http://www.star.com.jo/viewNews/DetailNews.aspx?nid=2775 The Star August (10-16) 2006 Poor security, lack of original content and bad design on Arab websites are seriously hindering the development of e-commerce in the Middle East, according to a group of organisations, which have joined forces to develop quality standards for the region's internet industry. Dubai Internet City (DIC) and eHosting Datafort have formed Interstandards, the Arab Internet Standards Organisation (AISO), as a joint inititative to develop a certification programme for Arab commercial websites in association with the British Standards Institute (BSI). The organisations believe that the Arab world's internet industry is plagued with inadequacies, including the lack of even basic security standards on some websites. Evidence of the latter comes from "ethical hacking" actions carried out by eHosting Data fort during security audits on the IT systems of more than 30 organisations in the region over a four-year period. According to the company, the actions, which involved it acting as a "white hat" hacker by exploiting vulnerabilities to enter the organisations' IT systems, were "99% successful". Ahmed Baig, manager of security consulting at eHosting Datafort, said: "What we do is we try to act like a typical hacker and try to penetrate into the corporate networks of the client." 'We actually gain the proof of our penetration through our records that we gather through the testing process," he continued. "We have been successful almost all the time - it very clearly indicates that the basic level of due care and diligence is lacking in most of the networks," he added. Baig went on to say that some companies tested by eHosting Data fort did not even have monitoring systems in place to indicate they had been hacked, only discovering months after an attack had taken place that they had been hit. "We have found some companies where the clients have been hacked for a few months and they are not even aware that they have been hacked," he claimed. Baig believes that developing standards to improve the security of the region's websites will go a long way to addressing what the companies perceive as a lack of trust among users in carrying out transactions online. This insecurity among users is one of the main factors hampering the development of e-commerce in the region, he claimed. "Basically, currently the main obstacle between us and a very viable Arab e-commerce market, like the one that is in the US for example, is confidence level of the users," he stated. "The main obstacle remains trust and confidence for the users and today they do have a reason to be worried because very few websites in the Arab world are providing secure platforms for commerce transactions," he added. The companies are still working with the BSI on developing the certification standards, which will cover design, content, marketing, applications and security. They hope to have certified 50 companies by the middle of next year and say a number of companies have already registered for certification, including aljazeera.net, maktoob.com, tejari.com and albawaba.com. As well as security issues, the companies hope to address issues around the poor content of the region's websites - much of which they claim is copied or pasted from its original source on other sites, and breaches copyright laws. n99 percent of Arab websites are insecure The Star is a registered trademark. © 2003 Jordan Press & publishing Co. All rights reserved. _________________________________ Visit the InfoSec News store! http://www.shopinfosecnews.org
This archive was generated by hypermail 2.1.3 : Wed Aug 16 2006 - 01:22:18 PDT