* plunder of data (for example, plunder of numbers of credit cards from a database);
* intervention (for example, an overload data of the site which has been not intended for such great volume of the information);
* distortion of data (for example, change of the sums in files of payments and invoices or creation of nonexistent certificates or sites for downloading the information going on a certain site);
* destruction of data (for example, by transfer from a site or to a site from the user);
* refusal of the made actions (for example, from the fact of registration of the order or reception of the goods);
* unintentional misuse of means of a site by the diligent user;
* not authorized access to the information:

- not authorized copying, updating or other use of data;
- not authorized transactions;
- not authorized viewing or data transmission (for example, display of the true names of visitors instead of pseudonyms in a chat or a forum).

Thus it is necessary to consider, that in safety issues in the given sphere there is a number of objective problems of legal character - technologies develop much more quickly legislative base, the malefactor is difficult for catching in the act, and proofs and traces of crimes can be easily completely destroyed. All this causes necessity of careful development by the companies of politics of protection of the electronic business. Full and absolute safety is unattainable, as systems of electronic business are constructed on the basis of set of the program applications of various suppliers ready and made to order and a significant amount of the external services given by providers of corresponding services or business-partners. A significant part of these a component and services are usually opaque to IT-experts of the company-customer besides many of them often are modified and will be improved by their founders. All this cannot be checked up carefully for potential defects of protection, and more difficultly all these defects to eliminate. And even if it would be possible, it is impossible to exclude the so-called human factor as all systems are created, change and cope people, and according to researches of Institute of computer safety of 81 % of respondents have noted, that the greatest trouble internal threat causes in the companies - deliberate or unintentional actions of own employees.

In a problem of protection against internal threats there are two aspects: technical and organizational. The technical aspect consists in aspiration to exclude any probability of not authorized access to the information. Such known means are applied for this purpose, as:

* support of passwords and their regular change;
* granting of a minimum of the rights necessary for administration of system;
* presence of standard procedures of duly change of group of access at personnel changes or immediate destruction of access after dismissal of the employee.
* The organizational aspect consists in development of rational politics of the internal protection transforming into routine operations such ways seldom used by the companies of protection and prevention of hacker attacks, as:
* introduction of the common culture of observance of safety in the company;

* testing of the software for hacking;
* tracking of each attempt of hacking (it is not dependent on that, how much successfully she has come to the end) and its{ careful research;
* annual trainings for the personnel concerning safety and cyber crime, including the information on concrete attributes of hacker attacks as much as possible to expand a circle of the employees having an opportunity to reveal such actions;
* introduction of precise procedures of working off of cases of unintentional change or destruction of the information.
* For protection against external intrusion today there is a set of the systems, as a matter of fact being a different sort the filters, helping to reveal attempts of hacking at early stages and whenever possible to not admit{allow} the malefactor in system through external networks. To such means concern:
* routers - devices of management of the traffic the networks located between networks of the second order and managing directors by the entering and proceeding traffic of segments attached to them of a network;
* fireproof walls - means of isolation of private networks from the networks of the general using the software, tracing and stopping external attacks to a site by means of the certain control of types of inquiries;
* sluices of applications - means by means of which the manager of a network realizes politics of protection by whom the routers which are carrying out a batch filtration are guided;
* systems of tracking of intrusions (Intrusion Detection Systems, IDS) - the systems revealing deliberate attacks and unintentional misuse of system resources by users;
* means of an estimation of security (special scanners, etc.) - the programs on a regular basis scanning a network for presence of problems and testing efficiency of realized politics of safety.

As a whole, the first, that it is necessary to make the companies is to understand, as from whom should be protected. As the basic players on this field shareholders of the company, consumers act, employees and business-partners, and for each of them it is necessary to develop own plan of protection. All requirements on safety should be documented that in further to serve as a management for all realizations of el-commercial applications and means of their protection in various directions of activity of the company. Besides it will allow to generate the separate budget for service of problems of safety within the limits of the company and to optimize charges on these needs, having excluded duplication of any questions of protection by development of everyone separate business-project.

Unfortunately, today practice is those, that the politics of protection is assigned heads to IT-division which employees believe that technological questions more important any there "paper" instructions, and besides, are not experts in the separate areas of business also demanding precise procedures of protection within the limits of the company.

Besides at interface of the various software there can be the specific problems, not known to manufacturers of each of the integrated products. Research of such interactions should anticipate any technological and budgetary decisions. And not enough attention also is given to it.