In the real world, of course, many sites will want to run a Windows or Linux server in order to gain the performance advantage of a multitasking operating system and the benefits of database and middleware connectivity . Security holes have been found in both Linux and Windows NT server systems, and new security holes are being found on a regular basis.

If you have configured your system correctly and are compulsive about applying your vendor’s security patches promptly, a typical Linux system will be more secure than a typical Windows system. However, you also have to factor in the experience of the people running the server host and software. A Linux system administered by a novice system administrator will be far less secure than a Windows system set up by a seasoned Windows system administrator.

The risks are most severe from the Webmaster’s perspective. The moment you install a Web server at your site, you’ve opened a window into your local network that the entire Internet can peer through. Most visitors are content to window shop, but a few will try to to peek at things you don’t intend for public consumption. Others, not content with looking without touching, will attempt to force the window open and crawl in. The results can range from the merely embarassing, for instance the discovery one morning that your site’s home page has been replaced by an obscene parody, to the damaging, for example the theft of your entire database of customer information.

It’s a maxim in system security circles that buggy software opens up security holes. It’s a maxim in software development circles that large, complex programs contain bugs. Unfortunately, Web servers are large, complex programs that can (and in some cases have been proven to) contain security holes. Furthermore, the open architecture of Web servers allows arbitrary CGI scripts to be executed on the server’s side of the connection in response to remote requests. Any CGI script installed at your site may contain bugs, and every such bug is a potential security hole.

From the point of view of the network administrator, a Web server represents yet another potential hole in your local network’s security. The general goal of network security is to keep strangers out. Yet the point of a Web site is to provide the world with controlled access to your network. Drawing the line can be difficult. A poorly configured Web server can punch a hole in the most carefully designed firewall system. A poorly configured firewall can make a Web site impossible to use. Things get particularly complicated in an intranet environment, where the Web server must typically be configured to recognize and authenticate various groups of users, each with distinct access privileges.

To the end-user, Web surfing feels both safe and anonymous. It’s not. Active content, such as ActiveX controls and Java applets, introduces the possibility that Web browsing will introduce viruses or other malicious software into the user’s system. Active content also has implications for the network administrator, insofar as Web browsers provide a pathway for malicious software to bypass the firewall system and enter the local area network. Even without active content, the very act of browsing leaves an electronic record of the user’s surfing history, from which unscrupulous individuals can reconstruct a very accurate profile of the user’s tastes and habits.

Finally, both end-users and Web administrators need to worry about the confidentiality of the data transmitted across the Web. The TCP/IP protocol was not designed with security in mind; hence it is vulnerable to network eavesdropping. When confidential documents are transmitted from the Web server to the browser, or when the end-user sends private information back to the server inside a fill-out form, someone may be listening in.

Web design firms are like graphic design firms for the internet.  They create visually-pleasing websites that focus on images, color, and layout.  The pages contain mostly static content such as company information and contact forms.  Most sites created by web design companies don’t actually DO anything.  They consist only of pages of information.

Web development firms are more like software companies, focused on writing computer code to give your website functionality.  This would include storing information in a database, creating charts on-the-fly to represent real-time data, and implementing secure login gateways to keep your valuable data protected from prying eyes.

If you simply want to inform the public about your company, a web design firm may be the way to go.  But if you want to give your users the ability to interact with your site, and receive feedback from your site, confine your search to web development firms.  These can be recognized by their experience with scripting languages such as PHP, ASP, or JSP to name a few.

New information is being created every second of every day from every one of your business processes.  From sales and purchases, to  inventory adjustments, employee actions, and customer inquiries, data should be organized and stored away for later analysis.  What you do with that information can determine your success for failure.  Information ignored is information lost.

So how do you retain the valuable data that is flowing through your business?  A properly designed database can store, manage, and serve all of your data at your command.  Through a web interface or a standalone software application, you can add data, modify as you see fit, and retrieve it in a myriad of forms to help you make more informed decisions.

The database itself is composed of tables - each table holding specific, related information.  Each table is broken down into fields - like cells in a spreadsheet - that hold the actual bits of data.  All of this data can then be tied together through the use of queries, or questions, posed to the database.

If you ever wanted to know on what day of the week you have the most sales, it becomes a simple matter of asking the database.  If you need to know which employee has used the least number sick days, but only out of the employees that have been with you for over two years, just ask the database.

The value of instant data at your fingertips becomes apparent the first time you need to know something, you press a key, and the information presents itself.  That is the value of a database.

Imagine one of your salespeople gets ready for a big sales meeting.  He/she checks the current inventory level of Product A and sees 1000 units available. The salesperson makes the sale and 800 units are instantly removed from the current inventory. Another salesperson at another clients office wants to sell the same product. He/she now sees that there are only 200 units available. How embarrassing would it be for both salespeople to commit 800 units each with only 1000 available? But with this real-time knowledge, the second salesperson knows not to commit to more than 200 units.

Along with instant data comes secure storage of records. No need to worry about losing valuable data because someone lost the tally sheet, or because the desktop computer that ran inventory program crashed with a year’s worth of inventory history. Data can now be stored on secure servers in multiple locations. If one copy was destroyed due to catastrophic events, there can be a back-up in another location ready to be accessed by everyone in your company.

All of this can take place via the internet and a website. The website acts a front door to the data which can be accessed by anyone you chose with varying security and access levels. You can hide it from prying eyes or make it available for the world to view. Your choice.

Inventory data can be tied directly to manual sales, online sales, shipping and receiving, or any other system that can modify current levels. The only limit is your imagination.

We will add new articles regularly, so please check back often to learn the power of the internet.