Privacy laws in Australia

The Privacy Act 1988 (Cth) establishes National Privacy Principles (NPPs) which apply to:

* all private sector organisations with an annual turnover of more than $3m
* health service providers
* traders in personal information
* contractors to the Australian Government as far as their activities are for the purposes of the contract.

There are limited exceptions from the coverage of the NPPs for employee records, contractors to State Governments and journalism. The NPPs represent best practice and as such should be followed even if they are not compulsory in your particular situation.

The NPPs establish standards for the collection, use, storage and disclosure of personal information. They include the following:

* You can only collect personal information if it is necessary for the function or activity of your organisation.
* You should not use or disclose personal information for a purpose different from the original purpose of collection, except in limited circumstances.
* You must take reasonable steps to ensure that personal information collected is accurate, complete and up-to-date.
* You must take reasonable steps to protect the personal information collected. This may mean that you will need to set up appropriate computer hardware and software systems for protection of data.
* You can transfer personal information to a person or organisation outside Australia only in limited circumstances. These include the requirement that you reasonably believe that the recipient is governed by comparative privacy laws, or that the individual whose personal information is being transferred consents to its transfer.

Although you are allowed to collect and use personal information, you are not allowed to collect and use "sensitive information" about individuals unless they first consent. Sensitive information is defined in the Act and includes information regarding race, gender, political opinion, religious beliefs, philosophical beliefs, membership of a trade union or professional organisation, or sexual preference or practices.

The NPPs also require you to explain your personal information collection and use practices to the people using your website at the time when you collect their information. As a practical measure, the above principles need to be incorporated into a privacy statement to be displayed on your website.

Budgeting for maintenance

The cost of maintaining your website over a 12 month period needs to be estimated and the money allocated so that the website has every chance of achieving its goals.
Many businesses make the mistake of only considering the cost of developing a new website and forget the cost of annual maintenance. For some businesses the maintenance costs are not high, for others they can far exceed the development cost. No matter what the cost, annual budgeting for maintenance is very important.
The website budget should be considered along with everything else at budget time. It might be listed as a unique item in the overall budget and given its own allocation. Alternatively, "website maintenance" may not appear separately but the budget allocation might be spread across a number of budget lines - eg the cost of promoting it allocated to the Marketing Department and the hosting costs to the IT Department.
A combination of both models might be appropriate.
What to do
To estimate the maintenance budget, use a spreadsheet program (eg Microsoft's Excel) or use a word processor (eg Microsoft's Word) to do the following:
Option 1: Download an example budget that you can use to help determine your own budgeting requirements.
e-businessguide Template Document - Estimated Annual Website Maintenance Costs (23 kb)

Option 2: Create a new document in a spreadsheet program and do the following:
1. In column one: identify and list the anticipated cost areas for your e-business over the twelve month period of the budget - include every task, whether it is done in-house or outsourced - eg webmaster, graphic design, responding to feedback on the website, writing new text, creating new online forms, promotion, database licence, hosting, evaluation.
2. In column two: estimate the quantity for each component - eg annual, 3 days, 8 hours.
3. In column three: calculate the cost of each component based on an average hourly rate or the fixed annual fee - eg for a database licence or e-commerce credit card system.
4. Calculate the total of column three, and then add about 5% for unforeseen circumstances to arrive at the annual budget.
It may then be appropriate to separate the budget items and costs for tasks done in-house and those to be outsourced.

Spam and ethical e-marketing

The online environment can offer an opportunity for companies to market themselves and their products inexpensively and effectively, but you need to exercise considerable care to ensure that your method, or your message, doesn't get you into legal or other difficulties. Sending unsolicited commercial e-mail (commonly referred to as "spam") will not only alienate the customers you're trying to attract, it could result in your Internet Service Provider terminating your Internet access, and may soon attract penalties under proposed Australian Government legislation.

Over the last few years spam has become a serious problem and constitutes almost 50% of world-wide e-mail. It is rapidly eroding the value of legitimate online marketing and is causing problems for both users and the Internet generally, so it is important that you make sure you don't contribute to the problem.

To find out more about spam go to DCITA's report on the problem at: http://www.dcita.gov.au/communications_and_technology/publications_and_reports/2003/04/spam_report

To make sure you aren't spamming, all of your commercial e-mail must:

* only be sent where there is an existing business relationship, or where people have clearly indicated they wish to receive it
* provide customers with the opportunity to decline future contact if they wish by including a working unsubscribe method
* be accurate, clear and unambiguous in all of the details in the e-mail (eg. addresses, subject lines, contact details).

Internal policies and guidelines

Internal policies and guidelines

Depending on how much you rely on your website as a business tool and how much you use the Internet, especially email, it may be very useful to establish policies and guidelines about the use of those tools.
E-business policy statements are high-level statements about the aims and intention of particular aspects of e-business. They state the overall approach that the business is taking to, say, e-commerce.
An e-business policy might be a brief document that makes statements about your organisation's general approach and aims.
Policies then need guidelines and procedures that direct individual staff in their day-to-day use of the Internet. These might be in the form of step-by-step procedures or statements about what can be done online and what is discouraged or even not allowed.
This table indicates the areas of e-business for which policy statements and practical guidelines might be created and suggestions as to what they might include.
Aspect of e-business Policy - for the business Practical Guidelines - for individual staff
management importance to the business, management structure who, procedures, budget, evaluation
integration of e-business into the overall business why integrate and expected outcomes what aspects, timeframes, scope, who is responsible
website content expected quality and results scope, tone of material, exclusions, quality control
staff use of the Web purpose and outcomes when, who has access, restrictions
staff use of email purpose and outcomes when, who has access, restrictions
information management define information, why manage it what information, how to archive
e-security purpose, importance procedures when online and in the office
What to do
Use this table as a starting point for determining what aspects of your e-business require a policy statement and guidelines or procedures. Refer the drafting of these to those managing your e-business. Consultation with staff is important in drafting and finalising guidelines and procedures because they know what works and what doesn't and they have to implement them.
There are many e-business policies and guidelines published by government departments that may prove useful examples to follow when developing yours.

What to do

Create an e-business management team consisting of people representing key areas of your organisation. For many organisations this might include people from the following areas:
• management
• marketing/promotions
• sales
• training
• administration
• operations/the front counter/shop floor
• information services/technology.
In small and micro businesses of just one or two people, these roles will be shared with each person performing a number of functions. In such businesses it will probably be inappropriate to establish a formal e-business management team. However, that does not mean small and micro businesses do not need to adopt a formal approach to managing their e-business.
Who should head up the e-business management team? Identify the main aim or activity of your e-business and the person in the organisation whose role it is to run that area should chair the team. The broader the aims of your e-business and the more it touches every aspect of your business, the more appropriate it will be to have a senior manager, CEO or the business owner head up the management team. The following is a possible agenda for the meetings of the e-business management team. Add and subtract items according to your circumstances.
1. Report on actions arising from the previous meeting
2. Outcomes this period - successes, benefits, costs
3. Content update - additions, deletions, editing and quality issues
4. Marketing and promotion - usage, feedback
5. Resources report - budget, staff training, time
6. Technology issues - speed, equipment
7. Risk management review - new risks, security and legal issues
8. Actions arising from this meeting

managing

Who does the managing?

E-business is about using the Internet to help you meet your business goals. It can be used to help sell more products, manage customers and suppliers, promote your business, develop new markets and even undertake research of new products and services. A comprehensive use of e-business touches many, if not all, parts of your business, so everyone involved in those parts need to be involved in managing the e-business.
E-business is about business, not technology, so don't leave managing your e-business to technicians.
Businesses that employ a few people do not have much choice about who manages their e-business. This can make managing much easier because decision-making is less complicated. However, it can also mean that management is left to just one person who needs to be disciplined about allocating time to manage each aspect of it.
Organisations employing a number of people need to bring together representatives of the various parts of their business to manage their e-business.
The e-business management team's role is to consider all matters related to the e-business strategy and, in particular, to oversee:
• the aims and direction of the e-business strategy
• the roles and functions of anyone employed specifically to operate or manage the e-business
• technology and processes - eg a Web programmer or designer, online marketing person
• identification and implementation of staff training in the use of software, technology and processes
• legal issues - eg copyright and commercial issues
• security issues - eg backup systems
• acquisition and maintenance of equipment and software
• the relationship with the Internet Service Provider
• monitoring Internet trends and what competitors are doing
• promoting the e-business internally and externally
• evaluating the e-business strategy
• the annual budget.
The e-business management team should be a permanent group and its meetings regular. However, very few organisations would welcome the thought of adding another monthly meeting to the schedule! Perhaps a separate meeting is not required, but somewhere time has to be found to undertake the above tasks in a formal way.

sources of threats

What are the sources of threats to my information systems?

Threats to any organisation's information systems can come from a number of sources and come in a number of formats.
The sources may be:
• uninformed workers - mistakes can be made, information can be destroyed, confidential data exposed
• contract workers - not fully briefed in organisation policies and protocols leading to accidental exposure of company information
• disgruntled employees - leaving a virus behind in your system or compromising data
• contract workers requiring access to get the job done despite opening your company to security risk
• political activist "hactivists"
• hackers looking to steal credit card numbers, contact lists or client details
• information "brokers" trying to steal your information and on-sell it
Breaches of security may be intentional or unintentional and can come in a variety of formats. Click on the link to read more about each.
• Viruses - malicious pieces of computer code that make unauthorised changes to your PCs
• Hacking - where individuals gain or attempt to gain unauthorised access to your computer systems
• Dumping - when someone takes control of your computer's modem to place calls to high-cost premium rate or international numbers
• Port scanning - some hackers scan the Internet for computers or networks whose Internet port(s) is open and accessible
• Physical security - protection against theft of computers and unchecked access to systems and information by staff
• Denial of service - deliberate over-loading of your web server by others in order to make your website almost unaccessible

What part is at risk?

What part of my business is at risk?

Although the Internet offers many benefits, using the Internet to do business can carry risks.
Because the Internet is designed to offer easy communication between individual computers, it opens up the possibility of outsiders breaking into your computer systems and stealing valuable information, such as credit card numbers.
Any information transmitted over the Internet can be intercepted at any point if appropriate security precautions have not been taken. This is particularly important where businesses are using broadband technology because of its continuous connection to the Internet.
Unauthorised users can take your data and disclose it, modify it, destroy it, sell it or post it on the web. They can hi-jack your homepage or your website, overload systems so customers cannot contact your company, shut down production lines and forward confidential staff details, personnel records and quality assurance reports.
As more and more people and businesses start using the Internet as a business support tool a new range of issues about security has been identified.
To help you determine your approach to information and system security, ask yourself the following questions.
What is most important to my customers, business partners and suppliers?
They are likely to require that:
• your information systems provide business data that is reliable and accurate
• systems that process data are available 24 hours a day, 7 days a week (ie 24/7)
• any customer or business partner information that is handled by the system is secure
• customer personal information will remain private and will not be shared with others
• financial data will be secured and not compromised, corrupted or destroyed
• systems are in compliance with any regulations requiring that critical business data will not be available or disclosed to unauthorised persons.
What security promises do I want/need to make to my customers, business partners and suppliers?
It is important to define what promises about information and system security you currently make or will make in the future to your customers, business partners or suppliers. Whatever you promise will drive your business projects and the levels of security needed to support them.
For example:
• If customers or business partners entrust their sensitive information to your care, you need to demonstrate that you can maintain confidentiality.
• If business partners depend on your availability 24/7, availability should be an important security concern.
• What are the implications for your business if a virus attack or a denial of service (DoS) attack takes you off-line for an extended period of time?
• Customer reliance on the accuracy of your data means you must have good data integrity controls in place. Can you currently detect an unauthorised access attempt to your system and can you gauge the impact this might have?

who is accessing

How do I know who is accessing my information?

Authentication
Authentication is the process of ensuring that the correct user is identified as a trusted source and is authorised to conduct specific transactions.
The reason for having access controls is to permit access to information and technology on a need-to-know, job function-related basis and to ensure users cannot gain access to information and technology for which they are not authorised.
What to do
Establish access controls to ensure that:
• access to information and systems is limited to the minimal number of users
• system logs record who logs on, when, where and for how long, and track any deletions or modifications, changes to file or database structure
• additional workstations, systems and software are reviewed periodically.
Password protection
Passwords are the first line of defence against unauthorised access to information and systems.
All new accounts should be given initial passwords that are set by administrators. Once in the system new users can specify their own password, following a set of password definition guidelines.
What to do
Develop a password protection system for your business. You and your staff should:
• Avoid passwords that would be readily identifiable or easy for anyone to guess (such as family names, birth dates)
• Use a mix of upper and lower case alpha, numeric and special characters
• Memorise your passwords and make sure that you do not write down your password or store it in easy to find places or file on or near your computer
• Use a completely new password every time you change your password and never reuse old passwords
• Avoid using dictionary or foreign words because hackers have many tools, such as dictionary programs, to assist them. A hacker will launch a dictionary attack by passing every word in a dictionary (which can contain foreign languages as well as the entire English language) to a login program in the hope that it will eventually match the correct password
• Never share your password with anyone
• Never send your password via email
• Change your passwords regularly, at least every three months.

Why be secure?

Information is an asset, and like other important business assets it has value to an organisation and could be of value to competitors. It must therefore be suitably protected.
Information security protects information from a wide range of threats to:
• ensure business continuity
• minimise business damage
• maximise return on investments and business opportunities.
Information can be printed or written on paper, stored electronically, transmitted by post or using electronic means, shown on film or spoken in conversation.
Until quite recently the protection of data in the information technology (IT) environment has focussed on the physical computer system, and in particular three core elements:
• Confidentiality - assuring sensitive data is read only by authorized individuals and is not disclosed to unauthorized individuals or the public.
• Integrity - protecting data or software from improper modification. For example, a virus may infect a program and alter the data contained within the documents created by that program. Data integrity could also be compromised by a disgruntled employee fraudulently changing payroll records. Unless information is accurate or complete, it is rendered useless.
• Availability - accessibility of IT network, desktop and data resources when authorized users need such access. Availability definitions differ from organisation to organisation. For instance, some organizations run 24 x 7 operations and therefore require systems to be available 24 hours a day, 7 days a week. Other organizations operate from 8.00 am to 6.00 pm, Monday to Friday, hence system availability requirements are greatly reduced.
Connecting computers to the Internet allows consumers and businesses to access a wealth of information and resources. However, it also creates the risk that computers may be tampered with by hackers, or attacked by viruses distributed via email. It is important to protect yourself against these risks.
Consider these points:
• Initially, security adds to the cost of doing business. However, in the long-term it could save you money, reputation and customers.
• Security is a process, not a project or a product.
• Continuous improvement is the key success factor for a good security program.
• Building and maintaining trust and credibility with your customers and business partners is critical to the success of your business.
For more information on security issues, you might like to look at this tip sheet developed by DCITA as part of their publication, Internet Security Essentials for Small Business:

Controlling the risks

Using the Internet to do business introduces a new set of risks in addition to the ones every organisation faces. Risks associated with the Internet are wide-ranging and vary in their complexity and the ease with which they can be avoided, minimised or eliminated.

Risk management is the art of identifying risks, prioritising them and then minimising their occurrence and impact on your e-business.

Risks associated with e-business that might lead to lost opportunities and frustrated customers cover areas such as:

• business - eg if you sell products directly to customers on your website, how this will affect your relationship with your re-sellers
• financial - eg the database used to support your e-business costs too much to maintain
• personnel issues - eg what happens if the only person in the business who really understands your website resigns
• technical - eg the website is inaccessible for a few days or is too slow, leading to lost opportunities and frustrated customers
• legal - eg your use of a list of email addresses breaks privacy laws.

What to do

Managing risk requires a systematic approach. Here is a suggested approach that could be easily implemented in any organisation:

1. consider each of the risk areas above and identify the risks under each for your e-business
2. prioritise them
3. develop strategies to minimise or overcome them
4. implement the strategies
5. evaluate the effectiveness of the strategies
6. go back to step 1 and monitor for new risks.

How to plan

The planning process needs to be managed well and involve the people who hold important roles in the business - or who provide important business advice to the business. For some very small businesses, the owner/operator may be the sole person to develop the e-business plan. But whether it is developed by one person or a team, the goal is to produce an e-business plan document and to implement a practical schedule for reviewing and updating it.
Managing the planning process is not difficult, but it does require a disciplined approach.
What to do
The person responsible for delivering the plan should establish:
• who should be involved in the process - eg micro-businesses might have the owner and the accountant, larger organisations may have people from management, accounts, marketing, sales, technical, operations and possibly external advisors
• the responsibilities of the planning team
• what the plan is to include
• what background research is required in order to produce the plan
• the time-frame for delivering the plan
• an internal communications plan to keep everyone informed about the plan
• when and how the plan will be reviewed and updated
The other sections in Planning will help you identify what you need to know and provide important information and resources on which to base your e-business plan

How to Plan

The planning process needs to be managed well and involve the people who hold important roles in the business - or who provide important business advice to the business. For some very small businesses, the owner/operator may be the sole person to develop the e-business plan. But whether it is developed by one person or a team, the goal is to produce an e-business plan document and to implement a practical schedule for reviewing and updating it.

Managing the planning process is not difficult, but it does require a disciplined approach.

What to do

The person responsible for delivering the plan should establish:

* who should be involved in the process - eg micro-businesses might have the owner and the accountant, larger organisations may have people from management, accounts, marketing, sales, technical, operations and possibly external advisors
* the responsibilities of the planning team
* what the plan is to include
* what background research is required in order to produce the plan
* the time-frame for delivering the plan
* an internal communications plan to keep everyone informed about the plan
* when and how the plan will be reviewed and updated

The other sections in Planning will help you identify what you need to know and provide important information and resources on which to base your e-business plan.

Doing business

Doing business with government

The Australian Government and most state and territory governments are starting to use e-commerce to purchase goods and services. There is a growing commitment by governments to using online services and demonstrating the benefits of electronic trading to businesses and the community.

For businesses, this means that they can increasingly expect to be able to tender for business online, sell products and services online and do invoicing and receive payment online.

Just as significant as the adoption of e-commerce, is the growing number of government agencies and departments that provide online access to their services and products (eg car registration renewal, lands title searches, publications). Businesses save time by doing business with government online and government enjoys efficiency gains as well.

What to do

Check the following websites in your state or territory to discover what e-business you could be doing with your State government and the Australian government. Also check your local government's website.

Australian Government

www.business.gov.au The Business Entry Point acts as an online government resource for the Australian business community. It provides business with a wide range of services and information about start-up, taxation, licensing and legislation, as well as significant activities such as taxation compliance and licence applications.

www.ads.gov.au - Contains information on government tendering opportunities. http://www.tenders.gov.au - for a full Commonwealth Electronic Tendering System (CETS) http://www.contracts.gov.au - contains information about resulting contracts and standing offers and provides searching and reporting facilities for users.

www.esa.finance.gov.au - Provides information to firms wishing to trade with government about obtaining endorsed supplier status.

Australian Capital Territory

www.basis.act.gov.au - This site provides information on ACT Government procurement policy, principles and guidelines and provides details of contracts arranged by the Territory. It also provides a matchmaking service for suppliers located in the Australian Capital Region with business opportunities across all levels of government.

New South Wales

www.smarterbuying.nsw.gov.au/ - The Smarter Buying for Government strategy is the NSW framework for a new accelerated phase in procurement reform.

www.nsw.gov.au/business.asp - For the General Online Government Information Services for Business.

www.tenders.nsw.gov.au/nsw/index.shtml - Here you will find the most recent information about Department of Commerce business opportunities.

www.smartbuy.nsw.gov.au - Smartbuy is a whole-of-government electronic marketplace developed by the Department of Commerce for NSW Government agencies and other authorised buyers and suppliers.

www.cpsc.nsw.gov.au/e-procurement - The NSW Government Electronic Procurement Implementation Strategy is a framework which supports the take up of electronic commerce in procurement and information technology in construction.

www.smallbiz.nsw.gov.au - For advice about e-business for SMEs.

Northern Territory

www.nt.gov.au/caps/tenders - This is an online tendering site where tender opportunities can be identified and documents downloaded.

Queensland

www.qgm.qld.gov.au - If you are currently a supplier to the Queensland government, or if you are interested in supplying goods and/or services you can use this site to find out about Queensland government purchasing activities.

South Australia

www.tenders.sa.gov.au - For a full government electronic tendering system.

www.ssb.sa.gov.au - For e-business advice to small business in South Australia.

Tasmania

www.purchasing.tas.gov.au - This site is a one-stop shop for businesses and government agencies wanting information on all aspects of government purchasing.

Victoria

www.vgpb.vic.gov.au - Information about Victorian government procurement policies and procedures.

www.tenders.vic.gov.au - Information for businesses about opportunities, and how to compete successfully for Victorian Government business.

www.hpv.org.au/ - Information about tenders and purchasing policies related to Victorian Health procurement.

www.mmv.vic.gov.au - Information about initiatives helping the uptake of e-commerce among business and information on e-commerce roadshows.

Western Australia

www.ecc.online.wa.gov.au This site is concerned with e-commerce issues in Western Australia.

www.gem.wa.gov.au/Gem/About/gem_approach This site provides information about government e-procurement in Western Australia.

www.sbdc.com The Small Business Development Centre has general information for small business on e-commerce and a more detailed learning site called e-start.

Important

Because websites can change in what they offer it is a good idea to develop a systemic review process that will ensure that the business is aware of all the possible and appropriate ways in which the Internet can be used fordoing business with government at all levels.

E-commerce - 2

What is E-commerce?

Electronic commerce or ecommerce is a term for any type of business, or commercial transaction, that involves the transfer of information across the Internet. It covers a range of different types of businesses, from consumer based retail sites, through auction or music sites, to business exchanges trading goods and services between corporations. It is currently one of the most important aspects of the Internet to emerge. Ecommerce allows consumers to electronically exchange goods and services with no barriers of time or distance. Electronic commerce has expanded rapidly over the past five years and is predicted to continue at this rate, or even accelerate. In the near future the boundaries between "conventional" and "electronic" commerce will become increasingly blurred as more and more businesses move sections of their operations onto the Internet. Business to Business or B2B refers to electronic commerce between businesses rather than between a business and a consumer. B2B businesses often deal with hundreds or even thousands of other businesses, either as customers or suppliers. Carrying out these transactions electronically provides vast competitive advantages over traditional methods. When implemented properly, ecommerce is often faster, cheaper and more convenient than the traditional methods of bartering goods and services. Electronic transactions have been around for quite some time in the form of Electronic Data Interchange or EDI. EDI requires each supplier and customer to set up a dedicated data link (between them), where e-commerce provides a cost-effective method for companies to set up multiple, ad-hoc links. Electronic commerce has also led to the development of electronic marketplaces where suppliers and potential customers are brought together to conduct mutually beneficial trade. The road to creating a successful online store can be a difficult if unaware of e-commerce principles and what ecommerce is supposed to do for your online business. Researching and understanding the guidelines required to properly implement an e-business plan is a crucial part to becoming successful with online store building. What do you need to have an online store and what exactly is a shopping cart? Shopping cart software is an operating system used to allow consumers to purchase goods and or services, track customers, and tie together all aspects of ecommerce into one cohesive whole. While there are many types of software that you can use, customizable, turnkey solutions are proven to be a cost effective method to build, edit and maintain an online store. How do online shopping carts differ from those found in a grocery store? The image is one of an invisible shopping cart. You enter an online store, see a product that fulfills your demand and you place it into your virtual shopping basket. When you are through browsing, you click checkout and complete the transaction by providing payment information. To start an online business it is best to find a niche product that consumers have difficulty finding in malls or department stores. Also take shipping into consideration. Pets.com found out the hard way: dog food is expensive to ship FedEx! Then you need an ecommerce enabled website. This can either be a new site developed from scratch, or an existing site to which you can add ecommerce shopping cart capabilities. The next step, you need a means of accepting online payments. This usually entails obtaining a merchant account and accepting credit cards through an online payment gateway (some smaller sites stick with simpler methods of accepting payments such as PayPal). Lastly, you need a marketing strategy for driving targeted traffic to your site and a means of enticing repeat customers. If you are new to ecommerce keep things simple- know your limitations. Ecommerce can be a very rewarding venture, but you cannot make money overnight. It is important to do a lot of research, ask questions, work hard and make on business decisions on facts learned from researching ecommerce. Don't rely on "gut" feelings. We hope our online ecommerce tutorial has helped your business make a better decision in choosing an online shopping cart for your ecommerce store.

Staffing

Almost all training and education providers in Australia have a website through which they provide information on courses being offered on their premises or campus - topics covered, availability, when offered and costs. A number of training providers offer online training courses. These have the advantage that they can be undertaken by staff at a time of their choosing and they are not restricted to the training courses offered by institutions in their own city, town or area. The convenience of delivery, and the range of training material offered online across a whole range of disciplines, activities and services, means that staff training is more accessible and potentially more timely and relevant than ever before.

What to do

Many organisations offer training in the use of the Internet and how businesses can maximise the effectiveness of email and their websites.

Try the e-business training section in this website - the link is on the right-hand side of the screen under the Resources heading.

Try the following sources in your local area who might provide training courses or know who does:

• TAFE colleges
• private providers - look in the Yellow Pages ® eg under Computer Training Services
• your local library or local council may know of local training providers
• your industry association
• business advisors who are supported by government and local communities
• your computer suppliers.

Further information sources

You might like to try these websites as sources of information about training courses in Australia:

Courses.com.au

A nationwide directory of short courses, Courses.com.au lists 12,000 courses throughout Australia. Course providers are entitled to list their basic course details on this website for a small fee. The site is free to users. Note on searching this site: the e-businessguide website describes e-business as "doing business using the Internet". The courses.com.au website does not use this language. Instead it focuses on the individual activities that make up e-business such as "email" or "web page design". When you search the courses.com.au database after selecting your state, click a category, either Computing & IT or Business & Finance. You can then select your regional area. Training providers are continually changing their courses so contact the training provider to obtain their course timetable and details of their specific courses. http://www.courses.com.au/index.cfm

National Training Information Service

This website provides a database of vocational education and training in Australia. It contains detailed information on courses, qualifications, training packages, competency standards and training organisations. Note on searching this site: NTIS - the National Training Information Services, provides information about accredited vocational education and training (VET) courses. Click on Courses/Qualifications, then type in e-business (with a hyphen) in the Course Title/ Qualification box. Click on search. Click on the course you are interested in and then "Show all details for this item" button. It is also possible to limit your search by state. If you cannot find the type of course you are looking for, consider searching for business or computing.

E-commerce

E-commerce (electronic commerce or EC) is the buying and selling of goods and services on the Internet, especially the World Wide Web. In practice, this term and a newer term, e-business, are often used interchangably. For online retail selling, the term e-tailing is sometimes used.

E-commerce can be divided into:

• E-tailing or "virtual storefronts" on Web sites with online catalogs, sometimes gathered into a "virtual mall"
• The gathering and use of demographic data through Web contacts
• Electronic Data Interchange (EDI), the business-to-business exchange of data
• e-mail and fax and their use as media for reaching prospects and established customers (for example, with newsletters)
• Business-to-business buying and selling
• The security of business transactions

E-tailing or The Virtual Storefront and the Virtual Mall

As a place for direct retail shopping, with its 24-hour availability, a global reach, the ability to interact and provide custom information and ordering, and multimedia prospects, the Web is rapidly becoming a multibillion dollar source of revenue for the world's businesses. A number of businesses already report considerable success. As early as the middle of 1997, Dell Computers reported orders of a million dollars a day. By early 1999, projected e-commerce revenues for business were in the billions of dollars and the stocks of companies deemed most adept at e-commerce were skyrocketing. Although many so-called dotcom retailers disappeared in the economic shakeout of 2000, Web retailing at sites such as Amazon.com, CDNow.com, and CompudataOnline.com continues to grow.

Market Research

In early 1999, it was widely recognized that because of the interactive nature of the Internet, companies could gather data about prospects and customers in unprecedented amounts -through site registration, questionnaires, and as part of taking orders. The issue of whether data was being collected with the knowledge and permission of market subjects had been raised. (Microsoft referred to its policy of data collection as "profiling" and a proposed standard has been developed that allows Internet users to decide who can have what personal information.)

Electronic Data Interchange (EDI)

EDI is the exchange of business data using an understood data format. It predates today's Internet. EDI involves data exchange among parties that know each other well and make arrangements for one-to-one (or point-to-point) connection, usually dial-up. EDI is expected to be replaced by one or more standard XML formats, such as ebXML.

E-Mail, Fax, and Internet Telephony

E-commerce is also conducted through the more limited electronic forms of communication called e-mail, facsimile or fax, and the emerging use of telephone calls over the Internet. Most of this is business-to-business, with some companies attempting to use e-mail and fax for unsolicited ads (usually viewed as online junk mail or spam) to consumers and other business prospects. An increasing number of business Web sites offer e-mail newsletters for subscribers. A new trend is opt-in e-mail in which Web users voluntarily sign up to receive e-mail, usually sponsored or containing ads, about product categories or other subjects they are interested in.

Business-to-Business Buying and Selling

Thousands of companies that sell products to other companies have discovered that the Web provides not only a 24-hour-a-day showcase for their products but a quick way to reach the right people in a company for more information.

The Security of Business Transactions

Security includes authenticating business transactors, controlling access to resources such as Web pages for registered or selected users, encrypting communications, and, in general, ensuring the privacy and effectiveness of transactions. Among the most widely-used security technologies is the Secure Sockets Layer (SSL), which is built into both of the leading Web browsers.

Getting started with e-commerce

To explore how e-commerce is used in the enterprise, here is an additional resource:

R&D

Almost all training and education providers in Australia have a website through which they provide information on courses being offered on their premises or campus - topics covered, availability, when offered and costs. A number of training providers offer online training courses. These have the advantage that they can be undertaken by staff at a time of their choosing and they are not restricted to the training courses offered by institutions in their own city, town or area. The convenience of delivery, and the range of training material offered online across a whole range of disciplines, activities and services, means that staff training is more accessible and potentially more timely and relevant than ever before.

What to do

Many organisations offer training in the use of the Internet and how businesses can maximise the effectiveness of email and their websites.

Try the e-business training section in this website - the link is on the right-hand side of the screen under the Resources heading.

Try the following sources in your local area who might provide training courses or know who does:

• TAFE colleges
• private providers - look in the Yellow Pages ® eg under Computer Training Services
• your local library or local council may know of local training providers
• your industry association
• business advisors who are supported by government and local communities
• your computer suppliers.

Further information sources

You might like to try these websites as sources of information about training courses in Australia:

Courses.com.au

A nationwide directory of short courses, Courses.com.au lists 12,000 courses throughout Australia. Course providers are entitled to list their basic course details on this website for a small fee. The site is free to users. Note on searching this site: the e-businessguide website describes e-business as "doing business using the Internet". The courses.com.au website does not use this language. Instead it focuses on the individual activities that make up e-business such as "email" or "web page design". When you search the courses.com.au database after selecting your state, click a category, either Computing & IT or Business & Finance. You can then select your regional area. Training providers are continually changing their courses so contact the training provider to obtain their course timetable and details of their specific courses. http://www.courses.com.au/index.cfm

National Training Information Service

This website provides a database of vocational education and training in Australia. It contains detailed information on courses, qualifications, training packages, competency standards and training organisations. Note on searching this site: NTIS - the National Training Information Services, provides information about accredited vocational education and training (VET) courses. Click on Courses/Qualifications, then type in e-business (with a hyphen) in the Course Title/ Qualification box. Click on search. Click on the course you are interested in and then "Show all details for this item" button. It is also possible to limit your search by state. If you cannot find the type of course you are looking for, consider searching for business or computing