Simply because it spent way too much - more than $70 million on marketing and an average of $400 to acquire each new customer. Moreover, because the company had to undercharge for shipping costs to attract customers, it actually lost money on most of the items it sold.

Poor customer position

The company never really gave customers a good reason for its existence. Nor did it explain clearly a reason to buy supplies online.Customers were not motivated to get the pet supplies online because they could just get the same thing at the local actual pet shop in much more a convenient way.

Lack of an unique competitive advantage
Although Pets.com had the advantage for being the first of virtual pet stores to penetrate the online market, it did not really offer something that could differentiate itself from its rivals. Basically, the company had no special reason for customers to choose it over the other rivals.

After reading the E-Commerce textbook chapter 1 pg.38, I recognized that Google is the most successful E-Commerce (EC) company in today world and it has influenced our daily life greatly. Google aims to deliver technologies to manage world’s information and make it globally accessible and informative. Google’s has both useful and well-organized IT and EC management strategy. This is one of the reasons why it is successful than its competitor. Besides that, it also expands rapidly than its competitor. In addition, Google make revenue quickly than other EC companies. Google is the most helpful search engine to search for beneficial resources especially for student like me to search information when doing assignment. Furthermore, Google also offers advertising tools. Its related-targeted advertising tools provide the advertisers much more proceeds per click in search outcomes than other EC companies.


Morever, Google also provides many other products such as Google Spreadsheet. Google Spreadsheet is a free Web-based application that can be shared with up to ten users at the same time and easily for users to input and share data. Google Spreadsheet is aimed at small work teams in social situations or small businesses, but not big organization. This program is intended to assist people arrange their own information and make it more simply accessible by others via the web. Data in the spreadsheets are saved automatically with each user action over the Web onto Google computer servers. Google also offers several user productivity applications other than Google Spreadsheet, such as Writely word processing application and Google Calendar.


Besides that, Google also provides an online database service called Google Base which allows Google users to upload a variety of information online. Google Base is examined by analysts as a stepping stone into organized e-advertising, an e-commerce activity, by assisting users figure out relevant information on Google’s main search index, its Froogle shopping comparison tool and Google Local search.


During year 2006, Google developed into the software business, presenting Google Office. There are many different types of Web programs, including e-mail and communication. In addition, Google provides Google Earth, Google Maps and Google Mini. Based on my opinion, Google really can impact our work and life without our notice and will causes inconvenience in our daily life if without Google. And I believe that it will continue improve in the future to make it remain successful among its competitors and contribute more efforts in satisfying its users’ needs.

E-commerce revenue model describe how the firms earn revenue, generate profits and produce a superior return on invested capital from the publisher's websites. As e-commerce develop into a more advanced approach, the traditional revenue model of sales is expanded to more variety of revenue options and e-commerce business model. There are five (5) major types which are advertising revenue model, subscription revenue model, transaction fee revenue model, sales revenue model and affiliate revenue model.


The core revenue of Google came from advertising and the supreme source of revenue to Google is Google AdWords ($21 billion in 2008). Google allowed website owners to advertise on Google search result pages through a program they call Google AdWords. Advertiser will customized their own advertisement and determine how much they will pay for each click on their ads, where the ad will run and how long it will last. These ads will appear on Google's search results, on websites, virtually anywhere a web page can be served. AdWords offer pay-per-click (PPC) advertising and site-targeted advertising for both text and banner ads. PPC is an Internet advertising model used on search engines, advertising networks, and content sites, such as blogs, in which advertisers pay their host only when their ad is clicked. The Advertisers decide the keywords relevant to their offer that should display their ad and the maximum amount they are willing to pay per click for that keyword. Moreover, this enables advertisers easily to sign up and manage an account online.

Amazon.com is the well-known web which was the first major companies to sell goods by Internet. The fundamental revenue of Amazon.com is by generating sales revenue by selling books, computer software’s, video games, etc online. In addition, Amazon.com sanctions independent sellers to sell new and used items under a fixed-price basis on Amazon website via Amazon Marketplace. Amazon will charge a minimal fees based on the sale price, transaction fee and variable closing fee.

Additionally, Amazon.com also generates affiliate fees through Amazon.com Associates. This is a place where can earn up to 15% in referral by advertising Amazon product through Links & Banners, Widgets, and AStore. AStore is an Amazon.com affiliate product which website owners can use to customize an online store on their site in minutes and without the need for programming skills. However, website owner does not allow selling their own product directly but picking products offered by Amazon’s Store and earn referral fees on the products purchased by the reader.


eBay.com is an online auction and shopping website which allow peoples over the world to buy and sell variety of goods and services over the internet. eBay revenue model is totally different from Google and Amazon.com. eBay generates most of its revenue through various sources of fees. There is a list of fees that charged by eBay when customer would like to place an item for sale or auction such as fees to list a product (Insertion Fee) and fees when the product sells (Final Value Fee) plus several optional adornment fees.

In addition, eBay now owns the PayPal payment system which has fees of its own. PayPal is an example of a payment intermediary service that facilitates worldwide e-commerce. It allow user to execute online payment process to online vendors, auction sites and other commercial users for a minimal charges of fee. Besides that, eBay also runs an affiliate program beneath the name of eBay Partner Network. Fees are paid a percentage of the eBay seller's transaction fees. The payout is 50% to 75% of the fees paid for an item purchased.


by, melsiew

more info at:-

- online business

- organic spam

- taming the beast

- boutell

- parand



nuffnang..