Posted by: Shofiur Rahman

Posted on: June 20, 2012 4:00 pm


Creating a security policy

An ecommerce website security policy is a manuscript that explains

  • The common idea towards security in your ecommerce website.
  • What is to be protected (e.g. software, hardware, data)
  • Who is accountable for defending these items
  • Standards for security and metrics, which quantify how well those standards are being met

A good guideline for writing your security policy is that it’s like writing a set of functional requirements for ecommerce website. The policy should not have a discussion about exact implementations or solutions, but instead about the goals and security necessities in your environment.

You should maintain a separate document that sets out strategies for how the requirements of the security policy are met in a specific environment. You can have different policy for different parts of your website. This is more along the lines of a design document or a course of action manual that documents what is actually done in order to make sure the level of security that you require.

Shofiur Rahman

Shofiur Rahman

As a professional web engineer, Shofiur is our Lead Web Developer and boasts years of experience with relevant applications and software. He is in the perfect position to bring our readers up to date with the latest development trends, including ideas relating to the Web 3.0 concept.