Use of the World Wide Web has exploded in industry, with browsers on every desktop and a server in every division. The use of WWW technology for internal information networks (intranets) has further accelerated business dependence on WWW software. The architecture of the WWW was designed to support sharing of information, and it offers businesses a way to do so at an attractively low cost of ownership. However, there is still no such thing as a free lunch. Web servers and browsers have many vulnerabilities that make it easy for the wrong people to get access to sensitive business information. In addition, since software product life cycles have dropped to six months or shorter, new versions of WWW software products are rushed to market without a level of testing sufficient to assure secure operation. This TIS Trusted Bulletin provides guidelines for secure business use of the World Wide Web.
展开▼