Online Security: Job One for E-Commerce

Since the advent of e-commerce, security concerns have kept consumers and corporations from jumping into the fray with both feet. Until recently, though, security was a highly theoretical worry for consumers -- and an easily dismissed cost category for companies.

Now, times have changed. The events of September 11th, combined with reports of increasingly vicious worms and viruses, have spurred consumers and corporations to take a historic stance toward online security: They're demanding it.

Never before have companies and government institutions been so singularly devoted to solving the online security problem.

The maturing process is not without its stresses and pains. In many cases, increased investments in security will draw resources away from other areas of product and technology development. But promised technologies like Web services will never materialize unless this near-term sacrifice is made.

Safety First

In the past week, bellwether companies Microsoft (Nasdaq: MSFT) (Nasdaq: MSFT) and IBM (NYSE: IBM) (NYSE: IBM) both made steadfast public commitments to online security.

Indeed, with the "Trustworthy Computing" initiative announced this week, Bill Gates told all Microsoft employees to make security their number one priority, ahead of new product features.

Even if this is partially a reactionary public relations gesture, Microsoft is just one of many companies elevating security to the top of its priority list.

In the same vein, IBM has teamed with VeriSign (Nasdaq: VRSN) (Nasdaq: VRSN) to improve online identity authentication in e-business applications.

And BestBuy.com (NYSE: BBY) just announced a new online payment engine designed to guard against rampant credit card fraud.

Healthy Competition

As online security becomes a clearly stated objective for both corporations and consumers, it will benefit from the evolutionary force of competition.

That is, e-commerce companies will strive to outdo each other with stronger and stricter security programs, ultimately raising the bar for e-commerce security as a whole.

There is a danger that companies will neglect other product development investments in their dogged pursuit of impervious security measures. But I can think of far worse downsides.

Just in Time

The fact is that many next-generation e-commerce technologies in development by such companies as Microsoft, IBM and Sun (Nasdaq: SUNW) will not gain traction without superior security measures in place.

Just look at all the security snafus Microsoft already has encountered in its .NET initiative.

In this regard, the surge in online security mandates couldn't have come at a better time.

Weak Links

Microsoft's .NET project and other new technologies collectively dubbed Web services present an exceptional security challenge.

Their success will depend on secure and seamless communication among disparate software applications over the Internet.

Here's the problem: Experts have always said a network's security is only as strong as its weakest link. With businesses and their applications engaged in online communications, the danger of weak links multiplies exponentially.

Building Bridges

It is natural to lament the circumstances that have produced this period of apparently unprecedented vulnerability.

But it is also important to recognize that those circumstances have snapped us out of complacency and ignited an important evolution of online security.

While painful and perhaps tangential to previously stated product goals, investments in Internet security are a necessary bridge to the next phase of e-commerce.

What do you think? Let's talk about it.