indonesian e-commerce requires scalability, reliability and security to achieve optimal end user...
TRANSCRIPT
idEA E Commerce Short Course Sutedjo Tjahjadi
Managing Director, Datacomm Cloud Business
cloud.datacomm.co.id
E-Commerce Sales Growth
Source: Internet Retailer Top 500 | eMarketer | SHOP.org State of Retail Online Report 2014
E- Commerce di Indonesia
E- Commerce Infrastucture Options
Hosted e-Store
DedicatedHardware
Cloud Computing
E-Commerce Platform Consideration
5
Scalability Reliability User ExperienceSecurity
E-Commerce Facts
6
OF ONLINE RETAILERS WORRY THAT their current eCommerce platform can't support their global goals.
78%STUDIES SHOW THAT PAGE LOADS
OVER 2 SECONDS NEGATIVELY AFFECTS CONVERSATIONS
OF RETAILERS HAVE DIFFICULTY INTEGRATINGback-office technology across their channels
40%WITH ECOMMERCECan Deliver An Omnichannel* Customer Experience
40%ONLY
Source : -CenturyLink internal survey-Statista: http://www.statista.com/statistics/232285/reasons-for-online-shopping-cart-abandonment
* Omnichannel is the use of a variety of channels in a customer's shopping experience including research before a purchase.
OF CUSTOMERS stated that DATA SECURITY is a major factor when they choose who to shop from online
50% of customers abandoned their shopping cart due to concerns over PAYMENT SECURITY
17%
7Cost in lost traffic or revenues when a customer-facing website is down for one hour
Cost in lost traffic or revenues when a customer-facing website is down for one hour on Cyber Monday
Source : http://www.emc.com/collateral/analyst-reports/h12493-ar-2013-ecommerce-cyber-crime-report.pdf
E-Commerce Facts
8Source : http://www.emc.com/collateral/analyst-reports/h12493-ar-2013-ecommerce-cyber-crime-report.pdf
E-Commerce Facts
9
Scalabil i tyReliabil i tyWe guarantee superior
performance and uptime SLA 99.99%
Our platform enables you to increase or decrease
capacity within minutes, not hours or days.
Agility Means
10
Autoscale your infrastructure
Horizontal Autoscale
Ensure the number of servers increases automatically during
demand spikes to maintain performance, and decreases
automatically during demand lulls to minimize costs.
Efficiently Respond to Peak Usage with Autoscale
Vertical Autoscale
Automatically rightsize the compute capacity of your servers during
demand spikes and lulls.
Scalability
Scalable
11
Automatically respond to Peak Usage with Autoscale
Vertical autoscale Horizontal autoscale
Scalability
Cloud - Automate IT Operation
12
Control Portal & API. Our intuitive management interface reduces the time required to administer cloud environments. In addition, API enables integration with existing IT systems.
Orchestration & Environment Templates. Use Cloud Blueprints to automate common deployments, and create your own custom templates to replicate in future rollouts.
Self-Service. Create and manage complex cloud environments with seamlessly.
Automate Routine Tasks. Patching, disaster recovery, and other activities can be done in a fraction of the time with Control Portal.
Automation
Cloud Management API
13
Security Trend
• Increasing threads, increasing complexity and easier to plan the attach !!
14
Common e-Commerce Lifecycle
Technical Elements of e-Commerce Strategy
Source: Rackspace, Building Your e-Commerce Strategyhttp://www.rackspace.com/knowledge_center/whitepaper/building-your-ecommerce-strategy
1
Pemilihan Platform, termasuk strategi re-platforming
2
Security dan compliance, sesuai standar industri
etc
....... ....... ....... ....... ....... .......
....... ....... ....... ....... ....... .......
....... ....... ....... ....... ....... .......
Why e-Commerce Need Security?
Customer sangat memperhatikan keamanan data, privacy, dan keamanan pembayaran
50% 80% 17%
50% customer menyatakan bahwa keamanan data
adalah faktor utama ketika mereka memilih tempat
belanja online
80% customer memilih untuk belanja dari online shop yang
mereka rasa dapat memberikan keamanan terhadap informasi
personal mereka
customer membatalkan belanja mereka karena
khawatir terhadap keamanan pembayaran.
Sumber:1.Deloitte University Press: http://dupress.com/articles/consumer-data-privacy-strategies/2.Statista: http://www.statista.com/statistics/232285/reasons-for-online-shopping-cart-abandonment/
E-Commerce Security Breaches
The malicious software, or malware, was placed on Home Depot point-of-sale terminals, or cash registers, from April to September, the company said in a news release. The malware was found in Home Depot stores in the USA and Canada.
E-Commerce Security Breaches
In the Target breach, hackers were able to steal information on up to 110 million customers during the holiday shopping season, including the financial information of up to some 40 million people.
E-Commerce Security Perspective
Customer Perspective
•Data and information security
•Privacy
Platform Perspective
•Code and Database Security
•Web Security•Payment Security•Fraud Prevention
System Perspective
•System Hardening•Patch and Update Management
Network Perspective
•Detection and Prevention System
•Perimeter Security•Access Control
What Can You Do?
Ada banyak pendekatan dalam keamanan e-commerce. Dengan adanya sertifikasi standar keamanan dalam industri, hal tersebut dapat dijadikan tolak ukur.
Menyatakan bahwa Anda memiliki sistem dan metodologi yang dapat
menjamin keamanan informasi perusahaan.
Menyatakan bahwa sistem Anda terlindungi dalam hal keamanan, ketersediaan, kerahasiaan data,
dan privasi
Standar yang dibuat untuk meyakinkan pelanggan
mengenai keamanan informasi kartu kredit mereka.
Sebagai penyedia jasa e-commerce, memiliki semua sertifikasi di atas merupakan hal kunci, namun sertifikasi PCI DSS adalah hal yang harus Anda fokuskan.
PCI DSS Requirements
Firewall Management
Vendor Default Controls
Data Protection
Data Transmission
Encryption
Anti-virus Controls
System and Application
Security
Data Access Controls
Personal Access Controls
Physical Access Controls
Data and Network Access
Controls
Security Testing
Organization Policy
PeoplePolicy
ProcessPolicy
Technology Policy
Build and Maintain Secure Network
Protect Cardholder
Data
Vulnerability Management
Program
Strong Access Control
Measures
Monitor and Test Network
Information Security Policy
What We Can Help
Link Encryption, Token Based,
Access Control, Intrusion Detection
Firewalls, Content and Malware
Protection, System Authentication
User Authentication,
Smart Cards and Token, Content,
Assurance, Privacy
Secure Application Portals,
Permissions Management,
Single Sign-On
Open Domain PKI, CA, Transaction Signing, Trust
Schemes, Messaging
Trusted Business Applications, Payments, Brokerage, Exchanges, Tendering
Consulting, Design, System Integration, Vulnerability Management, Monitoring
PKI, Smart Card, Digital Signature, Certificate Processing, Mobile
Trust Application Development
Terima Kasihwww.idea.or.id