Components of Web Design 13 – Threat Prevention – U21-M1

Encryption: It is the process in which it takes important data that is stored on a website such as a password for example, where it then scrambles each of the characters of the password through the use of complex and hidden code which a website is utilising. This makes all of the data both very hard to understand by a possible intruder especially since all modern encryption software use algorithms which involve them jumbling up each character with another character/number/symbol. As modern hacking as advanced significantly in the past decade it requires the encryption to randomise every character even if they are same, for example the two L’s in the word Roll could both be @ and 9. The act of encrypting doesn’t just limit itself to making passwords more complex and hard to comprehend, they are used other types of sensitive information, for example whenever you use Cloud storage there is a layer of data encryption that makes it harder to intercept your data and interpret it. Although cloud storage is different as that is more complicate with the storage method relying on a internet connection (wired or wireless). Returning back to the context of a website another use of encryption can be with SSL (Secure Sockets Layer) encryption, this method is utilised whenever data is sent to and away from a website. This prevents any of the data being at risk of interception while it is being sent from the sender to its intended destination.

Password Complexity: Although this sounds as if it would only apply to the user, it has the potential to apply to the website developer(s) as well. Depending on the type of website which is being created or already in use it might a website that involves the use of passwords in order to access the content/additional features. An examples of this is with an online marketplace requiring the user the login to account in order to purchase any products on the website, otherwise be forced to either be restricted to just viewing the website or create an account in order to do so. For a website to maintain its level of security most implement certain requirements into their password creation input box, as this in the internet of both parties it is best to suggest the user utilise the three types of characters available on a keyboard. Although most websites only utilise two (letters and numbers) there is also the additional request made for the use of capitalisation with the letter characters as when it is encrypted the capital letter and lowercase would be selected different values adding more security of the users data. The other reasoning behind requiring secure passwords on their websites is a form of a preventive strategy by those owning the websites. As an example if a user ignored the advice whilst in the password creator their account and information is at a greater risk than someone who is following the suggestions. If a account of a user did end up becoming compromised because of the former reason this would possibly create a rabbit hole of information being stolen (personal name/surname, address, bank card details) which could not affect the use on a personal level possibly having something of their stolen. It would leave the website potentially liable legally for any damages caused.B

Security Software/Plugin: As a website is constantly on show to the entire internet and everyone who has access to it, it means that along with taking security measures like the ones discussed above there must be consideration into additional software that is responsible for maintaining the security of the website as well as the users. There are different types of software that can be used that cover different aspects of security for a website and its users (some are listed below).

Antivirus: This would be used to prevent any unauthorised entry into your website through any sort of backdoor, although this wouldn’t be used directly on the website instead being used on the devices which are used for developing the website it is still equally as important as security on the website itself.

Network Security: Whilst not a single method/solution securing the network that is used for accessing your website among other software and information. As your devices run off of a network it means that a hacker could potentially access your information by accessing your internet network. There are a few ways in preventing this from happening, with the most popular being Firewall, Encrypted Wi-Fi, and AntiMalware. The firewall would only allow for authorised devices to access the private network through either a hardware or software solution, there are many methods in which a firewall could go about this. With the most common methods/types being Packet Filtering, Circuit Level Gateway Implementation, Proxy Server Acting, Web App Firewall. The use of AntiMalware whilst sounding rather simplistic with what its functions are it is able to defend a computer and website from dangerous and still relevant malware, this is especially critical after realising the different types of malware and the ways in which they attack your computer and data. Meaning that having a solution to some of them is a significant blessing.

The use of an encrypted Wi-Fi network is more of a common standard used with network security, although not an official standard by any standard organisation they are incredibly common with network providers as it is seen with internet packages. How the encryption itself actually works in comparison to the other types of encryption that have already been discussed in previous pages, the basics of encryption are still maintained with the changing of data as to ensure that none of it can interpreted. Where it differs is the information that is being encrypted as unlike previous encryption examples where a single group of data is manipulated making it unreadable and more secure, Wi-Fi encryption encrypts the information/data that is both transferred between a computer and the wireless router that it is connected. Of course as the name implies this encryption would be available when connected directly to the router as the data would have no where else to go than straight from each destination. The two widely used types of Wi-Fi which are used quite commonly within network security, the first of the two being WPA (Wireless Protected Access – Adopted in 2003) which utilises a 256 bit key system for accessing the network, it was also quite unique with its ability to check the integrity of any messages (data packets) sent from the computer to the router. These were considered a massive over its predecessor WEP (Wired Equivalent Privacy – Adopted September 1999 – Retired August 2004) which could not scan data packets going to and from a computer and router, as well as only having 64 bit and 128 bit encryption. The second encryption type WPA2 (Adopted 2006 – Based on 802.11i Technology) is considered to be a very strong encryption as it includes the some of the most modern standard created and is much more efficient than WPA, for example if an individual was within range of the network and connected they everything would be encrypted making viewing the traffic useless.

Bibliography

https://www.creativebloq.com/web-design/website-security-tips-protect-your-site-7122853

https://us.norton.com/internetsecurity-privacy-what-is-encryption.html

https://www.commonplaces.com/blog/8-simple-ways-to-improve-your-website-security/

https://www.securedatarecovery.com/resources/the-importance-of-strong-secure-passwords

https://www.getsafeonline.org/protecting-yourself/passwords/

https://kb.iu.edu/d/aoru

https://www.pcworld.com/article/130330/article.html

https://www.howtogeek.com/167783/htg-explains-the-difference-between-wep-wpa-and-wpa2-wireless-encryption-and-why-it-matters/

https://www.lifewire.com/what-is-wpa2-818352