- slide 1 of 2
Amazon Information Security - THEN
E-Commerce websites have to collect certain pieces of personally identifying information in order to process transactions. Amazon.com is no different. However, the technology they use to secure this information has evolved in recent months in an attempt to attract not only the every day consumers but also large enerprises. But to understand where they are now, let's first look at where they've been.
There are basically 5 pieces of information required to complete any online transaction:
- Name (matches name on credit card)
- Physical address for shipping and authentication (matches address of card holder)
- Email address (for sending purchase receipt and order confirmation)
- Credit card number
- Credit card expiration date
Once you enter this information and click on the button that completes your order, the data is transferred via SSL (Secured Socket Layer) protocol. SSL is a data encryption method that can exist on both the client and server side. Essentially it takes sensitive data that you enter, encyrpts it into a secure format, transmits it across the internet in that secure format, and is finally decrypted on the receiving end by the destination server. Amazon uses SSL for the transmission piece and more advanced data encryption methods to protect customer data stored on their servers.
- slide 2 of 2
Amazon Information Security - NOW
The term "cloud computing" seems to be the new catchphrase in the online world. However, the technologies behind it are constantly evolving and subsequently becoming more reality than fantasy. This new movement is a sort of re-centralization of computing power. For example, companies such as Google are developing operating systems that operate within the cloud. What does this mean for you, the end user? Well essentially it means that your operating system (think Windows Vista, Windows 7, Mac OSX, Linux Ubuntu) will run on a server that exists in the cloud rather than on your PC's hard drive. That being said, software you purchase will run on your operating system that exists in the cloud as well. Your PC will eventually become a "dumb terminal" that simply acts as a gateway to your life in the cloud. Granted, this concept seems very lofty and neatly packaged but if you're like me, this loss of control can be unnerving. So let me put your mind at ease. As the heart of the computing experience moves further away from the home PC and into the clouds, the security with which it's protected will continue to grow.
In Amazon's case, they are attempting to attract a new type of customer: the enterprise. The goal is to develop cloud technology and services that would allow a business (large or small) to sort of "piggy-back" their own little Amazonian store-front on the existing Amazon infrastructure. Using existing technologies like VPN and token authentication, businesses can remotely access and control their store-fronts giving them a larger span of control of their e-commerce operations. Judging by what I've read on this new initiative, these services are just around the corner so so keep your head in the clouds!