Tuesday, November 6, 2012
Web Based Scanning As Anti-Hacking Solution
Web based scanning is a "third generation" scanning engine that allows you to scan documents and arrange them into timely records using the internet. OmniScan is the commonly used web scanning solution which enables bulk scanning and pre-scanning.
Most Web based scanning solutions are described as 3-layered application tools. The first layer is the internet browser, while the second and third layers are "web content generation" tools and company database respectively. The internet browser builds up the initial request directed to the second (also known as the "middle") layer. The latter in turn accesses the database to perform specific tasks. This is done by either updating the third layer or retrieving information from databases outside the said layer.
Since web based scanning applications are resided on the company's server, they can be modified or updated anytime without the need of installing software. Examples of sites using this application include forums, discussion boards, login pages and blogs.
Why Web Based Scanning Is Important
IT-based organizations need a web scanning solution to check any security loopholes that often results to hacking. Unfortunately, several web applications now appear to be the "weakest link" in the entire corporate security. Because taking advantage of the vulnerability in web scanning security is easier for them, hackers have now started using web applications to infiltrate corporate-based data.
Why Web Scanning Applications Are Targeted by Hackers Easily
The methods of hacking have become more intense as various defense mechanisms and web intrusion detections have been developed. It is no longer easy for websites to breach their security parameters and gain illicit access to specific networks.
Anti-virus software, security scanners and firewalls today has the capability to protect all corporate-based systems or networks. But due to such constraints, hackers are finding alternate ways to infiltrate the whole web security infrastructure.
Since the adoption of highly innovative, web-based technologies allowed organizations to direct their networks, web scanning application has become a tool for developers to regulate unknown web security risks.
Lawsuit
Several companies are facing a number of legal issues regarding web based scanning attacks. Victoria's Secret, which is considered one of the world's best-sellers in lingerie products, was sued by the Federal Trade Commission (FTC) in 2005 after confidential details on individual purchases were accessed from its database. Victoria's Secret paid $50,000 as a fine to the New York State Court. This resulted to a private settlement of financial claims by customers.
In 2006, FTC filed cases against certain global organizations for using hackers to infiltrate company databases. But after FTC discovered that there was a leakage of sensitive web based scanning information from these databases, the case was immediately dismissed in 2007.
Attacks on web scanning applications are increasing by the minute. In a report by the Computer Emergency Response Team, around 70% - 90% of web applications are being attacked by hackers. If infringements on web application will continue to grow by 10%, the attacks will continue to occur and credit information (for auction sites) will be leaked.