While access controls and user authorization protect stored data and components, an important security factor in any e-business environment is protecting data while it is in transit.
TCP/IP is the primary transport protocol used in client/server computing, and is the protocol that governs the transmission of data over the Internet. TCP/IP uses intermediate computers to transport data from sender to recipient. The intermediate computers introduce weak links to the communication system where data may be subjected to:
Eavesdropping – information remains intact, but privacy is compromised. For example, someone could learn your credit card number.
Theft – the information never reaches the intended recipient.
Tampering – information in transit is changed or replaced, then sent to the recipient. For example, someone could alter an order for goods.
Impersonation – information passes to a person who fraudulently poses as the intended recipient.
The means to protect data while in transit are many, and the appropriate method depends on the sensitivity of the data and your users.
