RSA Security White Papers

Organizations are continually challenged with how to best support a diverse and geographically distributed community of remote users. This task becomes even more acute during an interruption to the normal cycle of business – such as what might happen during a pandemic or natural disaster when large numbers of users must be deployed to work remotely.

At the end of 2007, the Federal Trade Commission (FTC) and five federal bank regulatory agencies (FDIC,OCC, Federal Reserve, OTS and NCUA) jointly issued the final rules and guidelines implementing sections 114 and 315 of the Fair and Accurate Credit Transactions Act (FACT Act).  Under these regulations, the “Red Flag Rule” was adopted which requires the development, implementation, and maintenance of an Identity Theft Prevention Program by covered companies that hold any customer accounts.

This paper discusses the latest web application challenges, organizational considerations, business costs associated with security issues and tips to maintain the intergrity of an organization's web applications. In addition readers will hain an understanding of the top web application attacks, such as SQL injection, corss-site scripting, session hijacking and scraping, and how to best remediate these tactics.

Unfortunately the business of internet-based fraud has never been healthier. When we think about the evolution of the internet and the new types of, and methodologies for, crime, that have developed, we can quickly come to one conclusion. The internet has not only enabled businesses to develop new routes to market and explore new business models, it has also done exactly the same for the fraudsters.