Posted by moniQue -^o^- on Sunday, June 28, 2009
Labels: / Comments: (4)
The application of 3rd party certification programmed in Malaysia
Nowadays, there are many businessmen that compete with each other in order to gain more profit. Consumers, nowadays are more likely to make comparison in many things compare to last time. Therefore, in order for an organisation to remain their customers, the application of third party certification programme is important for them. This is especially important in the fast changing Internet security and e-commerce environment.

Third party certification is a scientific process in which the company product or services is reviewed by an unbiased and independent third party to verify the set of standard and process that are being met. The third party certification not only can help an organisation and consumers to save their time but also can help them save money in cleaning product.

MSC Trustgate has been appointed as Asia's first VeriSign Authorized Training Centre. MSC Trustgate is the qualified licensed CA (Certification Authority) in Malaysia and has started to expand its service offering to other Asian countries, such as Indonesia, Thailand and Vietnam. One of the services that offer by MSC Trustgate is MYTRUST.

This service was launched by Trustgate recently and the function was to provide security to the transaction on the mobile platform. MYTRUST encourage even more mobile application services in the financial and government sector. Besides that, this provision (mobile application) will allow the market for mobile banking and mobile commerce in the region to take off effectively.


VeriSign is the trusted provider of internet infrastructure services for the networked world. This service help user engage in communications and commerce with more confidence. MSC Trustgate has been an affiliate of Verisign ad their purpose is to focused on reselling the Verisign’s Secure Socket Layer (SSL) and the Public Key Infrastructure (PKI) services to businesses and government, incorporating digital certificates, digital signatures and encryption.

SSL is a protocol originally developed by Netscape to ensure the security of e-commerce transactions, which was for transmitting private documents securely via the Internet (World Wide Web). SSL creates a secure connection between a client and a server, over which any amount of data can be sent securely. S-HTTP is designed to transmit individual messages securely.


PKI is to assist all type of companies and institution conducting their business over the internet. The state of the art back-end infrastructure is probably one of the best in the region. Project that have been implemented such as Malaysian government has been put in place a smart National Identify Card (MyKad) for every citizen. PKI capability allow Mykad holder to conduct online transaction with government agencies and other sectors.

Lastly, in my opinion, if applying this 3rd party certification, there will be more safeguard. Therefore, the customer can shop safely and more confidently. When the confidentiality of customers towards the internet has been enhanced and hence the organizations will be able to earn more profits.

Useful links:
http://www.coastwidelabs.com/Technical%20Articles/ThirdPartyCertification.htm'>http://www.coastwidelabs.com/Technical%20Articles/ThirdPartyCertification.htm">http://www.coastwidelabs.com/Technical%20Articles/ThirdPartyCertification.htm http://msctrustgate.com/product/training.htm
http://www.reuters.com/article/pressRelease/idUS141621+22-Feb-2008+PRN20080222
http://www.verisign.com.sg/press/2008/20081020.html


A review on internet security

Posted by Alice Goh
Labels: / Comments: (1)

In our today’s IT technology environment, all the company use computer and internet networking to run the business. Also, in the same time, we use the technology to surf web, chatting, and online purchasing, find information and etc. Without these technologies to help us, all the activities cannot do well. However, as the increasing use of internet, some of the bad people will take advantage on it to do unethical matter. For instance, they create spy ware to hack someone’s private information or if they unhappy with the person they deal with, they may create viruses such as worm and Trojan to make their computer break down. Thus, we need a strong internet security to protect our private data and computer.
I do agree on what the writer mention in the post on Internet Security. Today, analyst estimate roughly 75 percent of all security attacks are targeted at application. However, only 10 percent of enterprise securities spend is focused on application security. This is something should be change with the security system. The Malware can be changed rapidly and this could harm the people’s computer. Therefore, there should be a good antivirus software and employ different methods to detect malware.




As the nature of In ternet threats has transform, IT systems professionals and security providers have adapted their response strategy. The security systems developers have become managed security service providers. (MSSPs). Thus, many anti virus Software Company come out with multi function of antivirus software to fulfill the need of the users. Many antivirus software such as Avast, AVG, Bitdefender, Kaspersky antivirus, McAfee, Norton and etc, all this antivirus software has the function to protect our computer against viruses and spy ware.

In my opinion, IT systems developers have play an important role in the IT world. All of us should be grateful for them on the
service they have provided.

Useful links:
http://wiki.answers.com/Q/Seven_types_of_antivirus
http://www.ecommercetimes.com/story/Anp0Gg9Wnw65vQ/The-Changing-Faces-of-Internet-Security-Threats.xhtml?wlc=1246109572
http://www.technewsworld.com/story/53812.html?wlc=1246109853

PHISHING........

Posted by @^Whitney chiong^@
Labels: / Comments: (2)
Phishing is THEFT in the term coined by hackers who imitate legitimate in criminally fraudulent process of attempting to acquire the victim or user for sensitive information through an email such as username, passwords, credit card details, social security number and account number by masquerade as a trustworthy entity in an electronic communication. Phishing is typically carried out by e-mail or instant messaging for user, victim and 3rd party to enter their details to a false website whose look and feel that it was not a false website or it looks similar to the original website. A phishing technique was described in detail in 1987, and the first recorded use of the term "phishing" was made in 1996.

The following are a few examples of phishing identified:

Firstly, Bank Phishing scam: Scammer sends out phishing that uses it to attack the bank industry by acting in the interests of safety and integrity for the online banking in instructing users to visit a false website and enter their sensitive information such as financial details (e.g. credit card).











Secondly, eBay phishing scam. This eBay phishing email show that the website was very true and it’s also includes the eBay logo in an attempt to gain credibility from users. The email warns that a billing error may have been made on the account and urges the eBay member to login for updated and verify if there are any change.















Thirdly, is the PayPal phishing scam: tries to trick the users that there was an error happen and ask the user to cooperate with them to complete the request if not there will take action to suspend the account for temporary. The request is via the link provided where the link is clicking the user will bring to the attacker’s website.













The best way to protect you from phishing is to learn how to recognize a phish. How to spot phishing or protect yourself from phishing:

1) Do not click on embedded link or reply if you receives an unexpected e-mail that requires you to give your updated information details, personal information and confidential information. Instead of clicking the link, try manually by typing the address in the URL bar to log directly to the website’s home page for save.

2) Protect your computer with spam filters, antivirus and antispyware software, and a firewall before they search your computer for personal sensitive information and pass this information to perpetrator.

3) Use anti-phishing toolbar for helped us to compare the address you are going to access and the address toolbar gave you by seeing whether the details is match.
If it doesn’t meet the website will doubt immediately.

4) Always ensure that you are using a secure website. Check the web address in URL address bar before you are entering the sensitive information or submitting credit card via your Web Browser.

5) Other methods is setting a strong password and must change it frequently, monitoring your transaction, do transaction only with the companies that you can trust and lastly is to check your bank for credit and debit card to make sure that all transaction is legitimate.
In a nutshell, fault rate on the internet is increasing so I would like to give users advice that if you are not sure about the information, contact the company through an address or telephone number you know to be a genuine one.

Useful Link: