Comercio Electronico

Honelako gehiago

garantias individuales

by kevin yañes

Tipos de vacunas

by Lina Maria Pineda

Derechos de los niños y adolescentes

by Victoria Rodriguez

SEGURIDAD DE LOS EMPLEADOS. RIESGO PUBLICO.

by Antonio Castañeda Delgado

Type in the name of your web site and press Enter.

Soluciones Tecnológicas

Protección de servidor y clientes

Service Level Agreements define the reliability and capacity of service and are usually part of an agreement with a web site hosting company.

Are there specific terms that you will require? Think about:

Number of concurrent users on the site
Storage space required
Bandwidth per month
Percentage uptime

Add an action that you need to take to establish SLA metrics for your site.

Software antivirus

Mejoras a la seguridad del sistema operativo

Protección de las redes

Include a back-end connection from the suggestions or add your own.

CMS databaseAuto-responder systemE-commerce paymentsStock control systemPermissions-based content

Firewalls

Aseguramiento de los canales de comunicación

Redes Privadas Virtuales (VPN)

Capa de sockets seguros (SSL) y seguridad de la Capa de Transporte (TLS)

Limitaciones a las soluciones de cifrado

Certificados digitales e infraestructura de clave pública (PKI)

A secure server and HTTPS encryption may be needed if you are handling:

Payment information
Logins and passwords
Sensitive information, e.g. financial, health or other personal details

Add notes about actions you will need to take about using a secure server.

Envolturas digitales

Web sites can be implemented in a variety of ways. Choose from the suggestions or add your own.

Content Management System (CMS)Custom codedHosted on own serversHosted on third party servers

Cifrado

What browsers will your site need to support?

It is difficult to support all browsers as technologies change. Many web sites declare older browser versions as unsupported.
Add included or excluded browsers and versions.

Cifrado de clave pública por medio de firmas digitales y resúmes de hash

Cifrado de clave pública

Estándar de cifrado avanzado (AES)

Estándar de cifrado de datos (DES)

Cifrado por clave simétrica

Cifrado por transposición

Cifrado por situación

Texto cifrado

Protección de las comunicaciones en internet

Add information about the formats your site will need to support.

Think about:

Accessibility guidelines and requirements (e.g. WCAG guidelines to ensure sites are accessible a range of abilities)
Support for low-bandwidth users
'Adaptive' layouts for mobile devices
Target screen resolutions
Content ratings or age verification

Amenazas a la seguridad

Aspectos de seguridad en la nube

Aspectos de seguridad en la plataforma móvil

Aspectos de seguidad en las redes sociales

Software de servidor y cliente mal diseñado

Ataques internos

Husmeo (Sniffing)

Ataques de denegación de servicio (DOS) y ataques distribuidos de denegación de servicio (DDOS)

Sitios web de falsificación y spam

You should carry out a basic regression testing after making significant changes to your site or the back-end technology, in case some disruption has occurred.

Think about:

How you will be notified of changes that should trigger regression testing (e.g. database upgrade, platform upgrade, revisions to the product catalog, changes to e-commerce, etc.)
Defining a basic set of regression tests that verify that your site is functioning correctly

Fraude y robo con tarjetas de crédito

Links tend to go stale over time and need periodic testing. Add a note about on you will detect broken links.

Options include:

Providing a reporting function on your site
Manually testing against a schedule
Running an automatic link testing tool

Pirateria informática, vandalismo cibernético, hacktivismo y filtraciones de datos

You will need to test against your supported browsers, especially after updates. Add some notes about how this will be achieved.

Think about:

Maintaining your list of supported browsers
Notifications of updates, so that you can test new versions
Establishing a test platform with browsers installed
Cross-browser testing stacks & tools
HTML validation services

Sombreros grisses

Sombreros negros

Sombreros blancos

Cracker

Pishing y Robo de Identidad

When performing tests, or receiving feedback on the technical aspects of the site, how will you collect and track issues?

Think about:

Capturing screenshots
Using mark-up software that lets users add comments to a site
Logging issues and their current status
Scheduling fixes
Logging changes and fixes against a site version or last-update date

Hacker

Pushing

Ingenieria social

Programas Potencialmente Indiseables (PUPS)

What are the criteria for accepting the site?
How will this testing be carried out?
Who will do it?

Add some information about acceptance testing.

Spyware (Programa espía)

Parásito de navegador

Adware

Código Malicioso

You will need to test the usability and user stories that the site should deliver.

Think about:

Having a representative panel of users
Organising supervised test situations
Preparing test scenarios and instructions
Analysing issues and making improvements
Analysing site statistics to see how users navigate
Analysing feedback from the site to make improvements to the design and navigation
Using software to support user testing

Botnet

Bot

Puerta trasera

Caballo de troya

Gusano

Virus

Ataque drive-by download

Sistemas de Seguridad

Disponibilidad

Privacidad

Confidencialidad

Your web site will need to be regularly monitored to ensure that problems are detected early.

Think about:

Monitoring outages and slow response with automated software
Monitoring for hacking or security breaches
Schedules for a 24x7 response if necessary

Add actions to establish monitoring and response for your site.

Autenticidad

No reconocimiento

What will be your process for managing change on your website?

Think about:

How changes will be identified and logged
Who will do them and how often
How they will be tested
How they will be authorized for release
How they will be rolled out without disrupting the user experience

Add an action needed to establish change control.

Integridad

Identify the sources of change on your website.

Think about:

User feedback
Marketing campaigns
Changes in products and services offered
Improvements from analysis of usability feedback
Changes incorporate style or logos
Changes in your organization that need to be reflected in the web site

Add a source of change for your website.

Sistemas de pago

Facturas electrónicas

Proveedores de infraestructura

Consolidadores

Sistemas directos del emisor

Usados en la actualidad

Efectivo digital y monedas virtuales

Sistema de pago moviles

Servicios de pago alternativo

PayPal

Transacciones en línea realizadas con tarjeta de credito

Tradicionales

Saldo acumulado

Valor almacenado

Tarjeta de crédito

Transferencia de cheques

Efectivo

Iniciativas gubernamentales para regular y controlar el cifrado

Pirateria informática oficial

Acceso legítimo y divulgación obligatoria

Esquemas de depósitos de claves y de recuperación de claves

Exportación restringida de sistemas de seguridad sólidos

Legislación estadounidense sobre seguridad en el comercio electrónico

Ley de Seguridad del Territorio Nacional (2002)

Ley USA PATRIOT (2001)

How will you visualize your site structure and design?

You could use:

Wire-frame software
Graphics or block diagrams
Hand-drawn sketches
Sticky notes

Your design should show the flow of typical actions and focus on making these as simple as possible.
Add some notes about communicating your site layout and design.

Ley de Firmas Electrónicas en el Comercio Global y Nacional (“Ley E-Sign”) (2000)

What business processes will your web site trigger? Who will do these, and how?

Think about:

Responding to inquiries
Fulfilling orders
Providing customer service
Providing product support & warranty services
Communicating with partners and channels

Add some notes about business processes that your web site will link to.

Ley de Mejora a la Seguridad Informática (2000)

Ley de Seguridad Electrónica en el Ciberespacio (2000)

Ley de Modernización Financiera (Ley Gramm-Leach-Bliley (1999))

Ley de Portabilidad y Responsabilidad de Seguros Médicos (1996)

Add references to sites that you like or dislike, with reasons.

Ley de Protección a la Infraestructura de la Información Nacional (1996)

What website site are you aiming at?

How will you brief the designers?
What kind of impression do you want to create in the first few seconds?
Do you want a casual and friendly site?
Do you want a professional, conservative business-to-business site?
Do you want a reliable business-to-customer site?

Add some notes about the style for your web site.

Ley de Privacidad para las Comunicaciones Electrónicas (1986)

Add the site name, if chosen. If not, then a site name based on preferred keywords should help with search engine optimisation.

Ley de Abuso y Fraude Informáticos (1986)

What keyword research has been done or needs to be done? What terms are your target audience searching for?

Selected keywords will be needed for page names, body text and alt text for images, which will help with search engine optimization.
Add some notes about keyword research for your site.

El papel de las leyes y políticas públicas

Políticas y controles gubernamentales sobre el software de cifrado

Esfuerzos de cooperación privados y privados-públicos

US-CERT

Centro de coordinación del CERT

Who are your target users?
Add a market segment that reflects specific users.